Mira Security Partners with Trellix to Reach New Optimal Levels of Security and Visibility into Encrypted Traffic

Joint Solution Benefits

• Visibility. The Mira ETO will remove the SSL/TLS blind spots, allowing the Trellix platform stack to analyze traffic that might otherwise be hidden by encryption.
• Ease of Use & Simplicity. Both the Mira ETO and Trellix platform solutions are easy to install, configure, and integrate with other elements of your security tech stack.
• Flexible Rules & Policies. Use Mira’s ETO Category Database to selectively bypass certain categories of traffic and safeguard sensitive user data. In the Trellix Platform, one can detect and prevent many types of attacks, regardless of how they are being delivered. 
• Scalability & Speed. The Mira ETO is available in speeds from 0.5 to 50Gbps of decrypted traffic, supporting high throughput. The Trellix platform stack can handle up to 10Gbps.
• Platform Versatility. Tailoring itself to diverse network requirements, both the Mira ETO and Trellix platform are available in physical hardware or virtual appliance forms, compatible with both private and public cloud environments.
• Efficiency Amplified. Decrypt traffic once and distribute it to attached IPS appliances and passive security tools through app ports and mirror ports.

Mira ETO and Trellix Platform Joint Solution

Mira’s ETO and Trellix’s Intrusion Prevention System (IPS) work together seamlessly, providing a powerful solution with scalability and flexibility. Users can choose between inline and passive deployment methods, allowing them to either proactively contain threats or receive timely alerts. The Mira Security ETO, positioned between the client and server, decrypts traffic, sends it to the IPS Sensor for analysis, and then re-encrypts it before sending it on to its destination. This strategic process enables Trellix’s IPS sensor appliances to identify both recognized and previously elusive threats, going beyond traditional detection methods. The Trellix IPS Manager, a crucial component, offers IT administrators a user-friendly web interface for comprehensive monitoring and management of IPS Sensor activities, enhancing the overall experience.

Mira’s ETO and Trellix’s Network Security NX also work together seamlessly to offer a solution that provides scalability and flexibility. With both inline and passive deployment options, customers can either contain a threat before it reaches the destination, or simply alert administrators of its presence. The Mira ETO allows full visibility into previously hidden traffic by sitting between the client and server decrypting the traffic, sending plaintext to the attached security tool, and then re-encrypting the traffic before it is sent onto the destination. This allows Trellix’s appliances to detect threats and, with Trellix’s (Multi-Vector Virtual Execution) MVX engine at the core, detection is not relegated to known threats or ones that evade signature and policy-based detection. Conventional signature-based detection is also included for inline protection functionality.

Typical Deployment Topologies

Another Inline-Inline Option: A Defense-in-depth Deployment to Reach Optimal Security Levels

As an important feature, Mira’s ETO can maintain the previous deployment and add an extra layer of defense by activating the mirroring mode which will be sending decrypted traffic simultaneously to both Trellix’s IPS sensor and Trellix’s NX running in a passive mode.