By default, the communication channel between ATD/TIS and the Trellix IPS Sensor is encrypted and transmitted over port 8505/TCP. 

The appliance and Sensor don't contain a feature to dump a deciphered version of the messages exchanged between ATD/TIS and the Sensor, specifically in a bytewise format.
This article explains how to view this information when troubleshooting communication issues between them.

When troubleshooting ATD/TIS to Trellix IPS Sensor communication, you can change it to clear text and then collect a network packet capture:

1. Set the communication channel to clear text.
2. Configure and start Wireshark or another network capture solution to collect the communication between ATD/TIS and the Sensor.
3. Reproduce the issue.
4. Save the capture.
5. Revert the appliance and Sensor to use the encrypted channel.

IMPORTANT:

• The clear text communication channel uses port 8506/TCP. Make sure that you open this port on firewalls between the devices.
• After you finish taking the needed data for troubleshooting, make sure that you revert the setting back to use the encrypted channel.

To configure ATD/TIS and the Sensor to use the clear text channel:

1. On the ATD/TIS appliance:
   1. Log on to the ATD/TIS CLI using cliadmin credentials.
       
   2. Run the following two commands:
      set nsp-ssl-channel-encryption disable
      set nsp-tcp-channel enable
       
   3. Exit the CLI.
       
2. On the Trellix IPS Sensor:
    
   1. Log on to the Sensor CLI.
      
      NOTE: The username is admin and the default password is admin123.
       
   2. Log on to debug mode:
      Type debug and press Enter.
       
   3. Type the following commands and press Enter after each:
      switch matd channel tcp
      set amchannelencryption off
       
   4. Exit the Sensor CLI.

To configure ATD/TIS and the Sensor to use the encrypted channel:

1. On the ATD/TIS appliance:
   1. Log on to ATD/TIS CLI using cliadmin credentials.
       
   2. Type the following commands and press Enter after each:
      set nsp-ssl-channel-encryption enable
      set nsp-tcp-channel disable
       
   3. Exit the ATD/TIS CLI.
       
2. On the Sensor:
   1. Log on to the Sensor CLI.
      
      NOTE: The username is admin and the default password is admin123.
       
   2. Log on to debug mode:
      Type debug and press Enter.
       
   3. Type the following commands and press Enter after each:
      switch matd channel ssl
      set amchannelencryption on
       
   4. Exit the Sensor CLI.

NOTE: Every time you change the communication channel settings on ATD/TIS and the Sensor, verify that the channel is up and running by executing the status command on the Sensor.