What’s new in Trend Micro Filip Demianiuk Sales Engineer Eastern Europe 13.11.06 Agenda • Trend Micro – Cisco alliance • Enterprise Protection Strategy • Innovation – – – – – NVW Enforcer IWSA IMSA IGSA TMMS • Q&A Copyright 2006 - Trend Micro Inc. Trend Micro - Cisco Alliance Strategic importance of Cisco Alliance Copyright 2006 - Trend Micro Inc. Strategic importance of Cisco Alliance “ One of Trend Micro’s Key differentiators against Symantec and McAfee is the strength of it’s alliance with Cisco” Analyst event with Eva Chen • Cisco key priority for Trend Micro Executive Board • Opportunity for Trend to leverage the Cisco Brand • Competitive UTM Copyright 2006 - Trend Micro Inc. Complementary Security Strategies Network Security Solutions Cisco System’s Self-Defending Network Comprehensive Content Security + Trend Micro’s Enterprise Protection Strategy Innovative, complementary marriage of solutions to deliver world-class threat prevention Copyright 2006 - Trend Micro Inc. 2006 Trend-Cisco Solutions OEM to Cisco NAC Phase I ACS Cisco Incident Control System ASA CSC-SSM OfficeScan Trend Labs NAC Phase II Cisco ICS Network Virus/Worm Signature Integration TrendLabs Servers IPS, Routers, Switches ACS CSA & OfficeScan Cisco Update Server 2004 ServerProtect & Call Manager IWSS and Cisco WAE/ Content Engine IPS Devices 2005 Copyright 2006 - Trend Micro Inc. OfficeScan 2006 Enterprise Protection Strategy The Problems Facing Businesses Shifting Threat Motivation Key Issues Facing Businesses Today BUSINESS RESILIENCY & EFFICIENCY Malware Viruses Spyware Spam • Stop disruption of business systems • Mitigate impact on employee productivity CLEANUP COSTS • Prevent threat, infections, breaches • Stop them at the edge of the network OPERATIONAL COSTS • Reduce management complexity • Consolidate services • Minimize retraining and sparing Source: IDC, December 2005 #34677 “2005 worst year for breaches of computer security” -- USA Today, JanMicro ‘06 Inc. Copyright 2006 - Trend LEGAL LIABILITY • Stop inappropriate content • Enforce proper use policies Enterprise Protection Strategy Defined Intelligent Threat Protection Security policy compliance For potential threats Malicious Threats From Spreading Infected devices Copyright 2006 - Trend Micro Inc. EPS: A Complete Security Framework Customized and Comprehensive Content Security The Whole Is Better Than The Sum Of Parts Copyright 2006 - Trend Micro Inc. The Solution: Comprehensive Threat Management The Trend Micro “Package” I. TrendLabs • Enterprise-wide service and support II. Network Security Services Group III. EPS Monitor Prevent Internet Infrastructure Enforce Recover Firewall V. Multi-threat security • Antivirus • Anti-spyware • Anti-spam • Anti-phishing Gateway IV. Multi-layered security • Gateways • Email servers, • File servers • Desktops • Mobile devices Server Server The network and application security infrastructure that offers comprehensive protection throughout the network. Mobile Desktop Devices Copyright 2006 - Trend Micro Inc. Laptop Desktop The Value of EPS Pattern Deployed Cleanup Pattern released Policy deployed Cost and Effort EPS can save OPS released Cleanup Copyright 2006 - Trend Micro Inc. Innovation Trend Micro – Continuous Innovation Our #1 goal is to create value for our customers through continuous innovation Copyright 2006 - Trend Micro Inc. Innovation NVW Enforcer Introducing The Network VirusWall Enforcer Integrated, plug-and-protect NAC in a box Agent-less NAC appliance 1. 2. 3. 