Configuring Virtual Analyzer Settings

Use this option to enable or disable analysis of threat files.

  1. Ensure that the management port can access the Internet; the virtual analyzer may need to query data through this port.
  2. At the Virtual Analyzer Configuration window, check Submit files to Virtual Analyzer.
  3. Select an analysis module.
    • For Internal Analyzer select a network type.

      Table 1. Analyzer Network Types

      Module Option


      Management Network

      Select this network type to direct virtual analyzer traffic through a management port.

      Specified Network

      Select this network type to configure a specific port for virtual analyzer traffic. Ensure that the port is able to connect to an outside network directly.

      Isolated Network

      Select this network type to isolate virtual analyzer traffic within the virtual analyzer, and when the environment has no connection to an outside network.

      Table 2. Specified Network Options



      Virtual Analyzer port

      Select a Virtual Analyzer port.


      Assign a Virtual Analyzer port different from the Deep Discovery Inspector data port.

      Configure IPv4

      Automatically (using DHCP) is selected. This setting cannot be changed.

    • For External Analyzer specify a Virtual Analyzer IP address and an API Key.


      The external analyzer (Deep Discovery Advisor) has more analysis capability than the internal analyzer (Virtual Analyzer).

  4. Configure File Type options:
    • Highly suspicious files is selected. This setting cannot be changed.

    • Specify the maximum file size. Changing this setting may affect Deep Discovery Inspector performance.

  5. Enable GRID analysis.

    GRID (Goodware Resource and Information Database) is a Trend Micro list of known good files, codes, and URLs. The list is used to differentiate files that are safe from those that are not. Enabling this option allows selected files to be scanned and classified prior to being submitted to the Virtual Analyzer.