Views:

Smart Feedback

Smart Feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Data collected
  • IP address
  • URL
  • Filename/path
  • Hostname
  • Suspicious executables and partial file content
Console locationAdministration > Monitoring / Scanning > Threat Detections
Console settings
  • Enable Smart Feedback
  • Submit suspicious files to Trend Micro

smart feedback

Back to top

Virtual Analyzer

Disabling Virtual Analyzer prevents the mentioned data being sent to Trend Micro, but will severely impact DDI’s ability to detect advanced malware.

Data collected
  • IP address
  • URL
  • Hostname
  • Filename/path
Console locationAdministration > Virtual Analyzer > Setup
Console settings
  • Submit files to Virtual Analyzer
  • Virtual Analyzer: Internal

virtual analyzer

Back to top

Web Reputation

Disabling Web Reputation prevents the mentioned data being sent to Trend Micro, but will greatly impact DDI’s ability to detect C&C and malicious activities.

Data collectedURL
Console locationAdministration > Monitoring / Scanning > Web Reputation
Console settings

Enable Web Reputation

Enable Web Reputation

Back to top

Community File Reputation

Disabling Community File Reputation related rules prevents the mentioned data being sent to Trend Micro, but will impact DDI’s ability to detect advanced malware.

Data collectedURL
Console locationAdministration > Monitoring / Scanning > Detection Rules
Console settings

Enable/Disable rule 719, 733

Community File Reputation

Back to top

URL Retro Scan

Disabling URL Retro Scan prevents the mentioned data being sent to Trend Micro, but will impact DDI’s ability to detect C&C and malicious activities that occurred in the past but were just known to Trend Micro.

Data collected
  • Endpoint IP addresses
  • URL
Console locationAdministration > Monitoring / Scanning > Web Reputation
Console settings

Enable Retro Scan

Enable Retro Scan

Back to top

Threat Connect

Threat Connect allows admin to view related threat information from the global intelligence database.

Data is only sent out when an admin manually clicks the “View Threat Connect” button in Log detail view.

Data collected
  • IP address
  • URL
  • Hostname
Console location

User manually triggers Threat Connect connection in Log detail view:

  • Detection Details > Connection Details
Console settings

View in Threat Connect

view in Threat Connect

Back to top

Sandbox as a Service for macOS

Disabling Sandbox as a Service for macOS prevents the mentioned data being sent to Trend Micro, but will severely impact Deep Discovery Inspector’s ability to detect advance malware affecting the macOS platform.

Data collected
  • Suspicious files
  • Filename
Console locationAdministration > Virtual Analyzer > Internal Virtual Analyzer > Sandbox Management
Console settings
  • Sandbox for macOS
  • Send possible threats for macOS to Trend Micro Sandbox as a Service for analysis

Sandbox for macOS

Back to top

Sandbox as a Service for Windows

Disabling Sandbox as a Service for Windows prevents the mentioned data being sent to Trend Micro, but will severely impact Deep Discovery Inspector’s ability to detect advance malware affecting the Windows platform.

Data collected
  • Suspicious files
  • Filename
Console locationAdministration > Virtual Analyzer > Setup
Console settings
  • Submit files to Virtual Analyzer
  • Virtual Analyzer: Sandbox as a Service

Sandbox as a Service for Windows

Back to top

Threat Investigation Center

When disabled, all data indicated for this row will not be sent out to the Threat Investigation Center.

Data collected
  • IP address
  • MAC address
  • Hostname
  • Filename/path
  • Email address
  • Email subject
  • Username
  • Domain name
  • URL
  • Network group name
  • Retro Scan Report
  • All System Event Logs
Console locationAdministration > Integrated Products/Services > Threat Investigation Center
Console settings

Threat Investigation Center

Threat Investigation Center

When File Retrieval setting is disabled, all data indicated for this row will not be sent out to the Threat Investigation Center.

Data collected
  • Virtual Analyzer investigation package
  • detected file
  • pcap
Console locationAdministration > Integrated Products/Services > Threat Investigation Center
Console settings

Edit Threat Investigation Center Server

Add or Edit server

Back to top

Deep Discovery Director - Network Analytics as a Service

Unregistering DDD prevents the mentioned data being sent to Trend Micro, but will severely impact network analytics capability for the customer.

Data collected
  • Endpoint IP addresses
  • MAC address
  • Hostname
  • Domain username
  • Domain name
  • URL
  • Server IP address
  • Protocol
  • TCP Port
  • SMB Username
  • RDP username
  • RADIUS username
  • http protocol headers
  • duration of each TCP session
  • SSL certificate information
  • filename
  • email address
  • Size of the data transferred per IP Address per session
  • User realm

  • Certificate Related:

    • Issuer common name
    • Subject common name
    • Issuer organizational unit name
    • Subject organizational unit name
    • Issuer organization name
    • Subject organization name
    • Issuer state or province name
    • Subject state or province name
    • Issuer email address
    • Subject email address
    • Server Name Indication (SNI)
    • Subject Alternate Name
Console locationAdministration > Integrated Products/Services > Deep Discovery Director
Console settings

Management Server

DDD

Click the image to enlarge.

After Deep Discovery Inspector registers to Deep Discovery Director, Deep Discovery Director admin will manually pair Deep Discovery Inspector to Deep Discovery Director- Network Analytics as a Service on Deep Discovery Director management console.

Back to top

Trend Micro Vision One

When unregistered from Network Inventory or Deep Discovery Inspector, all data indicated for this row will not be sent out to Trend Micro Vision One.

Data collected
  • IP address
  • MAC address
  • Host name
  • Filename/path
  • Email address
  • Email subject
  • Username
  • Domain name
  • URL
  • Network group name
  • Retro Scan Report
  • All System Event Logs
Console locationAdministration > Integrated Products/Services > Trend Micro Vision One
Console settings

Trend Micro Vision One

After Deep Discovery Inspector registers to Network Inventory, it will automatically onboard Deep Discovery Inspector to Trend Micro Vision One.

Back to top

Trend Micro Vision One - Service Gateway

When unregistered from Network Inventory, service gateway will be deregistered along with it.

All data indicated for this row will not be sent out to Trend Micro Vision One.

Data collected
  • IP address
  • Suspicious objects
  • URL
  • Virtual analyzer report
  • Network connection status
  • Computer user name
  • Host name
  • MAC address
  • Product status
Console locationAdministration > Integrated Product/Services > Trend Micro Vision One
Console settings

Management Server

Service Gateway

After Deep Discovery Inspector registers to Network Inventory, and manual pair Service Gateway to specific DDI from Vision One > Network Inventory.

Back to top

Keywords: gdpr deep discovery inspector 6.5,gdpr DD inspector 6.5,trend micro gdpr,turn off data gathering,ddi turn off data collection,disable data gathering ddi 6.5,ddi 6.5 DCN,ddi 6.5 vision one,6.5