4. Enforces corporate security policies Stops mass-mailing network worms Performs automatic agent-less remediation Plug-and-protect deployment through web-console Enterprise Network Copyright 2006 - Trend Micro Inc. Key Product Features Precise/Granular Policy enforcement - Agent-less user scan: - # of AV product versions 100+ (20 vendors) - Microsoft vulnerabilities Yes - Registry key scan Yes Yes Network worm prevention Built-in Automatic remote remediation Multi-vendor signature revisions Yes On Demand agent support Yes Asymmetric routing (HSRP) Yes Web-based console Built-in Copyright 2006 - Trend Micro Inc. The Network VirusWall Enforcer Advantage Second generation NAC appliance Benefit: Mature and proven - - Yes Integrated NAC & worm prevention Benefit: Lower network downtime - - Yes Precise scan of security posture Benefit: Robust policy compliance Limited Yes Yes - - Yes Limited - Yes - Yes Yes Limited - Yes Automatic agent-less remediation Benefit: Works for unmanaged users Turnkey NAC solution Simpler NAC deployment Benefit: Plug-and-protect deployment Benefit: Higher IT productivity Central management console Benefit: Lower administrative burden Integrated, Plug-n-protect NAC In A Box Copyright 2006 - Trend Micro Inc. Innovation IWSA InterScan Web Security Software and Appliance Gateway Solutions – Introducing IWSA 2500 • • • IWSS 2.2 for Linux and Solaris IWSS 2.5 for Windows IWSA 2500 • • • • • • • • • • • • HTTP and FTP malware scanning Spyware and grayware scanning Anti-Phishing ICAP support LDAP Support Reporting URL Filtering* EPS-enabled Applet and ActiveX Security module (AAXS)* Transparent proxy support DCS collaboration Appliance format Copyright 2006 - Trend Micro Inc. *IWSA 2500 Enterprise Edition only Multi-layered Enterprise Anti-Spyware Strategy File Server Remote Office OfficeScan or Anti-Spyware Enterprise Ed. Damage Cleanup Services OfficeScan or Anti-Spyware Enterprise Ed. Desktop PCs Internet • • • • Gateway Server Desktop Central Management and Reporting Firewall InterScan Web Security Suite/Appliance Trend Micro Control Manager Copyright 2006 - Trend Micro Inc. OfficeScan or Any Antivirus and Anti-Spyware Anti-Spyware Enterprise Ed. Enterprise Ed. Multi-layered Enterprise Anti-Spyware Strategy File Server Remote Office OfficeScan or Anti-Spyware Enterprise Ed. Damage Cleanup Services OfficeScan or Anti-Spyware Enterprise Ed. Desktop PCs Internet • • • • Gateway Server Desktop Central Management and Reporting Firewall InterScan Web Security Suite/Appliance • First line of defense • Inbound blocking • Outbound blocking of ‘phone homes’ • Trigger agentless cleaning via DCS • URL Filtering • Applet and ActiveX Trend Micro Control Manager Copyright 2006 - Trend Micro Inc. OfficeScan or Any Antivirus and Anti-Spyware Anti-Spyware Enterprise Ed. Enterprise Ed. Enterprise Protection Strategy Defined Intelligent Threat Protection Security policy compliance For potential threats Malicious Threats From Spreading Infected devices IWSA + DCS = Prevent and Recover Copyright 2006 - Trend Micro Inc. Innovation IMSA Cost of Spam 75-90% of Email is Spam 1 2 In 2005, spam cost organizations worldwide an estimated $50 billion in lost productivity and other expenses. The US lost $17 billion in 2005 compared to only $10 billion in 2003. Spam has increased fivefold in the last couple of years, but costs have increased at a lower rate because of anti-spam tools. 2 Source: Gartner “Benchmarking Anti-Spam Effectiveness.” April 25, 2006 (Gartner customers report that 75-90% of the emails they receive are spam) 1 2 Source: Ferris The Global Economic Impact of Spam, 2005. February 2005 (Other statistics and chart) Copyright 2006 - Trend Micro Inc. Phishing Attacks Phishing affects both individuals and corporations with thousands of unique phishing threats sent out every month. 