Trend Micro Deep Discovery

Course Overview

Trend Micro™ Deep Discovery™ Advanced Threat Detection 2.1 Training for Certified Professionals is a three-day, instructor-led training course where participants will learn how to plan, deploy, and manage a Trend Micro Deep Discovery threat detection 

 solution using:

• Trend Micro™ Deep Discovery™ Inspector
• Trend Micro™ Deep Discovery™ Analyzer
• Trend Micro™ Deep Discovery™ Email Inspector
• Trend Micro™ Deep Discovery™ Director 

Participants explore key concepts and methodologies using a blend of Deep Discovery solutions for a more complete approach to network threat detection. This course details the architecture, deployment options, threat security management, and system administration fundamentals, as well as troubleshooting and best practices for these products.

This course incorporates a variety of hands-on lab exercises, allowing participants to put the lesson content into action.

Course Objectives

Upon completion of this course, students will be able to:

 • Describe the purpose, features, and capabilities of Trend Micro Deep Discovery Advanced Threat Detection solutions
• Configure and use security management and administration settings for:
• Trend Micro Deep Discovery Inspector
• Trend Micro Deep Discovery Email Inspector
• Trend Micro Deep Discovery Analyzer
• Explain how Deep Discovery products fit into Trend Micro’s Connected Threat Defense
• Describe functionality of Deep Discovery Director and how to connect Deep Discovery products to it for centralized management and visibility 

Pre-Requisite

Before you take this course, Trend Micro recommends that you have a working knowledge of their products and services, as well as basic networking concepts and principles.

Experience with the following products and technologies is also necessary:

• Windows® servers and clients
• Firewalls, web application firewalls, packet inspection devices
• General understanding of malware

Participants are required to bring a laptop computer with a recommended screen resolution of  at least 1980 x 1080 or above and a display size of 15” or above.

Who Should Attend

This course is designed for IT professionals who are responsible for protecting networks from any kind of network, endpoint, or cloud security threats. The individuals who will typically benefit the most include:

• System Administrators
• Network Engineers
• Support Engineers
• Integration Engineers
• Solution and Security Architects

Related Certification Exam

Upon completion of this course, participants may choose to complete the certification examination to obtain designation as a Trend Micro Certified Professional for Deep Discovery Advanced Threat Detection. 

Course Modules

Product Overview
• Introduction to Trend Micro solutions
• Deep Discovery key features
• Deep Discovery solution platforms
• Trend Micro Deep Discovery Inspector
• Trend Micro Deep Discovery Analyzer
• Trend Micro Deep Discovery Email Inspector
• Deep Discovery Director
• Trend Micro Control Manager™
• Key business needs for network defense

Deep Discovery Solution Overview
• The evolving threat landscape
• Phases of a targeted attack
• Deep Discovery threat detection overview

Deep Discovery Inspector Product Overview
• Key features
• Network setup
• Form factors
• Deep Discovery Inspector requirements
• Installation design
• Positioning Deep Discover Inspector in the network

Installing and Configuring Deep Discovery Inspector
• Information provisioning for setup
• Obtaining ISOs, hotfixes/patches
• Performing an installation
• Configuring initial system settings (preconfiguration console)
• Finalizing Deep Discovery Inspector configuration (web console)
• Testing the deployment
• Viewing installation logs
• Operational settings and boot options

Threat Detect Technologies
• Network content inspection engine (NCIE)/ virus-scanning application program interface (VSAPI)
• Advanced Threat Scan Engine (ATSE)/virusscanning application program interface (VSAPI)
• Network content correlation engine (NCEE)/computer-aided verification (CAV)
• Virtual analyzer
• Community file reputation (census)
• Trend Micro cloud sandbox service
• Community domain/internet protocol (IP) reputation service (domain census)
• Certified safe software service (CSSS)/ global resource information database (GRID)
• URL filtering engine
• Network reputation with Trend Micro™ Smart Protection Network™
• Mobile application reputation service (MARS)
• Trend machine learning
• Threat detection overview
• Processing stages

