Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Deep Discovery Inspector (DDI) Hardening Guide

    • Updated:
    • 24 Jan 2018
    • Product/Version:
    • Deep Discovery Inspector 5.0
    • Platform:
    • N/A N/A
Summary

This article gives a high-level overview of the security hardening and features implemented in DDI appliance.

Details
Public

DDI uses customized Linux kernel and remove unnecessary tools/software/command to secure the environment.

According to Trend Micro security policy, when DDI receives a CVE or ZDI vulnerability report, DDI will do CVSS evaluation. If the vulnerability has impacted DDI, DDI will release a critical patch to resolve it.

When DDI is started for the first time, DDI will ask the user to change the default admin password.

DDI grants access to the management console by user accounts. The built-in administrator account can create a maximum of 127 accounts. To access the management console, each user account requires a logon password.

The management console accepts passwords that contain the following:

  • 6 to 32 characters
  • Characters from at least three of the following categories:

    • Uppercase (A-Z)
    • Lowercase (a-z)
    • Numeric (0-9)
    • Special characters: ` ~ ! @ # $ % ^ & * ( ) - _ + = [ ] { } \ | < > , . / ? : ; ' "

Observe the following guidelines for creating a strong password:

  • Avoid words found in the dictionary.
  • Intentionally misspell words.
  • Use phrases or combine words.
  • Use both uppercase and lowercase letters.
  • Account Role.

DDI has two kinds of account roles. One is Administrator and the other is Viewer. The Administrator takes full control of DDI. The Viewer can only see the detection results but cannot change any setting.

DDI accesses several Trend Micro services to obtain information about emerging threats and to manage your existing Trend Micro products. For more information, refer to Chapter 6 of the DDI Administration Guide (Administration > Integrated Products/Services > Service Addresses and Ports).

DDI has the ability to enforce TLS 1.2 ensuring compliance and security for data in motion. This is a new feature in DDI.

Configuration settings include both DDI and network configuration settings. Back-up configuration settings by exporting them to an encrypted file. If needed, import this file to restore settings.

DDI can be reset by restoring it to factory default settings

The following settings cannot be backed up:

  • Appliance IP settings
  • Control Manager settings
  • Licenses and Activation Codes
  • Mitigation Device settings
  • Retro Scan settings
  • Smart Protection settings in the Web Reputation screen
  • Threat Management Services Portal settings
  • Virtual Analyzer settings except File Submissions and Passwords
  • HTTPS Certificate
  • Deep Discovery Inspector 510/1100: Raid 1 configuration
  • Deep Discovery Inspector 4100: Raid 10 configuration
Premium
Internal
Rating:
Category:
Configure; SPEC
Solution Id:
1119282
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.