Trellix Network Security (NX)
About the product
A modern platform that provides preventive protection against advanced threats (APT), zero-day attacks, and sandbox-evading malware. The solution operates at the network level, analyzing communication in real time and blocking threats before they reach endpoints. It monitors incoming and outgoing traffic from the infrastructure using signature-based detection mechanisms and a conventional IPS engine.
The integrated IVX engine dynamically analyzes network traffic to identify attacks that bypass traditional signature- and policy-based security measures. Machine learning, AI, and event correlation features ensure that malicious activity is blocked in real time, stopping subsequent phases of infection.
Advantages of the solution
Early threat detection – identification and neutralization of malware, ransomware, and zero-day attacks before they reach endpoints.
Advanced analysis – sandbox detonation, detection of attempts to bypass security mechanisms.
Inline or monitoring mode implementation (TAP/SPAN) – tailored to security and infrastructure needs.
IVX engine support for Microsoft Windows, MacOS, and Linux operating systems. Dynamic analysis is performed entirely locally, and the environment has all the necessary licenses for operation.
Benefits of Implementation
Dynamic analysis of files, scripts, and transmissions in a secure environment without impacting production infrastructure.
Ability to identify anomalies and unusual behavior (e.g., communication with C&C).
Protocol- and application-level traffic analysis, including traffic decryption (SSL/TLS) for analysis.
Automatic extraction of files from decrypted traffic for dynamic analysis in IVX engines.