Unable to get a Global Threat Intelligence rating with SSL inspection
Last Modified: 2024-01-08 14:48:43 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Unable to get a Global Threat Intelligence rating with SSL inspection
Technical Articles ID:
KB91032
Last Modified: 2024-01-08 14:48:43 Etc/GMT Environment
Endpoint Security (ENS) 10.x
Summary
Recent updates to this article
Problem
ENS doesn't allow network appliances to perform SSL inspection on rating requests to the Global Threat Intelligence (GTI) rating servers. An example of such network appliances includes an SSL-decrypting firewall or proxy. This behavior is as designed, to ensure security of the data transport and prevent man-in-the-middle attacks. If GTI rating requests are sent to an appliance that performs SSL inspection, the rating requests fail. If many rating request retries are caused by this failure, it might cause high CPU and memory use. When this issue occurs, Solution
Configure your network appliance to bypass SSL inspection for traffic to the following domains:
Affected ProductsLanguages:This article is available in the following languages: |
|