Trellix Network Security

Detect, block, and respond to advanced targeted and evasive threats.

Detect and block advanced threats

Automatically spot suspicious network behavior and prevent attacks that elude traditional signature- and policy-based security. Combine multiple AI, machine learning, and correlation engines to detect and respond to advanced threats and lateral movements in minutes.

Request a Demo

Why Trellix Network Security?

Spot Attacks that Evade Traditional Defenses

Use signature-less threat detection to identify zero-day and advanced attacks.

Detect Suspicious Lateral Movements

Track and block lateral threats within your enterprise network to reduce dwell time.

Cover Expanding Attack Surfaces

Protect your network with support for most operating systems and over 160 file types.

Map Threats to MITRE ATT&CK Framework

Gain contextual evidence to speed up containment and remediation by aligning attacks to the MITRE ATT&CK Framework.

Detect Evasive Attacks and Lateral Movement

Gain unparalleled visibility by applying state-of-the-art, signatureless detection and protection against the most advanced and evasive threats, including zero-day attacks.

Prioritize and Respond to Alerts That Matter

Improve analyst efficiency with high-fidelity alerts that trigger when it matters most, saving time and resources while reducing alert volume and fatigue.

Automate and Simplify Security Workflows

Generate concrete real-time evidence and Layer 7 metadata for security context so analysts can quickly pivot to investigations, alert validation, endpoint containment, and incident response.

Industry recognition

Trellix is recognized as an industry leader by key analyst firms

Frequently asked questions

Trellix Network Security uses multiple advanced techniques, including the Multi-Vector Virtual Execution (MVX) engine, machine learning, and AI. The MVX engine performs signature-less, dynamic analysis of suspicious traffic in a safe virtual environment. Machine learning and AI engines use contextual rules to detect and block malicious activity retroactively and in real time. This multi-layered approach enables the detection of zero-day, multi-flow, and other evasive attacks that traditional defenses might miss.

Yes, Trellix Network Security includes an advanced correlation and analytics engine that detects suspicious lateral movements across your entire network. It uses over 180 rules for lateral movement detection, providing complete kill-chain visibility. Trellix Network Security also incorporates machine learning for data exfiltration detection, JA3 detection for encrypted communication, and web shell detection, mapping these to the MITRE ATT&CK framework.

Trellix Network Security integrates with several other security solutions to enhance overall protection and streamline workflows. It can be integrated with the Trellix Central Management System to correlate Network and Email Security alerts. It also works with Trellix Network Forensics for detailed packet captures and investigations. Additionally, it integrates with Trellix Endpoint Security to identify, validate, and contain compromises detected by Network Security, simplifying containment and remediation of affected endpoints.

Trellix Network Security addresses alert fatigue in several ways. It uses the MVX engine to validate alerts detected by conventional signature-matching methods, reducing false positives. The solution also employs riskware categorization to prioritize alerts by separating critical threats from less malicious activity like adware. Additionally, to improve overall efficiency, it provides concrete real-time evidence with each alert, allowing security teams to quickly assess and respond to genuine threats.

Security awareness

What is Network Security

A combination of technologies, policies, and practices to protect computer networks and data's confidentiality, availability, and integrity.

Read More

What is NDR?

NDR goes beyond essential intrusion detection to continuously monitor your network traffic for suspicious activity.

Read More

Take the next step toward living security for your network