Call a Specialist Today! 800-886-5369


Trellix Intrusion Prevention System+ for AWS
Virtual Packet Capture Appliance (Support for Azure, ESXi, KVM, and AMI)



Trellix Products
Intrusion Prevention System
Trellix Intrusion Prevention System+ for AWS
#IPS+-AWS
Contact us for Pricing!

 

Overview

Trellix IPS+ provides signature-based detection that protects vulnerable assets from exploit, and can stop DDoS, C2 callbacks, and more. It does so at a high speed and scale. It also includes the Trellix IVX dynamic analysis engine to provide signatureless detection (sandbox detonation) and behavioral analysis. Integration with AWS Gateway Load Balancer means Trellix IPS+ is easier to deploy, has higher availability, and scales up and down automatically as traffic changes.

Situation

Organizations are being driven by two powerful forces to reassess their choice of IPS: threats are getting worse, and migration to AWS.

Attackers are flooding your organization with exploits to get past your defenses

The number of known vulnerabilities is soaring. In 2022, ethical hackers discovered 65,000 new vulnerabilities, a 21% increase over the prior year.

This has combined with an increased number of unpatchable legacy systems (no more patches being developed), as well as unpatched systems (IT can’t keep up with installing patches, plus critical systems that organizations choose not to patch). According to one report, 58% of organizations run legacy systems that are no longer supported with patches.

A third ingredient is the increased use of exploit variants by attackers. By making minor changes to their code or their TTPs, new exploit variants escape detection by existing signatures. Finally, attackers are developing and deploying exploit variants at greater speed and scale, and the “waves” of exploits are crashing over organizations’ defenses.

All of these factors have rendered traditional, signature-based IPS solutions inadequate to protect organizations today.

Securing AWS Workloads

Migrating to AWS means rethinking your cybersecurity needs. In the AWS Shared Responsibility Model3, AWS is responsible for the security of the cloud, but you are responsible for security in the cloud. Intrusion prevention is one of your organization’s responsibilities.

Inter-VM communication, and instant migration, replication, and backup of AWS workloads have combined to increase east-west traffic. Adding to the chaos, the flexibility provided by network virtualization makes these escalating traffic flows dynamic and unpredictable.

In the cloud, your workloads are dynamic and elastic, which means your attack surface is too, so your network defense needs to handle that. That means organizations want solutions that are less complicated, and easier to deploy and manage in a dynamic AWS environment. An IPS for AWS also needs to be high bandwidth, and to take advantage of AWS Load Balancer Gateway to auto-scale to ensure the IPS is never a bottleneck.

That makes migration to AWS the perfect time to re-examine your IPS requirements, to find a solution that can keep up with the threat landscape, and that isn’t limited to signature-based detection.

Key Features

  • Signature-based detections at speed and scale
  • Includes Trellix IVX for signatureless detection (sandbox detonation)
  • Behavioral analysis
  • Virtual patching to protect unpatched systems
  • High performance – 1Gbps per sensor, unlimited sensors
  • Simplified deployment and management – no controllers or probes
  • Integrated with AWS GWLB for auto-scaling and high availability
  • North-South and East-West detection
  • Unified policy management across all IPS+ sensors (AWS, other clouds, on-premises)
  • Available as an AMI in the AWS Marketplace


Pricing Notes:

Trellix Products
Intrusion Prevention System
Trellix Intrusion Prevention System+ for AWS
#IPS+-AWS
Contact us for Pricing!