network-security_whats_new_global 1

SNI support for TLS: You can now use SNI to support up to 30 certificates for TLS inspection in AWS. Enable using the API. Appliance version number of 2023.4.0.12159 or higher is required. Learn more.

network-security_whats_new_global 2

Create new Cloud One accounts: Network Security is now integrated with Cloud One Cloud Account Management, which allows you to use a single Cloud Account connection across the Cloud One platform. Learn more.

network-security_whats_new_global 3

New deployment routing script: Network Security now provides a script that enables you to make route changes using AWS CloudShell for Network Security with hosted infrastructure deployments. This script provides step-by-step instructions to create the required route tables for hosted infrastructure deployments in your particular AWS environment. Learn more.

network-security_whats_new_global 4

New regions available for deployment: You can now deploy Network Security with hosted infrastructure deployments in several new AWS regions in Europe and Canada. View all supported regions.

network-security_whats_new_global 5

Domain filtering support: Domain filtering is now supported on deployments using Network Security with hosted infrastructure. Learn more about domain filtering.

network-security_whats_new_global 6

Network Security with hosted infrastructure: You can now deploy Network Security with hosted infrastructure to monitor traffic and assess threats in your environment. The streamlined, 2-step deployment process gives you the same advanced network protection without having to manage security infrastructure. Learn more about the capabilities and benefits of deploying Network Security with hosted infrastructure.

network-security_whats_new_global 7

Enhanced Interactive demo experience: Network Security's Interactive demo experience now includes detailed walkthroughs of threat assessment features, to help you learn how to protect your cloud environment from threats such as log4j.

network-security_whats_new_global 8

Zero Day Initiative (ZDI) predisclosure filters now included in all Network Security deployments (version 2022.3.0.11400 and later): ZDI predisclosure filters identify vulnerabilities within a product or application that have not yet been patched by the vendor. By restricting the information they contain, predisclosure filters preemptively defend your network from attacks against these vulnerabilities until the vendor develops a patch. After a patch is available, the filters are fully disclosed and include more details about the vulnerability. Learn More about the components of filters included in your Digital Vaccine security package.

network-security_whats_new_global 9

Verify status of internet-facing assets: Network Security can now provide updates on the status of AWS assets located behind internet-facing Application Load Balancers (ALBs). The posture assessment summary dashboard now includes information about the protection status of these assets helping you comply with PCI 11.4 standards. Learn More.

network-security_whats_new_global 10

Determine your network's posture against the latest threats: You can now view the status of your network policy's current defense posture and learn which recommended actions to take to be protected. Learn more about Emerging Threats.

network-security_whats_new_global 11

Enhancements to geolocation filtering: Network Security geolocation filtering can now block and report traffic for XFF IP addresses when your Network Security virtual appliance is behind an AWS Application Load Balancer (ALB) in your cloud network. Learn more about geolocation filtering.

network-security_whats_new_global 12

Network Security is making a scheduled maintenance update on March 1st, 2022, between 19:00 and 23:00 (UTC). This update might temporarily cause API error messages to display during the update. Traffic inspection is not affected by this scheduled maintenance.

network-security_whats_new_global 13

Verify network asset prerequisites: You can now automatically verify that all of the prerequisites required for deployment are met before you deploy using the Get Started wizard. Learn more.

network-security_whats_new_global 14

Network Security virtual appliance version 2022.1.0.11311 includes important security and performance enhancements.

network-security_whats_new_global 15

Protect your network from the latest threats: Select Policy > Emerging Threats for up-to-date information on ongoing threats to your environment and for best practices you can take to protect your network from them. Learn more.

network-security_whats_new_global 16

Put Network Security to the test: Network Security now offers the option to try out features, such as malware blocking and vulnerability shielding, in a free dedicated test environment. With this Interactive demo, Trend Micro creates an environment in AWS to test out simulated attacks. Learn more.

network-security_whats_new_global 17

Insights into the countries and regions that most threaten your network: Network Security's Threat Insights now display the top five regions or countries that generate the most traffic events in your network. This insight enables you to refine your geolocation filtering policy. Learn more.

network-security_whats_new_global 18

Select availability zones to protect: When deploying Network Security using the Get Started wizard, you can now select which availability zones you want to protect with Network Security virtual appliances. You can also use the APIs to select the availability zones. Learn more.

