Skip to main content

Trellix: Email Security - Cloud (ETP) 2025.5 Upgrade Announcement for Commercial and Gov Instances

Updated

Trellix Email Security - Cloud (ETP) Commercial US, EU, CAN, APJ, and Gov instances will be upgraded to Release 2025.5 beginning on December 1, 2025 at 07:00 UTC and completing on December 19, 2025 at 10:00 UTC.

Note: This upgrade does not require any service or portal downtime.

Enhancements and updates included in Email Security - Cloud 2025.5: 

  • Strengthened security and compliance
    • Simplified DMARC management and visibility: DMARC is essential for preventing spoofing, but managing the reporting can be tedious. We have introduced features to streamline this process:
      • Aggregate reporting: Email Security - Cloud is now equipped with the ability to generate DMARC RUA reports to the sending domain. Administrators can enable this feature through message analyses policies associated with a domain configured as a first hop.
         
      • Visualized insights: The system now automatically processes incoming DMARC RUAreports from third-party vendors. Instead of parsing raw data, you can view clear, human-readable statistics on DKIM, SPF, and DMARC pass/fail rates directly in the UI to quickly assess your authentication posture.
         
    • Expanded data protection with Trellix Data Loss Prevention (DLP) - SaaS: Now generally available, you can utilize DLP to enforce security policies on outbound email data.

      Note: This feature is currently available in US/EU commercial regions and is not yet available in CAC, APJ, or Gov regions.
       
  • Optimized workflow and user experience
    • Empowerment of users with secure file handling: We have reduced the administrative burden associated with password-protected attachments.
      • Self-service remediation: Both administrators and end users can now submit passwords to trigger a rescan of messages quarantined due to the password archive extraction failure riskware policy.
         
      • Intelligent routing: When an end user initiates a rescan, the message is "forked"—the release applies only to the requesting user, ensuring security controls remain intact for other recipients.
         
      • Real-time alerts: Users can receive immediate notifications when an email requires a password for rescan, speeding up access to legitimate business documents.
         
    • Phishing Simulator 
      • ​​​Delivery status: The Phishing Simulator Report now allows administrators to review the email delivery status along with the response message. 
         
      • Immediate execution: Administrators can now trigger an immediate execution of a campaign without scheduling future execution.
         
  • Enhanced infrastructure and visibility
    • Modernized network configurations: To ensure seamless integration with modern network architectures, this release introduces IPv6 support for trace and alert rsyslog.
      • Expanded protocol support: Trace and alert rsyslog now support log delivery over IPv6. Review the admin guide for the list of updated source addresses to accept in your ingress device.
         
      • Resilient logging: The Web UI now captures your protocol preference for rsyslog host configurations. The transport layer prioritizes your selected protocol (IPv6 or IPv4) and includes an automatic fallback to IPv4 to ensure connection stability.
         
    • Visibility into system notifications: We have enhanced the Email Trace functionality to include system-generated emails. You can now track the delivery of email digests and alert notifications directly to your inbox, eliminating guesswork when troubleshooting missing reports.



Note: To receive information about product updates, sign up for the Support Notification Service.
For instructions, see the Thrive Portal User Guide and navigate to Profile and Settings > My Settings > Manage Support Notification Services (SNS) subscription preferences.

Powered by Zendesk