Summary
This article lists the detailed CTD product support capabilities in TMCM 7.0.
Details
| Product | Which SO does product use for detection | Take action based on configuration on TMCM directly | Send WRS request to SPS (for SO URL) |
|---|---|---|---|
| OSCE 11 SP1 | IP, URL(query SPS), File, Domain(12 Sp1) | Yes | Yes (also takes action based on the CM SO settings) |
| DS 10.0 | URL(query SPS), File | Yes | Yes (also takes action based on the CM SO settings) |
| IMSVA 9.1 Patch 1 Hot Fix 1690 | URL(query SPS), File | Yes | Yes (also takes action based on the CM SO settings) |
| IWSVA 6.5 SP2 Patch 1 | IP, URL, File, UDSO-SHA1, Domain | Yes | |
| TMEAC 2.0 SP1 | File, UDSO-SHA1 | Yes | |
| SPS 3.3 | URL | Yes | |
| CAS 5.0 | URL, File, UDSO-SHA1 | Yes | |
| SMEX 12.5 SP1 | URL(query SPS) | No | Yes (Only get the URL SO ratings from SPS; actions are decided on the product side) |
| SMiD/SMLD 5.5 | URL(query SPS) | No | Yes (Only get the SO ratings from SPS; actions are decided on the product side) |
| DDI 3.8 | IP, URL, File, UDSO-SHA1, Domain | No |
Where:
- UDSO-SHA1: User should input sha1 value directly into CM as UDSO.
- Query SPS: The SPS product needs to be integrated in the CTD environment. TMCM and DDAN are the URL SO sources of SPS.
| Product | Sample submission to DDAN | Auto deploy DDAN API key | Auto deploy CM API key | Suspicious Object Sync Now |
|---|---|---|---|---|
| OSCE XG SP1 | Yes | Yes | Yes | Yes (Send suspicious object lists to managed products.) |
| DS 10.2 | Yes | Yes | Yes | Yes (Send suspicious object lists to managed products.) |
| DDAN 6.0 | No | No | No | Yes (Synchronize Virtual Analyzer suspicious object lists) |
| DDI 5.0 | Yes | No | No | Yes (Send suspicious object lists to managed products & Synchronize Virtual Analyzer suspicious object lists) |
| DDEI 3.0 | Yes | No | No | No |
| IMSVA 9.1 | Yes | No | Yes | No |
| IWSVA 6.5 SP2 patch2 | Yes | No | No | No |
| SMEX 12.5 | Yes | No | No | No |
| TMEAC 2.0 SP1 patch1 | No | No | Yes | No |
| SPS 3.3 | No | No | Yes | Yes (Sync Now - Send suspicious object lists to managed products.)* |
| TMES 1.6 update 3 | Yes | No | No | No |
Sync Now is the command on TMCM console. It composed of two parts:
- Sync Now - Send suspicious object lists to managed products.
- Sync Now - Synchronize Virtual Analyzer suspicious object lists.
| Product | Sample submission to DDAN | TMCM Auto deploy DDAN API key to products | Send Virtual Analyzer detection log to TMCM |
|---|---|---|---|
| OSCE XG SP1 | Yes | Yes | Yes |
| DS 10.0 | Yes | Yes | No |
| DDAN 6.0 | No | No | No |
| DDI 5.0 | Yes | No | No |
| DDEI 3.0 | Yes | No | No |
| IMSVA 9.1 | Yes | No | No |
| IWSVA 6.5 SP2 patch2 | Yes | No | No |
| SMEX 12.5 | Yes | No | Yes |
| TMEAC 2.0 SP1 patch1 | No | No | No |
| SPS 3.3 | No | No | No |
| TMES 1.6 update 3 | Yes | No | Yes |
| Product | Send WRS request to SPS | Use Scan Action provided from SPS |
|---|---|---|
| OSCE 11 SP1 | Yes | Yes* |
| DS 10.0 | Yes | Yes* |
| IMSVA 9.1 | Yes | Yes* |
| SMEX 12.5 | Yes | No* |
| SMiD/SMLD 5.5 | Yes | No* |
Where
- Yes* : Query SPS and take action based on the SO action SPS syncs from TMCM.
- No* : Get the URL SO rating from SPS and actions are decided on product side.
The product versions listed in the tables are not the original version which started to support the CTD solution, but the version has latest CTD product support capabilities in TMCM 7.0.
