URL Threat Analysis enables the SMS to automatically use the Deep Discovery (DD) Analyzer
device. The DD device analyzes suspicious content in HTTP traffic to detect malware
threats to browsing clients in your network.
Configure URL Threat Analysis to send inspection event URLs from the SMS to the DD
Analyzer. The DD device analyzes the URLs and then sends the threat analysis results
to the SMS. The results are displayed in the URL Threat Analyzer Results panel and
indicate which event URLs might pose a threat. If you have configured reputation filters
to set policies that monitor or block access to discovered Suspicious Objects, any
high risk Suspicious Objects in the result (IP addresses, domains, URLs, and file
hashes) are automatically added to the SMS Reputation Database and used in policy
enforcement. Based on the results, you can make device configuration adjustments,
such as modifying profile action sets or creating a manual response to quarantine
an infected host.
The following information describes how to configure and use URL Threat Analysis:
For more information about the DD Analyzer, see the DD Analyzer documentation on the
Trend
documentation site.