Deep Discovery Inspector

Detect targeted attacks and targeted ransomware
anywhere in your network

Key Features

Monitor everything

Hackers try to exploit unmonitored network ports or use a specific network protocol that isn’t being monitored, but Trend Micro™ Deep Discovery™ Inspector provides 360 degrees of visibility by monitoring all network ports and over 105 different protocols. A single Deep Discovery Inspector appliance monitors east-west traffic (also known as lateral movement) and north-south traffic.

Windows® Mac® AndroidTM iOS new Power Up

Extensive detection techniques

Deep Discovery Inspector uses XGen™ security, a blend of cross-generational techniques to ensure the highest detection rate with the lowest false positives:

  • Web filtering with URL reputation
  • Local network content correlated with comprehensive threat intelligence
  • Lateral movement detection
  • Behavioral analysis
  • Machine-learning optimized relevance pattern for detecting command-and-control (C&C) behavior
  • Custom sandbox analysis
Windows® Mac® AndroidTM iOS new Power Up

Custom sandboxing

Unlike other sandbox solutions that use a standard OS and apps template, Deep Discovery uses custom sandboxes. Virtual images are used to match operating system configurations, drivers, installed applications, and language versions. Difficult for hackers to evade, they include a “safe live mode” to analyze multi-stage downloads, URLs, command-and-control (C&C), and more. Sandboxing is offered as part of an integrated appliance or as a scalable, stand-alone capability.

Windows® Mac® AndroidTM iOS new Power Up

Integrated security

Deep Discovery not only integrates with TippingPoint but also with SIEM solutions (ArcSight, Splunk and QRadar) and firewalls (Palo Alto Networks and Check Point). An open web API allows your organization to integrate Deep Discovery Inspector to any existing security investment, providing defense in depth protection that best meets your needs.

Windows® Mac® AndroidTM iOS new Power Up
  500/1000 Series 4000 Series 9000 Series
Hardware Model
520/1200 4200
9200
Throughput 500 Mbps / 1 Gbps
4 Gbps 10 Gbps
Sandboxes Supported
2/4
20
30
Form Factor
1U Rack-Mount, 48.26 cm (19") 2U Rack-Mount, 48.26 cm (19")
2U Rack-Mount, 48.26 cm (19")
Weight
17.5kg (38.58 lb)
28.6 kg (63.05 lb)
31.5 kg (69.45 lb)
Dimensions (WxDxH)
43.4 cm (17.08") x 72.8 cm (28.68") x 4.28 cm (1.69")
43.4 cm (17.08”) x 75.13 cm (29.58”) x 8.68 cm (3.42”)
48.2 cm (18.98”) x 75.58 cm (29.75”) x 8.73 cm (3.44”)
Management Ports
10/100/1000 BASE-T RJ45 Port x 1
iDrac Enterprise RD45 X 1
10/100/1000 BASE-T RJ45 Port x 1
iDrac Enterprise RD45 X 1
10/100/1000 BASE-T RJ45 Port x 1
iDrac Enterprise RD45 X 1
Data Ports
10/100/1000 BASE-T RJ45 Port x 5
10Gb SFP+ with SX tranceiver x 4
10/100/1000 Base-T RJ45 Port x 5
10Gb SFP+ SR transceiver x 4
10/100/1000 Base-T RJ45 Port x 5
AC Input Voltage
100 to 240 VAC
100 to 240 VAC
100 to 240 VAC
AC Input Current
7.4A to 3.4A
10A to 5A
10A to 5A
Hard Drives
2 x 1 TB 3.5 inch SATA
4 x 1 TB 3.5 inch SATA
4 x 1 TB 3.5 inch SATA
RAID Configuration
RAID 1
RAID 10
RAID 10
Power Supply
550W Redundant
750W Redundant
750W Redundant
Power Consumption (Max.)
750W (Max.)
847W (Max.)
847W (Max.)
Heat
2559 BTU/hr (Max.)
2891 BTU/hr (Max.)
2891 BTU/hr (Max.)
Frequency
50/60 Hz
50/60 Hz
50/60 Hz
Operating Temp.
10-35 °C (50-95 °F)
10-35 °C (50-95 °F)
10-35 °C (50-95 °F)
Hardware Warranty
3 Years
3 Years
3 Years
Attack Illustration

Prevent data breaches

Deep Discovery Inspector is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.

Detect targeted ransomware

Organizations are increasingly becoming victims of targeted ransomware when advanced malware bypasses traditional security, encrypts data, and demands payment to release the data. Deep Discovery Inspector uses known and unknown patterns and reputation analysis to detect the latest ransomware attacks, including WannaCry. The customized sandbox detects mass file modifications, encryption behavior, and modifications to backup and restore processes.

 

Stop spear phishing

Deep Discovery Email Inspector stops targeted ransomware attacks by blocking targeted spear phishing emails before they are delivered.

Identify threats

Leverage standards-based advanced threat intelligence sharing (e.g. STIX/TAXII and YARA) to keep ahead of threats. Deep Discovery automates the sharing of threat information across Trend Micro and third-party security solutions to strengthen multiple links in the security chain at the same time.

Prioritize threats

Security professionals are flooded with threat data coming from numerous sources. Network analytics help prioritize threats and provide visibility into an attack. By looking back up to 90 days, you will be able to see the first point of entry, who else in the organization is impacted, and with who the threat is communicating (for example, Command and Control).

Extend your detection and response capabilities with managed XDR

We offer 24/7 alert monitoring, alert prioritisation, investigation, and threat hunting as a managed service. Trend Micro XDR includes standard or advanced service packages across email, endpoints, servers, cloud workloads, and networks.

Simplify your decision

“Recommended” Breach Detection System 5 years in a row
 

Achieved Advanced Threat Defense (ATD) certification in independent testing from ICSA Labs.

What customers say

Republic National Distributing Company (RNDC) 

"Trend Micro Deep Discovery is looking at those dark corners of the network to see if there is traffic that deviates from baseline. It gives us visibility into our network, so we can immediately see and shut down anything malicious before it becomes a problem." more

John Dickson,
Director IT Infrastructure, RNDC

More success stories

Get started with Deep Discovery Inspector

Protect more

Protect more

Deep Discovery Analyzer provides advanced sandbox analysis and detects threats to extend the value of your security products.

TippingPoint® Threat Protection System gives you high-speed, inline IPS inspection, and comprehensive threat protection against known and undisclosed vulnerabilities with high accuracy and low latency.