Senior Tech Lead Engineer at Banking IT department
Real User
Top 20
2023-08-08T09:42:42Z
Aug 8, 2023
I use Trellix IPS to find and fix security issues. This involves getting alerts about vulnerabilities in financial systems and sharing information with a partner organization in Sri Lanka. We also use Trellix IPS to spot other vulnerabilities and then block harmful data.
The solution is used mostly for perimeter protection. It's to protect the client and server site. It offers basic but effective Smart Blocking. We've tested it in a product environment and it performed rather well.
Learn what your peers think about Trellix Intrusion Prevention System. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Junior Product Consultant at a tech services company with 501-1,000 employees
Real User
2020-09-09T06:28:53Z
Sep 9, 2020
We use the solution as a level of security for our organization. It can show us what's happening on our network so that we are able to monitor events effectively. We end up having to deal with many events and this helps us detect where a virus or malware is coming from. It helps buy us time so we can fight off the attack.
Junior Product Consultant at a tech services company with 501-1,000 employees
Real User
2020-09-08T09:09:57Z
Sep 8, 2020
We use a lot of the functions this solution provides such as the firewall and the ability to check aliases. We can monitor and show the traffic that's moving in and out. When we detect malware, we scan for the virus on the PC and we can decide whether to delete or block the malware. I'm a junior product consultant and we are customers of McAfee.
Senior Network Security Engineer with 201-500 employees
Real User
2019-12-10T07:29:00Z
Dec 10, 2019
I look at the attack analysis, which shows me which attackers try to exploit my vulnerabilities. I can check the ticket to see if it's blocked or whether it's a false positive. Whatever the case, if it already exists, I will block it. McAfee IPS has a benign engine, so this may not be a target in your environment. If you just prevent attackers from using it, they will try another vulnerability. I have physical routers, but they try to make some novel vulnerabilities. This is not applicable to my environment, so when I see this alert I know it's a false positive not related to my environment. In some cases, I change the action of these alerts or attacks to block. This is what happened in one of the use cases I take advantage of from IPS. I got an alert about some attacks in my environment, regarding the SPAN port and server traffic. I saw it and I detected the source point of this attack.
Block More IntrusionsStop new and unknown attacks with signature-based and signature-less intrusion prevention systems. Signature-less intrusion detection finds malicious network traffic and stops attacks where no signatures exist.
Unify Virtual and Physical SecuritySupport network virtualization across private and public cloud platforms to scale security and evolve with changing IT dynamics.
Maximize Security and PerformanceScale hardware performance to speeds up to 100 Gbps and leverage...
We use the firewalls and the sandbox.
We use Trellix Intrusion Prevention System as a signature-based system for capturing zero-day attacks.
I use Trellix IPS to find and fix security issues. This involves getting alerts about vulnerabilities in financial systems and sharing information with a partner organization in Sri Lanka. We also use Trellix IPS to spot other vulnerabilities and then block harmful data.
McAfee Network Security Platform is our intrusion prevention system.
The solution is used mostly for perimeter protection. It's to protect the client and server site. It offers basic but effective Smart Blocking. We've tested it in a product environment and it performed rather well.
We use the solution for security purposes. It allows our organization to detect a variety of malicious attacks such as malware and viruses, et cetera.
Our clients primarily use the solution for security purposes. We have it deployed on the endpoints.
We use the solution as a level of security for our organization. It can show us what's happening on our network so that we are able to monitor events effectively. We end up having to deal with many events and this helps us detect where a virus or malware is coming from. It helps buy us time so we can fight off the attack.
We use a lot of the functions this solution provides such as the firewall and the ability to check aliases. We can monitor and show the traffic that's moving in and out. When we detect malware, we scan for the virus on the PC and we can decide whether to delete or block the malware. I'm a junior product consultant and we are customers of McAfee.
I look at the attack analysis, which shows me which attackers try to exploit my vulnerabilities. I can check the ticket to see if it's blocked or whether it's a false positive. Whatever the case, if it already exists, I will block it. McAfee IPS has a benign engine, so this may not be a target in your environment. If you just prevent attackers from using it, they will try another vulnerability. I have physical routers, but they try to make some novel vulnerabilities. This is not applicable to my environment, so when I see this alert I know it's a false positive not related to my environment. In some cases, I change the action of these alerts or attacks to block. This is what happened in one of the use cases I take advantage of from IPS. I got an alert about some attacks in my environment, regarding the SPAN port and server traffic. I saw it and I detected the source point of this attack.
The primary use is to deploy sensors. We have two use cases: to predict the anomalous behavior and to predict the normal threshold for our network.
We use it to enhance security on our EDGE network in all of our remote offices, as well as our data centers