Views:

Use this option to enable or disable analysis of threat files.

  1. Ensure that the management port can access the Internet; the virtual analyzer may need to query data through this port.
  2. At the Virtual Analyzer Configuration window, check Submit files to Virtual Analyzer.
  3. Select an analysis module.

    • For Internal Analyzer select a network type.

      Table 1. Analyzer Network Types

      Module Option

      Description

      Management Network

      Select this network type to direct virtual analyzer traffic through a management port.

      Custom network / Specified Network

      Select this network type to configure a specific port for virtual analyzer traffic. Ensure that the port is able to connect to an outside network directly.

      No network / Isolated Network

      Select this network type to isolate virtual analyzer traffic within the virtual analyzer, and when the environment has no connection to an outside network.

       

      Table 2. Custom network / Specified network options

      Option

      Action

      Virtual Analyzer port

      Select a Virtual Analyzer port.

      Note:

      Assign a Virtual Analyzer port different from the Deep Discovery Inspector data port.

      Configure IPv4

      Automatically (using DHCP) is selected. This setting cannot be changed.

    • For External Analyzer specify a Virtual Analyzer IP address and an API Key.

    Tip:

    The external analyzer (Deep Discovery Advisor or Deep Discovery Analyzer) has more analysis capability than the internal analyzer (Virtual Analyzer).

  4. (Optional) For the internal Virtual Analyzer, enable and configure a dedicated proxy.
    Note:

    To configure the proxy settings, the management network or custom network must be selected as the network type.

    1. In Proxy Setting select Use dedicated proxy settings.
    2. In Server address, type the proxy server's IP address, host name, or FQDN.
    3. Type the port number.
    4. (Optional) Type the proxy server's authentication credentials.
  5. (Optional) For the internal Virtual Analyzer, select Send possible Mac OS threats to the Trend Micro cloud sandboxes for analysis.
  6. Configure File submission options:
    1. Specify the maximum file size. Changing this setting may affect Deep Discovery Inspector performance.
    2. Enable Certified Safe Software Service (CSSS).
      Note:

      Certified Safe Software Service (CSSS) is the Trend Micro cloud database of safe files. Deep Discovery Inspector queries Trend Micro datacenters to check submitted files against the database.

Parent topic: Deep Discovery Inspector Policy Settings