network-security_whats_new_global 19

Appliance health monitoring and notifications: With an Amazon Simple Notification Service (SNS) subscription, AWS users can configure Network Security to send notifications to their Amazon SNS topic when their tenants or appliances have health issues. Learn more.

network-security_whats_new_global 20

Network Security virtual appliance version 2021.11.0.11235 includes important security and performance enhancements.

network-security_whats_new_global 21

Deploy in Azure with Gateway Load Balancer: A new deployment option that leverages Azure Gateway Load Balancer is now generally available from Azure Marketplace. With this Gateway Load Balancer offering, you can inspect inbound and outbound traffic with minimal changes to your existing network infrastructure. Learn more.

network-security_whats_new_global 22

Security posture assessment: When deploying Network Security using the Get Started wizard, you can now view an assessment of your security posture to better assess your security needs. This visual evaluation shows you how Network Security can optimize and protect your assets. Learn more.

network-security_whats_new_global 23

CloudFormation stack creation support: You can now send your Cloud Formation stack event logs directly to Trend Micro for further analysis and troubleshooting by our team of experts. Learn more.

network-security_whats_new_global 24

Troubleshooting report improvements: Sending a troubleshooting report to us is now easier. You can now generate and send a report from your appliance without creating an S3 bucket. Learn more.

network-security_whats_new_global 25

Network Security virtual appliance version 2021.10.0.11218 includes important security and performance enhancements.

network-security_whats_new_global 26

Security event sharing: Threat Insights provides visibility into the security events of your appliances by compiling statistics from those events and sharing them with Nework Security. Learn more.

network-security_whats_new_global 27

TLS inspection now supports more than one appliance and proxy: You can now configure multiple appliances and proxy servers for TLS inspection. Learn more.

network-security_whats_new_global 28

Updates to domain filtering to facilitate PCI compliance: To comply with the PCI requirement for restricting outbound traffic, domain filtering on Network Security appliances beginning with version 2021.9.0.11188 will only enforce policies in the outbound direction, egress to the internet. For appliances running earlier software versions, you can still configure inbound filtering policies. Learn more.

network-security_whats_new_global 29

Try out Network Security: Experience how your virtual appliance blocks inbound and outbound attacks in real-time with our quick trial. Learn more.

network-security_whats_new_global 30

PCI DSS compliance with Network Security: Network Security can help you meet your PCI DSS requirements. Learn how by reviewing the new checklist to guide you through the process.

network-security_whats_new_global 31

Upgrade to resolve a memory issue on Azure appliances: Appliance version 2021.8.0.11160 is now publicly available for both AWS and Azure platforms. Trend Micro recommends Azure customers upgrade to this version as soon as possible to avoid a memory issue that will result in a disruption of service and a reboot of your appliance. This version corrects the memory issue and provides the best performance. Learn more about how to upgrade.

network-security_whats_new_global 32

Upgrade your appliance: Network Security virtual appliances can now be upgraded to the latest available version, 2021.4.1 or higher for AWS or 2021.3 or higher for Azure. Learn more.

network-security_whats_new_global 33

Cloudwatch support for TLS logs: TLS inspection on AWS platforms can now stream its logs to customer CloudWatch accounts. Learn more.

network-security_whats_new_global 34

TLS inspection public release: Network Security now offers TLS inspection as a generally available security option for both AWS and Azure platforms. Learn more.

network-security_whats_new_global 35

Enhancements to appliances page: Appliances on the appliances page are now organized by their scaling group. You can change the inspection state and distribute policies for all appliances in a group at the same time. Learn more.

network-security_whats_new_global 36

TLS inspection configuration enhancements: TLS inspection for Network Security is now available on the Azure platform with appliance version 2021.7.0.11129. In addition, users with servers running behind a load balancer can now configure a subnet (CIDR). Learn more.

network-security_whats_new_global 37

Filter searching enhancements: Filter searching enhancements enable you to further refine your compound query expressions according to whether the filter was released or modified within a date range that you specify. Learn more.

network-security_whats_new_global 38

Protectable assets: A more detailed list of which assets can be or are currently protected by Network Security is now generally available. Azure assets are not yet supported. Learn more.

network-security_whats_new_global 39

Azure high availability enhancement: A Scale Set VM deployment enhancement now uses Azure native recovery to automatically restart a Network Security virtual appliance if it fails. Learn more.

network-security_whats_new_global 40

Filter searching enhancements: Filter searching enhancements enable you to further refine your compound query expressions according to the latest active threats and when the filter was released or modified. Learn more.

