Deep Discovery Web
Inspector prevents
network-based attacks and cyber threats by investigating suspicious domain and network
objects
and associated file types and social engineering attack patterns in web content before
they
can threaten your network. Designed to integrate into your existing network topology,
Deep Discovery Web
Inspector monitors your network for cyber
threats using either transparent bridge or forward proxy mode.
Whichever deployment method is chosen, Deep Discovery Web
Inspector investigates web traffic for
suspicious file types, domains, URLs, or embedded links (URLs). If an object exhibits
malicious behavior, Deep Discovery Web
Inspector can block
the threat and notify security administrators about the malicious activity.
After Deep Discovery Web
Inspector scans a
network object for known threats in the Trend Micro Smart Protection Network, it passes
suspicious files to the Virtual Analyzer sandbox environment for simulation. Virtual
Analyzer
opens files to test for exploit code, Command & Control (C&C) and botnet connections,
and other suspicious behaviors or characteristics.
After investigating the suspicious object, Deep Discovery Web
Inspector assesses the risk using
multi-layered threat analysis. Deep Discovery Web
Inspector calculates the risk level based on the highest risk assigned between the
Deep Discovery Web
Inspector scanners and Virtual
Analyzer.
Deep Discovery Web
Inspector acts upon
network objects according to the assigned risk level and policy settings. Configure
Deep Discovery Web
Inspector to block the content or monitor
the network content and allow the network content to pass to the end user. While Deep Discovery Web
Inspector monitors your network for
threats, you can access dashboard widgets and reports for further investigation.