How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package
Last Modified: 2023-05-31 11:44:44 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package
Technical Articles ID:
KB96550
Last Modified: 2023-05-31 11:44:44 Etc/GMT Environment
Advanced Threat Defense (ATD) 4.x Intelligent Sandbox (IS) 5.2.0.16 and earlier Problem
From June 2023 onward, we'll release a common detection package for all supported versions of ATD and IS. This common detection package is a single unifying detection package file and replaces the previous version-specific detection packages. To accept the new common detection package, you must either upgrade to version 5.2.2 or follow the instructions below to install a patch on ATD 4.x or IS 5.0.0.11/5.2.0.16. IMPORTANT:
SolutionSteps to install the patch:
Related Information
FAQs What happens if you attempt to manually install a common detection package to an unpatched IS/ATD device? Will the installation fail, will the device continue to function, or will there be some other outcome? Manually installing a common detection package to an unpatched ATD/TIS device fails. But, manually installing the previous version-specific detection packages, which are of May 2023 and earlier, to the same unpatched ATD/TIS device continues to work. What happens if the automatic updater on an unpatched IS/ATD device fetches the common detection package? Will the installation fail, will the device continue to function, or will there be some other outcome? The Automatic Updater won't function on an unpatched TIS/ATD device to the common detection packages. An unpatched TIS/ATD device won't receive the common detection package via automatic content updates. Will an unpatched IS/ATD continue to work even after the release of the common detection package? Yes, it'll continue to work using the existing version-specific detection package on the device. But, to benefit from the coverage of the latest detection package, you must install the patch. Affected ProductsLanguages:This article is available in the following languages: |
|