network-security_whats_new_global 41

High availability enhancement: A preview version of fail open high availability was added to the AWS deployment to inspect inbound internet traffic with Gateway Load Balancer. Learn more.

network-security_whats_new_global 42

Free tier offering: Network Security now offers 10GB of free traffic inspection each month with Pay as You Go billing. With this free tier offering, you can get started with Network Security at no charge. Learn more.

network-security_whats_new_global 43

Azure public release: Network Security for Azure is now a generally available public offering on Azure Marketplace. Learn more about deploying Network Security in Azure.

network-security_whats_new_global 44

Apply the same configuration changes to multiple filters: You can use the GUI and APIs to apply specific filter policy overrides to as many as 100 filters at one time. Learn more.

network-security_whats_new_global 45

Filter searching enhancements: Filter searching enhancements enable you to further refine your compound query expressions according to filter name, protocol, description, and severity. Learn more.

network-security_whats_new_global 46

Custom ports for fully qualified domain name (FQDN) exceptions: You can specify as many as 20 associated ports to the fully qualified domain names in your Domain Filtering exceptions list. Learn more.

network-security_whats_new_global 47

Gateway Load Balancer: The deployment options using a Gateway Load Balancer are now generally available. Learn more about deploying Gateway Load Balancer for Network Security in AWS.

network-security_whats_new_global 48

Protectable assets: A more detailed list of which assets can be or are currently protected by Network Security is available from the Network → Assets page. Azure assets are not yet supported. To request access for this feature, contact us.

network-security_whats_new_global 49

Gateway Load Balancer: A preview version of deployment options using a Gateway Load Balancer are now available. The Gateway Load Balancer service allows you to deploy and manage Network Security virtual appliances seamlessly in a centralized environment. Virtual appliance version 2021.4.1.11004 is required for this feature. Learn more about these preview deployment options.

network-security_whats_new_global 50

Network Security virtual appliance version 2021.4.1.11004 includes important security and performance enhancements.

network-security_whats_new_global 51

Filter searching enhancements: API and UI enhancements to filter searching enable you to build a compound query expression to narrow down your search results according to multiple criteria. Learn more.

network-security_whats_new_global 52

Domain filtering: Enhancements to FQDN are included in this release and this feature has been re-enabled. You can now create and manage a list of fully qualified domain names (FQDNs) with defined access to your environment from the Network Security interface. To use domain filtering, you must deploy version 2021.4.0.10991 of the appliance. Learn more.

network-security_whats_new_global 53

Filter searching enhancements: Enhancements to filter searches are now available and include partial-match results for filter name, filter number, description, platform, severity, CVE, and category searches. This enables you to search for a single word in a sentence or phrase. Learn more.

network-security_whats_new_global 54

New instance type: A new, smaller and cost-optimized instance type, c5.xlarge, is now available for AWS deployments. Learn more.

network-security_whats_new_global 55

TLS inspection: A preview version of TLS inspection for Network Security is now available with appliance version 2021.3.0.10968. TLS inspection provides secure web server traffic inspection and insight into your network activity without compromising cryptographic security. To access this preview feature and help shape the future of this capability for Network Security, click Request Access. Learn more about TLS inspection.

network-security_whats_new_global 56

Filter searches: Filter searches now include exact-match results for platform, protocol, and category searches. You can also narrow your results by enclosing multi-word searches in quotes for exact-match results. Learn more about these enhancements.

network-security_whats_new_global 57

Domain filtering: With appliance version 2021.1.0.10892 you can use APIs to create and manage a list of fully qualified domain names (FQDNs) that have permitted access to your environment. Learn more about using these FQDN APIs.

network-security_whats_new_global 58

Network Security for Azure is now generally available. Learn more about deploying Network Security on Azure.

network-security_whats_new_global 59

Network Security virtual appliance version 2020.13.0.10810 includes important security and performance enhancements.

network-security_whats_new_global 60

AWS Network Firewall: Enables you to pair Network Security’s industry-leading threat intelligence with your AWS-managed network infrastructure to detect and disrupt common network-based threats. Learn more.

network-security_whats_new_global 61

Geolocation Filtering: Provides the ability to block incoming and outgoing IPv4 requests according to countries or regions. Learn more.

network-security_whats_new_global 62

Vendor-provided cost allocation tags: A Network Security cost allocation tag that presents more detailed information about the various costs in your AWS environment. Learn more.