Before you begin

Before you configure URL Threat Analysis, gather the following DD Analyzer device information:
  • IP address — In IPv4 format.
  • API key — Located in the HelpAbout page on the DD device management console in your browser.
  • Certificate — The SSL certificate used for web requests to the DD Analyzer. Import the certificate to the SMS from the DD device management console.
For more information about the DD Analzyer, see the DD Analyzer documentation on the Trend documentation site.
To connect the SMS to the DD Analyzer and enable URL Threat Analysis:

Procedure

  1. From the Events workspace, click URL Threat Analysis in the navigation pane.
  2. Under URL Threat Analyzer Configuration, click Edit.
  3. In the URL Threat Analyzer Configuration options, select Enable URL Forwarding.
  4. Select a saved inspection event query.
    For more information about the saved inspection event query, see Prerequisites.
  5. Select Add High Risk Analysis Results to URL Reputation Database to ..
  6. Enter the DD Analyzer device IP address.
  7. Enter the API key.
  8. Enter the certificate.
  9. Click OK.
    • If registration is successful, the SMS starts sending URLs from the events to the DD Analzyer, and the DD Analyzer device configuration is displayed in the URL Threat Analyzer Configuration panel on the URL Threat Analysis page.
    • If registration is unsuccessful, an error message is displayed, and the SMS redirects you to the URL Threat Analyzer Configuration options.
  10. (Optional) To unregister the DD Analyzer from the SMS and stop the SMS from sending URLs to the DD device, do one of the following:
    • Clear Enable URL Forwarding in the URL Threat Analyzer Configuration options to simply disable URL forwarding. The configuration settings are still saved when you clear Enable URL Forwarding.
    • Click Reset on the URL Threat Analysis page to delete the current DD device configuration settings as well as disable URL forwarding.