Products/Services
product
- Line up
- Network Security: Trellix (formerly FireEye) Network Security
- Network Security: Trellix (formerly McAfee) Advanced Threat Defense
- Network Security: Trellix (formerly McAfee) Network Security Platform
- Endpoint: Trellix (formerly FireEye) HX
- Endpoint: Trellix (formerly McAfee) Mvision
- Endpoint: Trellix (formerly McAfee) Complete Data Protection
- Email Security: Trellix (formerly FireEye) Server Edition
- Email Security: Trellix (formerly FireEye) Cloud Edition
- Security Operations: Trellix (formerly FireEye) Helix
- Security Operations: Trellix (formerly McAfee) SIEM (Security Information and Event Management)
- Enhanced cloud governance: Trellix (formerly FireEye) Cloudvisory
- File Threat Protection in the Cloud: Trellix (Formerly FireEye) Detection On Demand
- File Security: Trellix (formerly FireEye) Malware File Storage Scanning
- Integrated Management Solution: Trellix (formerly FireEye) Central Management
- NDR Solution: Network Investigator (NI) / Packet Capture (PX)
Specifications/Technical Information
Specifications/Technical Information
- Trellix (formerly FireEye) Technical Information
- Trellix (formerly FireEye) Specifications
- Network Security: Trellix (formerly FireEye) Network Security Technical Information
- Network Security: Trellix (formerly McAfee) Network Security Platform Technical Information
- Network Security: Trellix (formerly McAfee) Network Security Platform Specifications
- Network Security: Trellix (formerly McAfee) Advanced Threat Defense Technical Information
- Network Security: Trellix (formerly McAfee) Advanced Threat Defense Specification
- Email Security: Trellix (formerly FireEye) Server Edition EX Series Technical Information
- Email Security: Trellix (formerly FireEye) Server Edition EX Series Specifications
- Integrated Management Solution: Trellix (formerly FireEye) Central Management (CM) Series Specifications
- Security Operations: Trellix (formerly McAfee) SIEM (Security Information and Event Management) Technical Information
Trellix
Trellix
EX series technical information
When the EX series receives an email, it issues an alert and notifies the administrator as soon as possible. Discover unknown threats not found in signatures by using a virtual analysis engine. Additionally, by working with the NX Series, it prepares for user access with local feedback. Callback information is always shared worldwide based on global feedback and detected with extremely high accuracy.
Main function
- Real-time attachment parsing
- Real-time URL analysis
- Do not deliver problematic messages (in MTA mode)
Attachment Detection: Replay with VxE (Virtual Analysis Engine)
If the attachment is determined to be malware
- Do not send alert notifications or emails to administrators
- Execute the attached file with VxE, copy the determined malicious URL to the CM series, and prepare for user access
If the attached file is determined to be normal
- Recipient receives original email
URL Detection: See MPC Cloud
If the URL is determined to be a known bad URL
- Notification of alerts to administrators or suspension of mail delivery
If the URL is unknown and cannot be determined
- Copy URL to CM series
- Recipient receives original email
EX series configuration example
SPAN/TAP mode
- Receive mirror packets from switches, etc., and analyze only SMTP communication. A deployment method that does not affect live traffic.
- Alert notification to administrator, discard after analysis
Bcc mode
- All emails are BCC forwarded from the previous stage MTA and analyzed. A deployment method that does not affect live traffic.
- Discard after parsing
MTA mode
- Works as an MTA. Receive and parse emails.
- After analysis, if there is a possibility of infection, an alert is sent to the administrator, blocked or quarantined
- If the mail is normal, forward it to the latter MTA
Inquiry/Document request
In charge of Macnica Trellix Co., Ltd.
- TEL:045-476-2010
Mon-Fri 8:45-17:30