Virtual Analyzer
• Key features and functionality
• What is virtual analyzer looking for?
• Virtual Analyzer components
• Sending files to Virtual Analyzer for analysis
• Virtual Analyzer process flow
• Virtual Analyzer stages
• Overall sample ratings and risk level
• Viewing detection details
• Interpreting analysis results
• Virtual Analyzer feedback blacklist
• Hosts with command and control (C&C) callbacks
• Deny/allow list
• Virtual Analyzer settings
• Importing a custom sandbox into Deep Discovery Inspector for use by the Virtual Analyzer

Deep Discovery Inspector Administration
• Logging in
• Dashboard
• Analyzing detected threats
• Viewing key fields in events
• Detection type examples
• Running reports and obtaining threat detection metrics
• System administration functions

Deep Discovery Analyzer Product Overview
• Key features
• Network setup
• Form factors
• Required services and port information
• Uniquely identifying samples
• Product integration

Information Provisioning
• Defining the architecture
• Obtaining ISOs, hotfixes/patches
• Performing the installation
• Configuring initial system settings
• Configuring final settings for

Deep Discovery Analyzer
• User accounts
• Web console overview
• Analyzing samples and results
• Submitting samples to Deep Discovery Analyzer
• Virtual Analyzer report
• Managing suspicious objects list
• Exceptions
• Deep Discovery Analyzer sandbox management
• Reports
• Alerts
• Managing the system
•  Updating components, creating user accounts, performing backups, and accessing the Debug Portal, and etc.

Deep Discovery Email Inspector
• Key features
• Form factors
• Deployment modes
•  Multi-target-application (MTA), blind carbon copy (BCC), switch port analyzer (SPAN)/ testaccess  point (TAP)
• Ports used
• Scanning technologies
• Deep Discovery Email Inspector scanning
• Risk levels

Installing and Configuring Deep Discovery Email Inspector for installing
• Testing your deployment

Deep Discovery Email Inspector Administration
• Logging in
• Accounts
• Web console overview
• Dashboard and widgets
• Managing threat detections
• Steps for analyzing detections
• Configuring policies
• Setting up recipient notifications
• Defining email message tags
• Configuring time-of-click protection
• Configuring Business Email Compromise (BEC) protection
• Configuring redirects (for un-scannable attachments)
• Generating reports
• Accessing log files
• End user quarantine (EUQ)
• Performing administrative tasks
• Component and product updates, backup/restore, debug, and etc.

Deep Discovery Director Product Overview
• Form factors and requirements
• Planning a deployment
• Installing Deep Discovery Director
• Deep Discovery appliance management
• Viewing detections

Connected Threat Defense Overviewnected Threat Defense works
• Integration with Control Manager
• Suspicious objects and community exchanged indicators of compromise (IOCs)

Appendices
• What’s new in Deep Discovery Inspector 5.0?
• What’s new in Deep Discovery Analyzer 6.0?
• What’s new in Deep Discovery Email Inspector 3.0?
• Monitoring virtual machine traffic with Deep Discovery Inspector
• Trend Micro Threat Connect
• Integration
• Deep Discovery

Course Schedule

Start: 03/08/2023 | End: 03/10/2023
Virtual

Start: 05/10/2023 | End: 05/12/2023
Virtual

Start: 07/12/2023 | End: 07/14/2023
Virtual

Start: 09/13/2023 | End: 09/15/2023
Virtual

Start: 11/15/2023 | End: 11/17/2023
Virtual

WE ARE THE COUNTRY'S LEADING ICT DISTRIBUTOR

Global brands. One single contact. Endless opportunities.

  • Pasig

    • MSI-ECS Complex M. Eusebio Avenue San Miguel Pasig City Metro Manila Philippines 1600
      Tel No: (+632) 8830 9999, (+632)8688 3333
  • Cebu

    • #17-19 Cebu WGA Compound, Rabaya St., Brgy. San Roque, Talisay City 6045 Cebu
      Tel No: (+032) 345-9441
  • Taguig

    • Shop 4 Ground Flr, Philplans Corporate Center, Kalayaan Ave. & Triangle Drive, Fort Bonifacio, Taguig City.
      Tel No: (+632) 8836-7954, 8828-2105
  • Davao

    • SRC Building, Arroyo corner R. Castillo St., Agdao, Davao City
      Tel No: (+6382) 282-8835 to 38