Recommendation
Identifying trusted domains and services in the network not only ensures detection of unauthorized domains, applications, or services, but also avoids unnecessary detections of trusted domains and services that become a distraction for important detections that need more attention.
Therefore, Trend Micro recommends:
- Checking with the customers and registering all their trusted network domains and dedicated servers for specific services that they use internally or consider trustworthy.
- Exporting all the current network configuration via Export function as backup.
Configuration
To register trusted domains (up to 1,000 entries), do the following:
-
Go to Administration > Network Groups and Assets > Registered Domains.
-
In the Domain field, specify a domain name to be registered. Registered domain names appear in the Defined Registered Domains section.
As an optional step, you may click Analyze to display the detected domains that DDI had already observed in the network. This simplifies the process of trusted domain registration.
-
Click Add.
To register trusted services (up to 1,000 entries), do the following:
-
Go to Administration > Network Groups and Assets > Registered Services.
-
Select a service from the drop-down list.
As an optional step, you may click Analyze to display the detected services that DDI had already observed in the network. This simplifies the process of trusted service registration.
- In the Server name field, specify a server name.
-
In the IP address field, specify an IPV4/IPV6 IP address.
IP address ranges cannot be specified - Click Add.