Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Discovery Director (DDD) 5.1 Hardening Guide

    • Updated:
    • 17 Jul 2021
    • Product/Version:
    • Deep Discovery Director 5.1
    • Platform:
    • N/A

This article gives a high-level overview of the security hardening and features implemented in DDD 5.1 appliance.


DDD uses the Linux Kernel from CentOS 7 and remove unnecessary tools/software/services to secure the environment.

According to Trend Micro security policy, when DDD receives a CVE or ZDI vulnerability report, DDD will do CVSS evaluation. If the vulnerability has impacted DDD, DDD will release a critical patch or resolve it in next major release.

DDD informs the user to change the default password for admin in the Admin Guide.

DDD grants access to the management console by user accounts. The built-in administrator account can create both local account and account from AD if integrated with AD. To access the management console, each user account requires a logon password.

The management console accepts passwords that contain the following:

  • 8 to 32 characters
  • At least one upper case letter: A to Z
  • At least one lower case letteR: a to z
  • At least one number: 0 to 9
  • At least one special character: ~!`@#$%^&*()/_+=[] {}-\|<>',.?:;"

Observe the following guidelines for creating a strong password:

  • Avoid words found in the dictionary.
  • Intentionally misspell words.
  • Use phrases or combine words.
  • Use both uppercase and lowercase letters.
  • Account Role.

DDD has three kinds of account roles: Administrator, Investigator and Operator:

  • The Administrator takes full control of DDD.
  • The Investigator has read-only access to all management console features, but download access to investigation package and pcap data.
  • The Operator has read-only access to all management console features.

DDD accesses several Trend Micro services to obtain information about emerging threats and to manage your existing Trend Micro products. For more information, refer to Appendices of the DDD Administration Guide (Appendix A > Service Addresses and Ports).

DDD enforces TLS 1.2 to ensure compliance and security for data in motion.

DDD can export a backup file of most configuration settings and the database. Use the backup file to restore DDD to a previous point in time. Use the backup file on another server, when the active server is unresponsive and cannot be restored, to restore operation and minimize downtime.

For backed up configuration settings, refer to DDD Administration Guide (Administration > System Maintenance > Back Up).

Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.