CTD product support capabilities

Connected Threat Defense (CTD) product support capabilities of Control Manager (TMCM) / Apex Central 2019

- Updated:
- 17 Jul 2020
- Product/Version:
- Apex Central 2019
- Control Manager 7.0
- Platform:

Integrated features of Suspicious Object Synchronization between TMCM/Apex Central 2019 and Managed Products

Product	Which SO does product use for detection	Take action based on configuration on TMCM or Apex Central 2019 directly	Send WRS request to SPS (for SO URL)
OSCE 11.0 SP1	IP, URL(query SPS), File, Domain(XG Sp1)	Yes	Yes (also takes action based on the TMCM/Apex Central SO Settings)
Apex One 2019	IP, URL(query SPS), File, UDSO-SHA1 (requires Application Control), Domain	Yes	Yes (also takes action based on the TMCM/Apex Central SO Settings)
DS 10.0	URL(query SPS), File	Yes	Yes (also takes action based on the TMCM/Apex Central SO Settings)
IMSVA 9.1 Patch 1 Hot Fix 1690	URL(query SPS), File	Yes	Yes (also takes action based on the TMCM/Apex Central SO Settings)
IWSVA 6.5 SP2 Patch 2	IP, URL, File, UDSO-SHA1, Domain	No
TMEAC 2.0 SP1	File, UDSO-SHA1	Yes
SPS 3.3	URL	Yes
CAS 5.0	URL, File, UDSO-SHA1	Yes
SMEX 12.5 SP1	URL(query SPS), File	No	Yes (Only get the URL SO ratings from SPS; actions are decided on the product side)
SMiD/SMLD 5.5	URL(query SPS)	No	Yes (Only get the SO ratings from SPS; actions are decided on the product side)
DDI 3.8	IP, URL, File, UDSO-SHA1, Domain	No
TMEMS (SaaS)	File, URL, UDSO-SHA1	No
TippingPoint	IP, Domain	No	No

Where:

UDSO-SHA1: User should input SHA1 value directly into CM as UDSO.
Query SPS: The SPS product needs to be integrated in the CTD environment. TMCM/Apex Central 2019 and DDAN are the URL SO sources of SPS.

Product	Auto deploy CM API key	Suspicious Object Sync Now
OSCE XG SP1	Yes	Yes (Send suspicious object lists to managed products.)
Apex One 2019	Yes	Yes (Send suspicious object lists to managed products.)
DS 10.2	Yes	Yes (Send suspicious object lists to managed products.)
DDAN 6.0	No	Yes (Synchronize Virtual Analyzer suspicious object lists)
DDI 5.0	No	Yes (Send suspicious object lists to managed products & Synchronize Virtual Analyzer suspicious object lists)
DDEI 3.0	No	No
IMSVA 9.1	Yes	No
IWSVA 6.5 SP2 Patch 2	No	No
SMEX 12.5	No	No
TMEAC 2.0 SP1 Patch1	Yes	No
SPS 3.3	Yes	Yes (Sync Now - Send suspicious object lists to managed products.)*
TMES 1.6 Update 3	No	No
TMEMS (SaaS)	Yes	Yes (Send suspicious object lists to managed products.)

Integrated features of Sample Submission between TMCM/Apex Central 2019 and Managed products

Sample Submission to DDAN

Product	Sample submission to DDAN	TMCM/Apex Central 2019 Auto deploy DDAN API key to products	Send Virtual Analyzer detection log to TMCM/Apex Central 2019
OSCE XG SP1	Yes	Yes	Yes
Apex One 2019	Yes	Yes	Yes
DS 10.0	Yes	Yes	No
DDAN 6.0	No	No	No
DDI 5.0	Yes	No	No
DDEI 3.0	Yes	No	No
IMSVA 9.1	Yes	No	No
IWSVA 6.5 SP2 Patch 2	Yes	No	No
SMEX 12.5	Yes	No	Yes
TMEAC 2.0 SP1 Patch 1	No	No	No
SPS 3.3	No	No	No
TMES 1.6 update 3	Yes	No	Yes

Sample Submission to Sandbox as a Service™

Product	Sample Submission to Sandbox as a Service™	Apex Central 2019 Auto Deploy Sandbox as a Service™ Information to Products	Send Virtual Analyzer detection log to TMCM/Apex Central 2019
DDI 5.1	Yes	No	No
Apex One 2019	Yes	Yes	Yes

Integration between products and SPS for URL Suspicious Object detection

Product	Send WRS request to SPS	Use Scan Action provided from SPS
OSCE 11 SP1	Yes	Yes*
DS 10.0	Yes	Yes*
IMSVA 9.1	Yes	Yes*
SMEX 12.5	Yes	No*
SMiD/SMLD 5.5	Yes	No*

Where

Yes* : Query SPS and take action based on the SO action SPS syncs from TMCM.
No* : Get the URL SO rating from SPS and actions are decided on product side.

The product versions listed in the tables are not the original version which started to support the CTD solution, but the version has latest CTD product support capabilities in TMCM 7.0/Apex Central 2019.