Review the options available for integrating and enabling analysis of suspicious files in a virtual sandbox for your Deep Discovery Inspector appliances.
Trend Vision One Network Security provides several ways to help manage your Deep Discover Inspector
sandbox settings and how suspicious objects are analyzed. Different management options
are available depending on how you configure the sandbox options on your appliance.
|
Sandbox type
|
Sandbox
|
Description
|
|
External
|
Send to sandbox for Deep Discovery Inspector
|
Enable in Network Inventory to automatically send suspicious object samples to a virtual
sandbox for analysis
By leveraging the Send to sandbox feature in Trend Vision One, you can reduce the workload needed to prepare and configure a Virtual Analyzers.
Results are available in the Sandbox Analysis app.
|
|
Sandbox as a Service
|
By connecting a Deep Discovery Inspector appliance with an active Sandbox as a Service
license, you can integrate the service to allow sharing of analysis reports with Trend Vision One
This option requires an active Sandbox as a Service license. If you do not have an
active license, but still want to leverage Trend Vision One, consider using Send to sandbox for Deep Discovery Inspector.
For more information, see Integrating a Deep Discovery Inspector
virtual appliance with Sandbox as a Service
|
|
|
Deep Discovery Analyzer
|
By connecting a Deep Discovery Analyzer appliance to Trend Vision One, analysis results with a high risk score are shared to the Sandbox Analysis app
The information shared by Deep Discovery Analyzer is limited compared to other options.
To view all analysis results, access the Deep Discovery Analyzer appliance console.
For more information on connecting your Deep Discovery Analyzer appliance, see Product Instance.
|
|
|
Internal
|
Virtual Analyzer
|
Trend Vision One Network Security provides a set of features to centrally manage the Virtual Analyzer
configurations of your connected appliances, such as image deployment plans
The Virtual Analyzer is best suited for security environments that are air-gapped,
or if you wish to manage the sandbox configuration yourself. This sandbox type requires
using the Virtual Analyzer Image Preparation Tool. Suspicious object samples and analysis
reports are not sent to Trend Vision One. Access the Deep Discovery Inspector appliance console to view analysis results.
For more information about plans, see Appliance Plans.
For more information about managing images, see Virtual Analyzer Image Source
|