Trellix NS 7500
Intrusion Prevention System 1U Sensor
Overview
Trellix Intrusion Prevention System (IPS) is a next-generation intrusion detection and prevention system (IDPS) that discovers and blocks sophisticated malware threats across the network. It uses advanced detection and emulation techniques, moving beyond traditional pattern matching to defend against stealthy attacks with a high degree of accuracy.
To meet the needs of demanding networks, IPS can scale to more than 30 Gbps with a single device—and up to 100 Gbps when stacked. The integrated Trellix solution portfolio streamlines security operations by combining real-time Trellix Global Threat Intelligence (GTI) feeds with rich contextual data about users, devices, and applications for fast, accurate responses to network-borne attacks.
Protection against today’s stealthy threats
Trellix IPS combines intelligent threat prevention with intuitive security management to improve detection accuracy and streamline security operations. Your network faces advanced attacks that can evade traditional detection methods—which is why our IPS layers multiple signature and signature-less detection engines to help prevent unwanted malware from wreaking havoc on your network. It performs deep inspection of network traffic using a combination of advanced technologies, including full protocol analysis, threat reputation, and behavior analysis to detect and protect against malware callbacks, denial-of-service (DoS), zero-day attacks, and other advanced threats.
Integrated security
Trellix IPS integrates with Trellix Intelligent Sandbox, which combines indepth static code analysis, dynamic analysis (malware sandboxing), and machine learning to detect zero-day threats, including threats that use evasion techniques and ransomware.
Our IPS also combines file reputation from Trellix GTI and offers integration with Trellix ePO and Enterprise Security Manager for real-time correlation of network events across all relevant sources. The combined solution incorporates device details, user information, endpoint security posture, vulnerability assessments, and other rich information to help your organization better understand threat severity and business risk factors.
Performance and availability
Trellix IPS offers the best of both worlds— security and high performance. It combines a single-pass, protocol-based inspection architecture with purpose-built, carrier-class hardware to achieve real-world inspection up to 100 Gbps. Its efficient architecture preserves performance regardless of security settings, outperforming other IPS solutions that can experience up to a 50% reduction in throughput with security-over-performance policies.
Our IPS also provides active-active and active-passive modes with stateful failover, enabling you to meet high availability service-level agreements while avoiding the bottlenecks of slower performing appliances or over-burdened stand-alone solutions.
Scalable hardware provides investment protection
Trellix NS7500 and NS9500 series appliances offer flexibility so you can buy what you need now, and easily scale throughput as needed via a software license. You can also add more capacity by stacking multiple NS9500 appliances.
Visibility and control
Make informed decisions about the applications and protocols on your network. Trellix IPS was the first IDPS solution to combine advanced threat prevention and application awareness into a single security decision engine. We correlate threat activity with application usage, including Layer 7 visibility of more than 2,000 applications and protocols. This enables you to make more informed decisions about which applications you allow on your network.
In addition to application identification, our IPS provides user and device visibility. It prioritizes risky hosts and users, including active botnets, through the identification of anomalous network behavior.
Intelligent, scalable security management
Make the most of your security investment through intelligent network security management. IPS Manager provides scalable webbased management from two to several hundred network security appliances. It offers intuitive, progressive disclosure workflows that guide administrators to relevant alerts, along with easy-to-use security dashboards that automatically prioritize events based on alert severity and relevancy.
Pricing Notes:
- Pricing and product availability subject to change without notice.