Unable to get a Global Threat Intelligence rating with SSL inspection
Last Modified: 2024-01-08 14:48:43 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
After December 1, 2024, please log in to the Thrive Portal for support, knowledge articles, tools, and downloads. For information about using the Thrive Portal, view the Trellix Thrive Portal User Guide.
Unable to get a Global Threat Intelligence rating with SSL inspection
Technical Articles ID:
KB91032
Last Modified: 2024-01-08 14:48:43 Etc/GMT Environment
Endpoint Security (ENS) 10.x
Summary
Recent updates to this article
Problem
ENS doesn't allow network appliances to perform SSL inspection on rating requests to the Global Threat Intelligence (GTI) rating servers. An example of such network appliances includes an SSL-decrypting firewall or proxy. This behavior is as designed, to ensure security of the data transport and prevent man-in-the-middle attacks. If GTI rating requests are sent to an appliance that performs SSL inspection, the rating requests fail. If many rating request retries are caused by this failure, it might cause high CPU and memory use. When this issue occurs, Solution
Configure your network appliance to bypass SSL inspection for traffic to the following domains:
Affected ProductsLanguages:This article is available in the following languages: |
|