Deep Discovery Email Inspector

Stop spear phishing attacks and targeted ransomware

Key Features

Ransomware detection and blocking  

In seconds, advanced ransomware encrypts a system. Since email is the tactic of choice to deliver ransomware, it must be blocked before it’s delivered. Trend Micro™ Deep Discovery™ Email Inspector detects and blocks ransomware spear phishing emails through advanced analysis techniques for known and unknown attacks. Custom sandboxing identifies mass file modifications, encryption behavior, and modifications to backup processes.

Windows® Mac® AndroidTM iOS new Power Up

Extensive detection techniques

Deep Discovery Email Inspector deploys a blend of cross-generational techniques to ensure the highest detection rate with the lowest false positives:

  • Web filtering and URL time-of-click analysis
  • Predictive machine learning quickly identifies unknown malware
  • Custom sandbox analysis features extensive anti-evasion technologies, behavioral analysis, and machine learning- based command-and-control (C&C)
  • Optional gateway modules adds spam, content filtering, Trend Micro™ Data Loss Prevention™, and more
  • Supports Mitre ATT&CK framework to help you detect and respond threats more effectively
Windows® Mac® AndroidTM iOS new Power Up

Custom sandboxing

Custom sandboxes use virtual images to match operating system configurations, drivers, installed applications, and language versions. Difficult for hackers to evade, they include a “safe live mode” to analyze multi-stage downloads, URLs, C&C, and more. They identify ransomware activity, like mass encryption, backup modification, and encryption behavior. Deep Discovery Email Inspector uses runtime machine learning inside the sandbox to enhance detection capabilities.

Windows® Mac® AndroidTM iOS new Power Up

Optimized and connected  

  • Centralized visibility and control is delivered through Trend Micro Control Manager with prioritized alerting by severity or host
  • Threat sharing with Trend Micro and other in-place security investments
  • Integration with SIEMs, like HP Arcsight, IBM QRadar, and Splunk
Windows® Mac® AndroidTM iOS new Power Up
  Model 7200 Model 9200
Deployment Options
Capacity Up to 400,000 emails/day Up to 800,000 emails/day
Form Factor
1U rack-mount, 48.26 cm (19”) 2U rack-mount, 48.26 cm (19”)
Dimensions 43.4 (17.09”) x 64.2 (25.28”) x 4.28 (1.69”) cm 43.4 (17.08”) x 75.13 (29.58”) x 8.68 (3.42”) cm
Weight 17.5 Kg (38.58 lb) 31.5 Kg (69.45 lb)
Management Ports
10/100/1000 BASE-T RJ45
port x 1
iDRAC Enterprise RD45 x 1
10/100/1000 BASE-T RJ45
port x 1
iDRAC Enterprise RD45 x 1
Data Ports
10/100/1000 BASE-T RJ45 x 3 110/100/1000 BASE-T RJ45 x 3
AC Input Voltage
100 to 240 VAC
100 to 240 VAC
AC Input Current
7.4A to 3.7A
10A to 5A
Hard Drives
2 x 1 TB 3.5-inch SATA 2 x 4 TB 3.5 inch SATA
Internet Protocol Support IPv4 / IPv6 IPv4 / IPv6
RAID Configuration
Power Supply
550W redundant
750W redundant
Power Consumption (Max.)
847W (max.)
2133 BTU/hr (max.)
2891 BTU/hr (max.)
Operating Temperature 10 to 35 °C (50-95 °F)
10 to 35 °C (50-95 °F)
Hardware Warranty
3 years
3 years
Optional Fiber NIC
Dual Port Fiber Gigabit (SX/LX) or 10 Gigabit Dual Port Fiber Gigabit (SX/LX) or 10 Gigabit

Virtual appliance deployment 

For additional flexibility, Deep Discovery Email Inspector can be deployed as a virtual server on your own virtual environment when connected to Trend Micro Deep Discovery Analyzer hardware appliances. In this deployment scenario, the virtual appliance will provide all functions except for sandbox analysis, which is done on Analyzer appliances.


Supports VMware ESXi 6.0 or 6.5 and Microsoft Hyper-V on Windows Server 2016 or 2019

Deep Discovery Analyzer hardware appliance(s) are required for sandbox analysis

Ransomware Data Block

Detect and block targeted ransomware

Over 90% of targeted ransomware attacks start with a spear phishing attack. As a hardware or virtual appliance, Deep Discovery Email Inspector is deployed in-line of message delivery and blocks these messages. It analyzes known and unknown patterns and reputation analysis to detect the latest ransomware variants and targeted attacks.

Prevent data breaches

Deep Discovery Email Inspector is designed to quickly detect advanced malware that usually bypasses traditional security defenses and exfiltrates sensitive data and intellectual property. Machine learning, specialized detection engines, password extraction, and custom sandbox analysis detect and prevent breaches.

Gain visibility

Take advantage of 360-degree visibility into targeted attacks on your email. Centralized visibility and control allow you to share threat information with your existing security investments.

Optional spam gateway filtering

The optional gateway module enables Deep Discovery Email Inspector to filter inbound messages based on senders, spam and phishing filters, and content, while providing outbound Trend Micro™ Data Loss Prevention™ and email encryption to fulfill compliance requirements. Also includes end user quarantine for spam messages, and content disarm and reconstruction (CDR) to remove executable objects from Microsoft files for file sanitation.

Reduce costs

Dramatically reduce the time required to remediate and prevent targeted ransomware attacks. A single appliance that blocks suspicious email and shares threat information, it also provides sandboxing to optimize incident response.

Simplify your decision

What customers say

Republic National Distributing Company (RNDC)

"Trend Micro Deep Discovery is looking at those dark corners of the network to see if there is traffic that deviates from baseline. It gives us visibility into our network, so we can immediately see and shut down anything malicious before it becomes a problem."...more

John Dickson,
Director IT Infrastructure, RNDC

More success stories

Get started with Deep Discovery Email Inspector

Protect more

Protect more

Deep Discovery Email Inspector is part of the Network Defense family of network security products including intrusion prevention systems (IPS).

Deploy it to monitor all network ports and over 105 protocols to provide 360 degrees of visibility.

Moving to email to the cloud? Get advanced protection with Trend Micro Smart Protection for Office 365