The DDI Registered Domain and Registered Services settings indicate that DDI, which domains and services (e.g. DNS, FTP, SMTP, etc) are trusted, helps organizations discover non-authorized services or untrusted domains.
Identifying trusted domains and services in the network not only ensures detection of unauthorized domains, applications, or services, but also avoids unnecessary detections of trusted domains and services that become a distraction for important detections that need more attention.
Therefore, Trend Micro recommends:
- Checking with the customers and registering all their trusted network domains and dedicated servers for specific services that they use internally or consider trustworthy.
- Exporting all the current network configuration via Export function as backup.
To register trusted domains (up to 1,000 entries), do the following:
Go to Administration > Network Groups and Assets > Registered Domains.
In the Domain field, specify a domain name to be registered. Registered domain names appear in the Defined Registered Domains section.
As an optional step, you may click Analyze to display the detected domains that DDI had already observed in the network. This simplifies the process of trusted domain registration.
To register trusted services (up to 1,000 entries), do the following:
Go to Administration > Network Groups and Assets > Registered Services.
Select a service from the drop-down list.
As an optional step, you may click Analyze to display the detected services that DDI had already observed in the network. This simplifies the process of trusted service registration.
- In the Server name field, specify a server name.
In the IP address field, specify an IPV4/IPV6 IP address.IP address ranges cannot be specified
- Click Add.