Configuring a Network Share

  1. Go to Virtual Analyzer > Network Shares.
  2. Do one of the following:
    • Click Add to configure a new network share.

    • Click a network share name to change the settings.

  3. Click the Status toggle to enable or disable the network share configuration.
  4. Type a descriptive name for the network share.
  5. Type additional information for the network share.
  6. Select a storage service and configure the required settings.
    • NFS or CIFS storage service

      Table 1.

      Field

      Description

      Server address

      Type the IP address or fully qualified domain name (FQDN) of the network share server.

      Note:

      Make sure the network share server uses UTF-8 encoding to allow Deep Discovery Analyzer to perform sample analysis and display the server address properly.

      Path

      Type the network share path (for example, /Users/Shares/Website).

      User name

      Type the user name to access the network share.

      For domain users, type the user name in the format domain_name\user_name.

      Password

      Type the password to access the network share.

    • AWS S3 storage service

      Note:
      • Enabling network share scanning for AWS S3 may incur additional data transfer cost.

      • Configure the required permissions for Deep Discovery Analyzer to access the AWS S3 storage service for network share scanning.

      Table 2.

      Field

      Description

      Server address

      This field displays the server address for the storage service.

      Path

      Type the bucket name or bucket folder path (for example, my_bucket or my_bucket/my_folder/../).

      Note:

      You must specify at least the bucket name in the path.

      Access key ID

      Type the access key ID that Deep Discovery Analyzer uses to access AWS S3.

      Secret access key

      Type the secret access key that Deep Discovery Analyzer uses to access AWS S3.

      Proxy setting

      If a proxy server is required for Deep Discovery Analyzer to connect to AWS S3, select Connect using system proxy server or Connect using custom proxy setting and configure the required settings.

    • Azure Blob storage service

      Note:
      • Enabling network share scanning for Azure Blob may incur additional data transfer cost.

      • Configure the required permissions for Deep Discovery Analyzer to access the Azure Blob storage service for network share scanning.

      Table 3.

      Field

      Description

      Server address

      This field displays the server address for the storage service.

      Path

      Type the container name or the container folder path (for example, my_container or my_container/my_folder/../).

      Note:

      You must specify at least the container name in the path.

      Account name

      Type the account name that Deep Discovery Analyzer uses to access Azure Storage.

      Access key

      Type the access key that Deep Discovery Analyzer uses to access Azure Storage.

      Proxy setting

      If a proxy server is required for Deep Discovery Analyzer to connect to Azure Blob, select Connect using system proxy server or Connect using custom proxy setting and configure the required settings.

  7. For file matching, configure file name patterns that Deep Discovery Analyzer uses to filter files for scanning. Do the following:
    1. Select to match files based on the inclusion or exclusion list.
      Note:

      If you select to use both lists for file name matching, the exclusion list has a higher priority.

    2. Type one or more file name pattern for the selected list.
      Note:
      • File name patterns are not case sensitive.

      • Deep Discovery Analyzer supports the following wildcards in file name patterns:

        • *: Matches all

        • ?: Matches any single character

        • [seq]: Matches any character in seq

        • [!seq]: Matches any character not in seq

      • You can configure up to 10 file name patterns in a list.

      • The same file name pattern cannot exist in both inclusion and exclusion lists.

      • Deep Discovery Analyzer scans files that match the selected file name pattern list.

  8. Specify the scan action.
    Table 4.

    Action

    Description

    Do not move files after scanning

    Select this option to keep the files in the original folder after scanning. This is the default setting.

    Note:

    To have Deep Discovery Analyzer automatically create the output_ddan output folder, select the Copy analysis report to output folder option.

    Move files

    Select this option to move files to the specified output location after scanning.

    To access the output path using the same access credentials as the network share, select Inherit credentials from network share; otherwise, specify the access credentials for the output path.

    Note:
    • The output path and the network share path cannot be the same.

    • Make sure read-write permissions are set on the output location.

    • Files in the output path are excluded from scanning.

    Delete files with the selected risk level(s) after scanning

    Select this option to delete files with the selected risk levels after scanning.

    Note:

    To have Deep Discovery Analyzer automatically create the output_ddan output folder, select the Copy analysis report to output folder option.

    Deep Discovery Analyzer stores the following generated files in the output folder (which is excluded from scanning):

    • Report files (with the file naming convention id_filename_report.zip)

    • Report metadata files (with the file naming convention id_filename.meta) that contain the original file path information for scanned files.

  9. Select a scan method.
    Note:

    This setting is not applicable if you select the option to move files after scanning.

    • Quick scan: Select this option to only scan files that are modified since the last scan. This is the default setting.

    • Full scan: Select this option scan all files.

    Note:
    • For the first quick scan, Deep Discovery Analyzer performs a full scan and scans only modified files in subsequent quick scans.

    • If you switch from Full scan to Quick scan, Deep Discovery Analyzer scans only modified files after the previous full scan is completed.

  10. Specify other scan settings.
    • Rename detected files: Select this option to rename detected files to prevent accidental execution of malicious files.

      Deep Discovery Analyzer renames detected files in the format id_<original filename>.vir.

      For example, if the original file name is test, the renamed file becomes 56_test.vir.

    • Copy analysis report to output folder: Select this option to create a copy of the analysis report to the output folder.

    Note:

    If you enable a scan setting, make sure read-write permissions are set on the output location.

  11. Configure scheduled scan settings. Do the following:
    1. Click the toggle button to enable or disable scheduled scan.
    2. Select a schedule option and configure the required settings.
      Note:

      If you select Full scan, you can only configure a weekly or monthly schedule.

  12. (Optional) Click Test Connection to test the connection to the network share.
  13. Click Save.
    Tip:

    After you add a network share, you can access the Submitters screen to view the associated sample submissions and adjust the weight value (the default is 4) for Virtual Analyzer resource allocation.