Deep Discovery Inspector Virtual Appliance Integration with Sandbox as a Service and Trend Micro Vision One

Integrate the Deep Discovery Inspector virtual appliance with Sandbox as a Service to submit files for analysis.

Sandbox as a Service can send Virtual Analyzer Suspicious Objects and Virtual Analyzer Results to Trend Micro Vision One. In addition, the Deep Discovery Inspector virtual appliance can receive elements from the Suspicious Object List and Exception List from Trend Micro Vision One through a Service Gateway.

Tip:

Using a service gateway is not required if you only need to send Virtual Analyzer Suspicious Objects and Virtual Analyzer Results to Trend Micro Vision One.

  1. Sign In to Deep Discovery Inspector's management console.
  2. Verify that Deep Discovery Inspector is connected to Trend Micro Vision One by going to Administration > Integrated Products/Services > Trend Micro Vision One.
    Important: If you did not use a company-specific disk image to deploy the Deep Discovery Inspector virtual appliance, activate your Deep Discovery Inspector license first. For more information, see Activating a Deep Discovery Inspector License Using the Customer Licensing Portal
  3. Configure Sandbox as a Service as Deep Discovery Inspector's virtual analyzer.
    1. Go to Administration > Virtual Analyzer > Setup
    2. Select Sandbox as a Service from the Virtual Analyzer list.
    3. Click Save

    Sandbox as a Service starts sending Virtual Analyzer Suspicious Objects and Virtual Analyzer Results to Trend Micro Vision One. Virtual Analyzer Suspicious Objects are visible in Suspicious Object Management, Virtual Analyzer Results are visible in Sandbox Analysis.

  4. (Optional) Configure Deep Discovery Inspector to receive elements from the Suspicious Object List and Exception List from Trend Micro Vision One
    1. Deploy a Service Gateway. For more information, see Service Gateway Inventory.
    2. Enable the Suspicious Object List synchronization service in your Service Gateway. For more information, see Configuring Service Gateway Settings.
    3. Connect the Deep Discovery Inspector virtual appliance to your Service Gateway. For more information, see Connecting Network Sensors to a Service Gateway
    4. Verify that Deep Discovery Inspector is connected to the Service Gateway by going to Administration > Integrated Products/Services > Trend Micro Vision One > Service Gateway.

    Deep Discovery Inspector starts receiving elements from the Suspicious Object List and Exception List from Trend Micro Vision One. The received objects are visible in Detections > Suspicious Objects.