Views:

Deep Discovery Inspector uses customized Linux kernel and remove unnecessary tools/software/command to secure the environment.

According to Trend Micro security policy, when Deep Discovery Inspector receives a CVE or ZDI vulnerability report, Deep Discovery Inspector will do CVSS evaluation. If the vulnerability has impacted Deep Discovery Inspector, Deep Discovery Inspector will release a critical patch to resolve it.

When Deep Discovery Inspector is started for the first time, Deep Discovery Inspector will ask the user to change the default admin password.

Deep Discovery Inspector grants access to the management console by user accounts. The built-in administrator account can create a maximum of 127 accounts. To access the management console, each user account requires a logon password.

The management console accepts passwords that contain the following:

  • 6 to 32 characters

  • Characters from at least three of the following categories:

    • Uppercase (A-Z)
    • Lowercase (a-z)
    • Numeric (0-9)
    • Special characters: ` ~ ! @ # $ % ^ & * ( ) - _ + = [ ] { } \ | < > , . / ? : ; ' "

Observe the following guidelines for creating a strong password:

  • Avoid words found in the dictionary.
  • Intentionally misspell words.
  • Use phrases or combine words.
  • Use both uppercase and lowercase letters.
  • Account Role.

Deep Discovery Inspector has two kinds of account roles. One is Administrator and the other is Viewer. The Administrator takes full control of Deep Discovery Inspector. The Viewer can only see the detection results but cannot change any setting.

Deep Discovery Inspector accesses several Trend Micro services to obtain information about emerging threats and to manage your existing Trend Micro products. For more information, refer to Chapter 6 of the Deep Discovery Inspector Administration Guide (Administration > Integrated Products/Services > Service Addresses and Ports).

Deep Discovery Inspector has the ability to enforce TLS 1.2 ensuring compliance and security for data in motion. This is a new feature in Deep Discovery Inspector.

Configuration settings include both Deep Discovery Inspector and network configuration settings. Back-up configuration settings by exporting them to an encrypted file. If needed, import this file to restore settings.

Deep Discovery Inspector can be reset by restoring it to factory default settings

The following settings cannot be backed up:

  • Appliance IP settings
  • Control Manager settings
  • Licenses and Activation Codes
  • Mitigation Device settings
  • Retro Scan settings
  • Smart Protection settings in the Web Reputation screen
  • Threat Management Services Portal settings
  • Virtual Analyzer settings except File Submissions and Passwords
  • HTTPS Certificate

  • Deep Discovery Inspector 510/1100: Raid 1 configuration
  • Deep Discovery Inspector 4100: Raid 10 configuration
Keywords: TrendAI Deep Discovery Inspector hardening.DDI security best practices,secure Deep Discovery Inspector management console,DDI kernel security,TrendAI Vision One sensor hardening