TREND MICRO
TM
Deep Discovery Inspector 1000/500
Deep Discovery Inspector is a third-generation threat management solution that delivers
advanced persistent threat (APT) and targeted attack visibility, insight, and control.
Deep Discovery Inspector provides IT administrators with critical security information,
alerts, and reports.
Front Panel
Back Panel
© 2015 Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo are trademarks or registered
trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or
registered trademarks of their owners. Information contained in this document is subject to change without notice.
Item Code: APEQ36887/150317
Examining the Deep Discovery Inspector Appliance
Verify that the Deep Discovery Inspector carton contains the following items:
Opening and Inspecting the Carton
Note
: When mounting the appliance, leave at least two inches of clearance on all sides
for proper ventilation and cooling.
1. Mount the Deep Discovery Inspector appliance in a standard 19-inch 4-post
rack, or on a free-standing object, such as a sturdy desk.
2. Connect the appliance to a power source.
3. Connect the monitor to the VGA port at the back of the appliance.
4. Connect the keyboard and mouse to the USB ports at the back of the
appliance.
5. Connect the management port to your network.
6. Power on the appliance.
Setting Up the Hardware
5
Perform the initial preconfiguration from the Preconfiguration Console with any
of the following:
l
VGA port
l
Serial port
For details on how to access the Preconfiguration Console, see the
Preconfiguration chapter in the Installation and Deployment Guide.
1. On the
Preconfiguration Console
logon screen, type the following default
logon credentials:
l
User name
:
admin
l
Password
:
admin
Performing Initial Configuration: Preconfiguration Console
6
You can connect switches with a mirror port to any of the data ports. Deep Discovery Inspector
uses these ports as listening ports and will not interrupt traffic handled by the switches.
Trend Micro recommends using a specified network when using an internal Virtual
Analyzer for analyzing samples. Ideally, specified networks are connected to the Internet,
but do not have proxy settings, proxy authentication, or any connection limitations.
To plan your network deployment environment, see the Deployment Planning section in
the Installation and Deployment Guide.
Deployment Checklist
4
Requirement
Details
Obtain from Trend Micro
Connects to the VGA port of the appliance
Connects to the USB port of the appliance
Connects to the USB port of the appliance
l
One cable connects the management port of the appliance to the
management network.
l
One or more cables connect the data port with a switch mirror port to
monitor traffic.
l
(Optional) One cable connects a data port to a specified network that
is reserved for an internal Virtual Analyzer.
A computer with the following software installed:
l
™
Chrome
™
40.0 or later
l
Microsoft
™
Internet Explorer
™
10.0 or 11.0
l
Mozilla
™
FireFox
™
35.0 or later
l
Adobe
™
Flash
™
player 8.0 or later
l
One static IP address in the management network
l
(Optional) One additional IP address for an internal Virtual Analyzer,
if connected to a specified network with Internet connectivity
Activation Code
Monitor and VGA cable
USB keyboard
USB mouse
Ethernet cables
Internet-enabled computer
IP addresses
Note
: Dual AC power slots provide protection in case one of the AC power slots fails.
Recommended Network Environment
Deep Discovery Inspector is deployed offline. This means that Deep Discovery
Inspector does not interrupt network traffic. A switch monitors both internal and
external traffic and passes the information to Deep Discovery Inspector. Deep
Discovery Inspector uses this information to monitor known and potential threats.
3
2
1
(1) Rack rails
(2) Document and DVD
(3) Power cords
(4) Deep Discovery Inspector appliance
(1) Power button (behind the bezel)
(2) Lock
(3) Data ports
(4) Appliance status indicator connector
(5) Serial connector
1
1
2
2
3
3
4
4
5
6
8
9
10
7
(6) Video connector
(7) Management port
(8) USB 2.0 connectors
(9) Appliance ID button
(10) Power supply connector
l
Website:
http://www.trendmicro.com
l
List of worldwide offices and phone numbers:
http://www.trendmicro.com/us/about-us/contact/index.html
Contact Information
8
1. Using a supported web browser, open the management console at:
https://<Deep Discovery Inspector IP Address>
l
Set the Internet Security level to Medium. Enable ActiveX Binary and Script.
l
Use the IP address that you specified during the initial configuration.
2. On the logon screen, type the following default credentials:
l
User name
:
admin
l
Password
:
admin
3. Click
Log On
.
4. Type a new password, and then retype it to confirm.
5. On
Administration > System Settings > Time / Encoding Options
, set the
system time.
6. On
Administration > License
, activate Deep Discovery Inspector.
The Setup Guide appears.
7. To configure post-deployment settings, follow the steps in the Setup Guide.
For details on how to set up your threat protection, see the Get Started
chapter in the Administrator's Guide.
8. Connect the data port(s) on your Deep Discovery appliance to the traffic
source.
Performing Initial Configuration: Management Console
7
Note
:
2. On the
Preconfiguration Console
main menu, type
2
to select
Device
Settings
and press
Enter
.
3. On the
Device Settings
screen, configure IP address settings.
To set a dynamic IP address:
Use the space bar to toggle the IP address option to
dynamic
.
To set a static IP address:
A. In the
Type
field, use the space bar to toggle the IP address option to
static
.
B. Type the following network settings:
l
IP address (IPv4)
: the default is 192.168.252.1
l
Subnet mask
: the default is 255.255.255.0
l
(Optional)
Gateway
: the default is 192.168.252.254
l
(Optional)
DNS Server 1
l
(Optional)
DNS Server 2
l
Host name
: the default is localhost
4. (Optional) Type a
VLAN ID
.
5. (Optional) Register to Trend Micro Control Manager by using the space bar to
toggle the option to
[yes]
.
6. Navigate to
Return to main
menu and press
Enter
.
The initial configuration is complete and the management console is accessible.
Note
: Deep Discovery Inspector 3.8 can be deployed in IPv6 environments.
