Virtual Analyzer updated default File Submission Rules

Updated default File Submission Rules for Virtual Analyzer in Deep Discovery Inspector (DDI) 5.0

- Updated:
- 27 Nov 2017
- Product/Version:
- Deep Discovery Inspector 5.0
- Platform:
- N/A N/A

DDI allows users to create file submission rules to ensure that suspicious files are analyzed. File submission rules check files based on detection types, detection rules, and file properties.

File submission rules for Virtual Analyzer can be configured at the management console via Administration > Virtual Analyzer > File Submissions.

The default file submission settings in DDI 5.0 are updated as shown in the following, to support analyzing HTML File Type in Email Protocol:

Click image to enlarge

Recommended Action

For users who did the fresh installation of DDI 5.0:
- Default file submission rules for Virtual Analyzer are shown above.
For users who upgraded to DDI 5.0 via migration:
- The original file submission rules for Virtual Analyzer are kept.
- The new default settings can be applied using the "Reset" feature.
  
  Click image to enlarge

For DDI versions earlier than version 5.0:

The new default settings can be applied using the "Import" feature, the settings (va_ploicy.dat) can be downloaded using this link.

Click image to enlarge

Trend Micro recommends users to back up the original file submission rules using the Export feature before applying any new configuration.

Need More Help?

Updated default File Submission Rules for Virtual Analyzer in Deep Discovery Inspector (DDI) 5.0

Recommended Action