Trellix Extends its Virtual Intrusion Prevention (vIPS) System with AWS Gateway Load Balancer

By Martha Vazquez · September 12, 2023

Expanding Scalability and Availability with Trellix Virtual Intrusion Prevention System (vIPS) with AWS Gateway Load Balancer

In today's digital landscape, ensuring the security and scalability of your online infrastructure is paramount. As businesses expand their digital presence, the need for robust security measures and seamless scalability becomes more critical. Trellix is excited to introduce an enhanced Virtual IPS 11.1.x integration with AWS Gateway Load Balancer (GWLB) to help customers with the ease of deployment and simple operation. This advancement will effectively address any difficulties customers were having with the existing probe- based IPS solution deployment with different Operation Systems (OS) types.

In this blog post, we'll explore how the integration of Trellix vIPS with GWLB can bolster customers’ infrastructure's capabilities, making it easier to deploy highly available, and capable of handling fluctuating traffic loads.

About AWS Gateway Load Balancer

AWS Gateway Load Balancer provides an essential tool for distributing incoming traffic across multiple targets, enhancing the availability and fault tolerance of your applications. It is a service that makes it easy and cost-effective to deploy, scale, and manage the availability of third-party virtual appliances such as firewalls, intrusion detection and prevention systems, and deep packet inspection systems in the cloud. Partners such as Trellix can offer their virtual appliances to AWS customers without having to solve the complex problems of scale.

Trellix vIPS

For over two decades, Trellix IPS has maintained its position as a prominent network IPS security solution within customer networks. Adapting to the evolving technological landscape, Trellix IPS has consistently reimagined itself to remain at the forefront of the market. With comprehensive signature protection encompassing a wide range of protocols and a leading-edge malware defense system, Trellix IPS continues to excel.

As the trend shifts toward utilizing public cloud infrastructures for management purposes, there has been a growing demand for Trellix IPS to extend its capabilities to the cloud environment. In response, Trellix collaborated with AWS to develop a probe-based solution, since technology constraints prevented the direct insertion of IPS into the traffic path for protection. However, this approach presented challenges. Customers found themselves managing endpoints to install the IPS probe, which sometimes posed difficulties, particularly when the network security team lacked control over these endpoints. Furthermore, the probe's CPU consumption on endpoints added complexity to management processes.

Recognizing these challenges, Trellix is excited to announce a more streamlined and efficient solution that overcomes these limitations, allowing you to seamlessly integrate Trellix vIPS into your cloud-based infrastructure while mitigating the issues associated with traditional probe-based deployments.

How Trellix vIPS works together with AWS Gateway Load Balancer

GWLB technology integrates with third party appliances for network traffic inspection, providing scalable and highly available solution to customer. Trellix vIPS supports effortless deployment for individual Virtual Private Clouds (VPCs) as well as the multi-VPC protection approach offered by the GWLB architecture. Leveraging its unique capabilities, Trellix vIPS combines its IVX dynamic analysis engine to provide signatureless (sandbox detonation) detection and behavioral analysis. This comprehensive approach ensures a higher level of security and threat mitigation for our customers. The combined integration with AWS Gateway Load Balancer means Trellix vIPS is easier to deploy, has higher availability, and scales up and down automatically as traffic changes.

Benefits included in this new release:

• Easier deployment and operations management
• Zero-day threat detection in AWS cloud environment using IVX integration.
• This integration makes IPS independent of instance OS, CPU and network bandwidth.

Benefits of integrating Trellix vIPS with GWLB are:

• Superior Detection
1. Signatureless detection (sandbox detonation) and behavioral malware detection to catch unknown exploits.
2. Real-time signature-based intrusion prevention to stop initial reconnaissance.
3. Proprietary / Custom Signatures
4. Virtual patching capability to protect unpatched systems.
• Reduced Operational Complexity
1. Reduce complexity of deployment and management.
2. Ease of deployment and management
3. High availability Manager (MDR) and Sensor (auto-scaling).
4. High-precision verdicts for reduced alert fatigue.
5. Unified policies across all networks.
• High Performance
1. Throughput of up to 1Gbps per Sensor; unlimited Sensors.
2. Automatic scale-in and scale-out to adapt to elastic workloads.

Migrating to the cloud has never been so easy to do! Discover Trellix in the AWS Marketplace today and see how you can leverage the power of Trellix and AWS together. Contact us at AWS@Trellix.com for a hands-on demo or to learn more.