What's New

Table 1. What's New in Deep Discovery Analyzer 7.0

Feature/Enhancement

Details

Network share scanning

You can configure Deep Discovery Analyzer to perform a scheduled or on-demand scan on files in specified network share locations.

Interactive mode

The interactive mode feature in Deep Discovery Analyzer enables user interaction during sample analysis in a secured Virtual Analyzer environment through VNC (Virtual Network Computing) connections.

Enhanced interface management

Deep Discovery Analyzer provides enhanced interface management to include the following features:

  • Network interface card (NIC) teaming

  • Optional 10Gbps fiber NIC support on hardware model 1200

  • Interface configuration for the management port

Enhanced Virtual Analyzer

The internal Virtual Analyzer has been enhanced. This release adds the following features:

  • Windows 10 20H1 and CentOS 7.8 (64-bit) image support

  • New OpenDocument (ODF) file types (.odt, .odp, and .ods) for Microsoft Office or LibreOffice in Windows images

  • New archive file types (.alz and .egg)

Support for CentOS 7.8 (64-bit) images in Virtual Analyzer enables the following:

  • ELF and shell (.sh) file analysis

  • Custom or pre-defined Linux image (Trend Micro Download Center) import

Enhanced detection capabilities

Deep Discovery Analyzer provides increased protection by improving its detection capabilities. This release includes the following features:

  • Classify password-protected files based on ICAP pre-scan results

  • New archive file types (.alz and .egg) for ICAP pre-scan

  • New file types (ELF, Shell, OpenDocument) for ICAP pre-scan

  • URL scan for FTP addresses containing user name and password information

Enhanced storage maintenance

The storage maintenance feature has been enhanced to include the following options:

  • Storage location for analysis results in a cluster environment (on primary node or both primary and secondary nodes)

  • Detection log deletion

Enhanced failover support in high availability clustering

You can enable the failover option in high availability configuration to have Deep Discovery Analyzer switch to the passive primary appliance when the external connection for Virtual Analyzer becomes unavailable.

Deep Discovery Director integration

Deep Discovery Analyzer integrates with Deep Discovery Director 5.3 to enable the following:

  • Synchronize suspicious object lists from Deep Discovery Director

  • Option to use the synchronized suspicious object list for ICAP pre-scan and Virtual Analyzer analysis

  • Deployment of Linux images from Deep Discovery Director

Enhanced account management

Account management in Deep Discovery Analyzer has been enhanced to include the following:

  • Detect and enforce default password change for local user accounts upon first logon for account security

  • Require users to provide the old password when changing local account passwords

  • Reset administrator password in the preconfiguration console via the serial port

Inline migration from Deep Discovery Analyzer 6.8 and 6.9

On hardware models 1100 and 1200, Deep Discovery Analyzer can automatically migrate the settings of a Deep Discovery Analyzer 6.8 or 6.9 installation to 7.0.