The Trellix IPS Manager uses a third-party vendor (Maxmind) to reference geolocations of IP addresses. Agreement with Maxmind to use their Geographic Database ends by June 2023. Signature set versions released after June 2023 won't include the Maxmind Geographic Database.

New GeoDB Country code - IP Address Mapping updates will be interrupted effective immediately as Maxmind proceeds with supporting a new version of the GeoDB format. End of support has been announced for the GeoDB format, which is used by Trellix IPS. Signature sets will only include the last available update of Maxmind GeoDB. There will be no new GeoDB updates for Maxmind.

Current signature set versions include both Maxmind and Digital Envoy's Geographic Databases. From June 2023 onward, all signature sets will only include Digital Envoy's Geographic Database.

Recommendation:
We strongly recommend that customers upgrade to the latest version of the product available before June 2023 for the most up-to-date support.

Maxmind GeoDB is only supported for versions 9.1 and 10.1 earlier than 10.1.7.50 or 10.1.19.38 (Certification).

Existing Manager deployments, where the signature set is updated to a version that doesn't include Maxmind GeoDB, will still function with the last Maxmind GeoDB downloaded. New or reset sensors can still use the last Maxmind GeoDB as the new signature set won't remove Maxmind.

Sensor software 10.1.5.116 and later will only accept the Digital Envoy GeoDB, whereas Manager software will continue to support Maxmind in the case of heterogeneous environments. To utilize the most updated Geographic Database, the Manager must be updated to version 10.1.7.55 or 10.1.19.47 (Certification) and Sensors updated to version 10.1.5.153 (NS), 10.1.7.123 (VM) or 10.1.17.63 (Certification) at minimum.

Scenarios:
Manager versions 10.1.7.55, 10.1.19.47 (Certification), and later will only be bundled with signature sets containing the Digital Envoy Geographic Database.

Until June 2023, signature sets will be released with both Digital Envoy's GeoDB and Maxmind GeoDB.
 
With IPS Manager in 10.1.7.50 or later,

• Sensors with SW version 10.1.5.116 and later use the DE GeoDB.
• Sensors with Sensor SW version earlier than 10.1.5.116 use the Maxmind GeoDB and continue to receive new updated GeoDB as part of signature set updates, untill June 2023.

After June 2023, signature set updates will bundle only DE GeoDB.
 
New sensors (not yet added to Manager) with older SW versions won't be able to use Maxmind GeoDB. You must to upgrade to version 10.1.5.116 or later to use DE GeoDB. 
'Resetconfig' Sensors with Sensor SW version earlier than 10.1.5.116 (already added to Manager) continue to use the Maxmind GeoDB, as the Manager has a copy of the last GeoDB that was deployed to the sensor. But, the sensor will NOT receive new updates of Maxmind GeoDB as part of the signature set update.