Trellix Endpoint Security (HX)

Trellix Endpoint Security (HX) detects and protects against unknown endpoint threats and exploits with integrated threat intelligence.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Devices
• Networks

Parameters

1. Trellix Endpoint Security Domain (required) - The hostname or IP Address of the Trellix Endpoint Security management server.
2. Port (optional, default: 3000) - The port used for the connection.
3. User Name and Password (required) - To submit API requests to Trellix Endpoint Security from Axonius, you need a valid user account on Trellix Endpoint Security associated with the api_admin or api_analyst role.

📘

Note

For more details on creating a user account, see the "Trellix Endpoint Security System Administration Guide" in the Trellix Documentation Portal. For more details on the user roles, see the "HX Series REST API Guide".

4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
5. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.

1. Avoid AWS duplications - Select this option to avoid returning duplicate AWS machines when using the scroll API.
2. Fetch Network Assets - Select this option to fetch network assets.
3. Enrich Devices with SysInfo - Select this option to enrich devices with sysinfo data.

📘

Note

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.