Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Discovery Director 5.1 Data Collection Notice

    • Updated:
    • 6 Apr 2020
    • Product/Version:
    • Deep Discovery Director 5.1
    • Platform:
    • N/A
Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the product console where you can disable the features.

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

Details
Public

Threat Connect

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “View in Threat Connect” button in the “Detection Details” view.

Data collected
  • IP address
  • URL
  • host name
Console location

The user manually triggers Threat Connect connection in the “Detection Details” view of a network detection.

  • Detection Details > Connection Details
Console settings

View in Threat Connect

Threat Connect

Data collected
  • IP address
  • URL
  • host name
Console location

The user manually triggers Threat Connect connection in the “Detection Details” view of an email detection.

  • Detection Details > Connection Details
Console settings

View in Threat Connect

Threat Connect

Back to top

Domain Exceptions

The administrator can add domains that they consider safe to an exception list.

Data is only collected when the administrator manually adds domain names on the management console.

Data collectedDomain name
Console locationAdministration > Network Analytics > Domain Exceptions
Console settings

Domain Exceptions

Domain Exceptions

Back to top

Priority Watchlist

The administrator can add servers that they consider high-priority for tracking and reporting.

Data is only collected when the administrator manually adds IP addresses on the management console.

Data collectedIP address
Console locationAdministration > Network Analytics > Priority Watch List
Console settings

Priority Watch List

Priority Watchlist

Back to top

Registered Services

The administrator can add servers for specific services that their organization uses.

Data is only collected when the administrator manually adds domains name on the management console.

Data collectedIP address
Console locationAdministration > Network Analytics > Registered Services
Console settings

Registered Services

Registered Services

Back to top

Trusted Internal Network

The administrator can specify IP addresses or ranges to treat as part of their trusted internal network.

Data is only collected when the administrator manually adds IP addresses or ranges on the management console.

Data collected
  • IP address
Console locationAdministration > Network Analytics > Trusted Internal Network
Console settings

Back to top

Analysis Report

The administrator can view the correlation data of a correlated event.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Correlated Events” screen.

Data collected
  • IP address
Console locationDetections > Correlated Events
Console settings

Analysis Report

The administrator can view the correlation data of a synchronized suspicious object.

Data is only sent when the administrator manually clicks the “Correlation Data” icon on the “Synchronized Suspicious Objects” screen.

Data collected
  • IP address
  • URL
  • domain name
  • file SHA-1s
Console locationThreat Intelligence > Product Intelligence > Synchronized Suspicious Objects
Console settings

Analysis Report

Back to top

RCA Report

Endpoint analysis reports can be collected from Endpoint Sensor to help with correlation.

Data is automatically collected periodically when the administrator enables retrieval of endpoint analysis reports from Apex Central on the management console.

Data collected
  • IP address
  • URL
  • domain name
  • file SHA-1
Console locationAdministration > Integrated Products/Services > Apex Central
Console settings

RCA Report

Back to top

Threat Connect in Correlative Events

Threat Connect allows the administrator to view related threat information from the global intelligence database.

Data is only sent when the administrator manually clicks the “Threat Connect” button in the “Correlation Data” view.

Data collected
  • IP address
  • domain name
Console location

The user manually triggers Threat Connect connection in the “Correlation Data” view of a correlated event.

Console settings

Threat Connect

Threat Connect in Correlative Events

Back to top

Email Encryption

In the Domain List screen, the administrator can specify email domains for email encryption and an email address for receiving key files to complete the domain registration process.

In the Identification screen, the administrator can specify the email address that is used to sign messages with domains that are not part of the Domain List.

Data collected
  • Email domains
  • administrators’ email addresses
Console locationAppliances > Email Encryption
Console settings

email address

domain

default identity

Back to top

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000249240
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.