DDI allows users to create file submission rules to ensure that suspicious files are analyzed. File submission rules check files based on detection types, detection rules, and file properties.
File submission rules for Virtual Analyzer can be configured at the management console via Administration > Virtual Analyzer > File Submissions.
The default file submission settings in DDI 5.0 are updated as shown in the following, to support analyzing HTML File Type in Email Protocol:
Click image to enlarge
Recommended Action
-
For users who did the fresh installation of DDI 5.0:
- Default file submission rules for Virtual Analyzer are shown above.
-
For users who upgraded to DDI 5.0 via migration:
-
For DDI versions earlier than version 5.0:
-
The new default settings can be applied using the "Import" feature, the settings (va_ploicy.dat) can be downloaded using this link.
Click image to enlarge
Trend Micro recommends users to back up the original file submission rules using the Export feature before applying any new configuration.