Trellix File Protect (FX)
About the product
A solution for protecting against threats hidden in files located on network disk shares (CIFS/SMB/WebDAV/NFS) and file sharing solutions such as Microsoft OneDrive or SharePoint. It uses both static mechanisms and the IVX engine for dynamic file analysis to isolate suspicious files from production shared resources before they spread throughout the environment.
The integrated IVX engine provides different versions of operating systems and applications to ensure simultaneous analysis of different variants, providing the sample with the required runtime environment and giving the analyst a complete picture of the attack, from sample execution and exploitation of vulnerabilities to back-channel communication and subsequent attempts to download malware components.
Advantages of the solution
Ability to perform scans of shared resources in on-demand, continuous, or scheduled modes.
Scans in active quarantine or monitor mode.
Ability to separate disk shares – transfer files from the source share to the destination or quarantine depending on the analysis verdict.
Benefits of Implementation
Detection of malware not blocked by traditional AV engines while preventing the spread of compromised files across the infrastructure.
Native integration with both Microsoft OneDrive and SharePoint file solutions as well as SMB/CIFS/WebDAV/NFS network shares.