Views:

DDI uses customized Linux kernel and remove unnecessary tools/software/command to secure the environment.

According to Trend Micro security policy, when DDI receives a CVE or ZDI vulnerability report, DDI will do CVSS evaluation. If the vulnerability has impacted DDI, DDI will release a critical patch to resolve it.

When DDI is started for the first time, DDI will ask the user to change the default admin password.

DDI grants access to the management console by user accounts. The built-in administrator account can create a maximum of 127 accounts. To access the management console, each user account requires a logon password.

The management console accepts passwords that contain the following:

  • 6 to 32 characters

  • Characters from at least three of the following categories:

    • Uppercase (A-Z)
    • Lowercase (a-z)
    • Numeric (0-9)
    • Special characters: ` ~ ! @ # $ % ^ & * ( ) - _ + = [ ] { } \ | < > , . / ? : ; ' "

Observe the following guidelines for creating a strong password:

  • Avoid words found in the dictionary.
  • Intentionally misspell words.
  • Use phrases or combine words.
  • Use both uppercase and lowercase letters.
  • Account Role.

DDI has two kinds of account roles. One is Administrator and the other is Viewer. The Administrator takes full control of DDI. The Viewer can only see the detection results but cannot change any setting.

DDI accesses several Trend Micro services to obtain information about emerging threats and to manage your existing Trend Micro products. For more information, refer to Chapter 6 of the DDI Administration Guide (Administration > Integrated Products/Services > Service Addresses and Ports).

DDI has the ability to enforce TLS 1.2 ensuring compliance and security for data in motion. This is a new feature in DDI.

Configuration settings include both DDI and network configuration settings. Back-up configuration settings by exporting them to an encrypted file. If needed, import this file to restore settings.

DDI can be reset by restoring it to factory default settings

The following settings cannot be backed up:

  • Appliance IP settings
  • Control Manager settings
  • Licenses and Activation Codes
  • Mitigation Device settings
  • Retro Scan settings
  • Smart Protection settings in the Web Reputation screen
  • Threat Management Services Portal settings
  • Virtual Analyzer settings except File Submissions and Passwords
  • HTTPS Certificate

  • Deep Discovery Inspector 510/1100: Raid 1 configuration
  • Deep Discovery Inspector 4100: Raid 10 configuration
Keywords: features,hardening guide,DDI hardening guide,kernel environment,change default password,service address and ports,back up configuration,backup configuration,security hardening,security hardening guide