- Products
- Network One
- Advanced Threat Protection & Detection
- Network Analytics and Threat Sharing
Network Analytics and Threat Sharing
Correlate and visualise advanced threat events to prioritise your response
Integrated products
- Trend Micro™ Deep Discovery™ Director 3.0 or later
- Trend Micro™ Deep Discovery Inspector™ 5.1 or later
Virtual appliance
- Virtual machine with the following minimum specifications:
- Hypervisor: VMware® vSphere ESXi 6.5, Microsoft® Hyper-V® in Windows® Server 2016
- Deep Discovery Director Network Analytics is an appliance based on CentOS Linux® 7 (64-bit)
- Network interface card: 1 with 1 Gbps adapter
- SCSI controller: LSI Logic Parallel
- CPU: 1.8 GHz (8-12 cores)
- Memory: 64 GB
- Hard disk: 6 TB (thick provisioned)
| XDR add-on: Deep Discovery Inspector | Deep Discovery Network Analytics on-premises | Deep Discovery Network Analytics 9000 Series appliance | |
| Combined Deep Discovery Inspector throughput | 1Gbps – 20Gbps | 1Gbps – 4Gbps | 5Gbps – 10Gbps |
| Form factor | SaaS | Requires on-prem storage (~7TB per Gbps) | 1U Rack-Mount, 48.26 cm (19”) |
| Event data retention | Up to 180 Days | Up to 90 Days | Up to 365 Days |
| Prerequisite solution | Deep Discover Director (virtual appliance) optional | Deep Discovery Director (virtual appliance) | None |
| Dimensions (WxDxH) | N/A | N/A | 43.4 (17.08") x 72.8 (28.68") x 4.28 (1.69") cm |
| Weight | N/A | N/A | 17.5kg (38.58 lb) |
| Data Ports | N/A | N/A | 10/100/1000 BASE-T RJ x 1 |
| AC Input Voltage | N/A | N/A | 100 to 240 VAC |
| AC Input Current | N/A | N/A | 7.4A to 3.7A |
| Hard Drives | N/A | N/A | 7 x 1.92TB |
| RAID Configuration | N/A | N/A | RAID 5 |
| Power Supply | N/A | N/A | 550W Redundant |
| Power Consumption (Max) | N/A | N/A | 604W |
| Heat | N/A | N/A | 2559 BTU/hr (Max.) |
| Frequency | N/A | N/A | 50/60 Hz |
| Operating Temp | N/A | N/A | 10 to 35 °C (50-95 °F) |
| Hardware Warranty | N/A | N/A | 3 Years (extendable to 5 years) |
With this configuration and a typical enterprise level of network traffic, Deep Discovery Director Network Analytics can service:
| Deep Discovery Network Analytics | XDR add-on: Deep Discovery Inspector |
| Up to 4 Gbps of combined Trend Micro™ Deep Discovery Inspector™ throughput Eg. 1 DDI 4000 or 4 DDI 1000 |
Up to 20 Gbps of combined Deep Discovery Inspector throughput Eg 2 DDI 9000 or 5 DDI 4000 |
Management console
- Google Chrome™ latest version
- Mozilla™ Firefox™ latest version
- Microsoft® Internet Explorer® latest version
- Recommended resolution: 1,280x800 or higher
Prioritise and simplify attack data
Detecting, alerting, and blocking threats can produce a glut of data. To assist security professionals in the time-consuming task of combing through potentially thousands of alerts or logs, Deep Discovery Inspector with XDR correlates all the events to show what the first point of entry was by identifying patient zero, who else has been breached, so you can see the full scope of the attack, where the threat is calling out to, how the threat made its original infection,* and others who may also be a target.**
* requires Trend Micro Apex One as a Service with XDR
**requires Trend Micro Cloud App Security with XDR
Detect threats faster with advanced sharing
Staying ahead of the threat landscape is difficult, especially when you are managing multiple security solutions. Deep Discovery ingests the latest advanced threat intelligence, or IoCs, from threat feeds and custom inputs (STIX/TAXII and YARA) and shares the IoCs with Trend Micro and third-party solutions.
This enables all the connected products to detect and block the previous unknown threats, giving your security operations centre (SOC) greater visibility and control against attacks.
See what you’ve been missing
When investigating an attack, you can’t just look at sensors independently. You need more context to see the full attack.
The XDR capabilities of Deep Discovery Inspector are enabled by its integration to the Trend Micro Vision One™ platform. Advanced detection and response capabilities not only for network, but extends to email, endpoints, and cloud workloads to give you visibility across the security layers. When seen by different security sensors, events that appear benign on their own suddenly become meaningful indicators of compromise. These higher-confidence alerts let you focus your response to the most pressing threats.
Get real-time visualisation of targeted attacks
In some cases, you may think the attack started today, but, in fact, the breach happened weeks ago. An easy-to-read Sankey diagram lets you see every step of the attack, dating back six months. Deep Discovery Inspector with XDR extracts metadata from the network traffic and correlates the events in a graph for real-time visibility. You get faster resolution with fewer people involved and a bigger picture of the full attack.
Get started with Network Analytics and Threat Sharing
