This notice is an addition / update to the recent SNS Notice #28104: Trellix Email Security - Cloud 2026.1: Commercial and Gov Instances.
Trellix Email Security - Cloud Commercial US, EU, CAN, and APJ instances will be upgraded to Release 2026.1 beginning on March 9, 2026 at 07:00 UTC and completing on March 31, 2026 at 10:00 UTC.
Please note that we will be performing a database upgrade to ensure the continued performance and reliability of our systems. The portal will remain fully operational, but email scanning and delivery may experience delays during the windows mentioned below:
| Region | Date (Sat / Sun) | Database Upgrade Window |
|---|---|---|
| CA | March 14, 2026 | 15:10–15:30 UTC |
| APJ | March 15, 2026 | 15:10–15:30 UTC |
| EU | March 21, 2026 | 23:10–23:50 UTC |
| US | March 22, 2026 | 07:10–07:50 UTC |
Enhancements and updates included in Email Security – Cloud 2026.1
This release introduces a modernized dashboard experience, deeper reporting capabilities, and streamlined administrative tools designed to help you stay ahead of evolving threats while reducing manual overhead.
-
Maximize visibility with the new dashboard platform (Beta)
Gain a centralized, high-fidelity perspective on your security posture with our updated dashboard platform. Designed for the modern analyst, this flexible interface allows you to tailor your view to the metrics that matter most to your specific workflows.
Note: This feature is currently in Beta, allowing you to explore the new interface as we continue to refine the experience.-
Customizable layouts: Build a workspace that fits your needs by adding, deleting, renaming, or rearranging widgets.
-
System dashboards: Access pre-configured views for Email Insights, Threat Management, and Executive Overviews.
-
Collaborative intelligence: Create private dashboards for individual investigations or publish and share custom views with your team to ensure everyone is aligned on key threat data.
-
Advanced filtering: Apply and save specific views to quickly pivot between different data sets.
-
Customizable layouts: Build a workspace that fits your needs by adding, deleting, renaming, or rearranging widgets.
-
Strengthen domain defense and reporting
We have enhanced our DMARC and campaign tracking tools to provide the granular data necessary for comprehensive domain protection.-
Enhanced DMARC management
-
Detailed domain auditing: View email records directly in a new table format on the Domain Details page.
-
Seamless data export: Export domain details—either individually or in bulk—to a CSV file for external analysis.
-
XML access: Download or view raw XML files for specific domain records directly from the Reporter column.
-
Detailed domain auditing: View email records directly in a new table format on the Domain Details page.
-
Summary for email campaigns: The Email Campaigns interface has been enhanced to display multiple associated URLs and attachments for each campaign. Additionally, campaign summary and email screenshots have been introduced to provide deeper contextual insights.
-
Enhanced DMARC management
-
Optimize administrative and compliance workflows
New automation and validation features help your team manage high-volume tasks with greater speed and accuracy.-
Queue notifications via webhooks: You can now integrate third-party chat applications like Slack, Microsoft Teams, or Google Chat to receive real-time notifications for queue threshold alerts. This provides a faster alternative to existing email notifications, ensuring you stay informed even during periods of MTA congestion.
-
Streamlined inactive user management: Maintain a clean security environment by syncing with Trellix IAM. Administrators can now trigger a sync to automatically identify and delete inactive users and client credentials.
-
Refined quarantine and Data Loss Prevention (DLP) reporting
-
DLP visibility: Toggle reporting for emails with DLP violations directly within End User Features.
-
Template management: Introduce dedicated templates for DLP Violation Notifications. The existing Instant Notification Template has been renamed to Encrypted Attachment Notification Template.
-
DLP visibility: Toggle reporting for emails with DLP violations directly within End User Features.
-
Phishing simulator validation: Ensure campaign accuracy with new logic that validates business start and end times, preventing scheduling errors in your simulation exercises.
-
Improved product understanding and capability usage with Pendo: Pendo is a product experience platform that helps us share valuable product information and capability guides with our users directly in the product to optimize learning and customer ROI. With Pendo, users gain immediate insight into new features, benefits, and how to use them. It also allows Trellix to better understand user experiences so we can prioritize high-value improvements and provide better in-app guidance.
Data Privacy notice: Pendo’s data collection is used strictly to analyze interactions and feature engagement. Telemetry data is collected in compliance with global privacy regulations including SOC2, GDPR, CCPA, and HIPAA.
Action required: Firewall configuration
To ensure uninterrupted access to these improvements and in-app support features, ensure your corporate firewall allows traffic to the following domains:
-
Queue notifications via webhooks: You can now integrate third-party chat applications like Slack, Microsoft Teams, or Google Chat to receive real-time notifications for queue threshold alerts. This provides a faster alternative to existing email notifications, ensuring you stay informed even during periods of MTA congestion.
- Customer bug fixes
Note: To receive information about product updates, sign up for the Support Notification Service.
For instructions, see the Thrive Portal User Guide and navigate to Profile and Settings > My Settings > Manage Support Notification Services (SNS) subscription preferences.