1 Email fraud makes up 4% of email in 2006 2 Companies need to protect themselves from loss of confidential information and potential liability Copyright 2006 - Trend Micro Inc. 1 Source: Anti-Phishing Working Group. Retrieved from Web site: http://www.antiphishing.org/ 2 Source: The Radicati Group, Inc. Email Security Market, 2006-2010. June 2006 (fraud 4% of email) IMSA 5000 Hardware Specs • • • • • • Intel Xeon 2.8GHZ x 2 2G Memory 3Ware SATA Raid 1 (128M Cache, BBU) 80G 7200RPM HDD x 2 (hot swappable) Hot Swappable Power x 2 Hot Swappable Fan x 2 Copyright 2006 - Trend Micro Inc. Threat Protection Summary Viruses, Worms, Trojans Spyware Spam Phishing Inappropriate Content Best-of-Breed Perimeter Security – Antivirus • Zero-Day Virus Prevention (OPS & IntelliTrap) • Anti-Spyware – Spam Prevention Solution (anti-spam, anti-phishing) • Network Reputation Services • Composite Engine Content Compliance – Email and Attachment Scanning – Regulatory Compliance & Corporate Governance Copyright 2006 - Trend Micro Inc. IntelliTrap vs. Competition IntelliTrap brings zero-day protection one step closer Best Performance—73% • Out of 23 outbreaks declared in 2005, 17 were detected by IntelliTrap’s generic pattern Best Protection at the Gateway—52% • For outbreaks spreading through the gateway, 12 were blocked (messaging related malware) Competitive Comparison Heuristic detection McAfee Symantec Sophos 11/23 : 48% 0/23 : 0% 5/23 : 22% Copyright 2006 - Trend Micro Inc. How Network Reputation Services Works Mail Abuse Prevention System RBL+ Updated per investigation 250 million entries RBL, OPS, RSS, DUL And Dynamic Reputation Reputation DNS Server DNS Query Response with Rating End-user IMSS or IMSA Internet End-user SPAM is rejected Spammer Remaining emails are scanned with TMASE Copyright 2006 - Trend Micro Inc. Mail Server Innovation TMMS Trend Micro Mobile Security 3.0 Combined AV & Firewall for Mobiles • Targeted General Availability: December 2006 (standalone) Key Competitive Differentiators – AV & Firewall – Basic IDS – Improved UI Key Features (Details) – Addition of firewall – Avoid synchronized flood attacks via firewall – Simplified registration process • Supported Operating Systems / Versions – Windows Mobile 5.0, followed by Symbian/S60 3rd Edition Copyright 2006 - Trend Micro Inc. Innovation IGSA What is a Mid-Market customer? • Limited security expertise – A few generalists -often < 5 • • • • Networks can be complex Don’t have time to become experts But still like to feel in control Need to be seen to have taken appropriate security measures • More price sensitive than Enterprise • IT owns budget and makes purchase decision Copyright 2006 - Trend Micro Inc. ? What products do they want? THEY DON’T! They want SOLUTIONS which: • • • • • Solve recognizable business problems Employ best of breed technology Are simple to buy, deploy and manage Are flexible and scaleable Help IT staff to feel in control Copyright 2006 - Trend Micro Inc. SCM – Secure Content Management Most medium businesses already have a firewall Internet cloud Firewall SCM Appliance SCM builds upon This investment Copyright 2006 - Trend Micro Inc. Protected LAN What appliances do customers need at the gateway? Seamless SCM portfolio Users 2000 Scalability Performance Separate Mail & Web IWSA IMSA 1000 600 300 200 100 Flexibility, Easy Price performance All-in-one -SCM Price sensitive All-in-one -SCM IGSA Below 100 users customers may prefer UTM Since best of breed becomes less important Copyright 2006 - Trend Micro Inc. ASA 5500 IGSA Key Features Entry-point protection for SMTP, POP3, HTTP & FTP • Transparent scanning • Antivirus – True type file recognition – IntelliTrap • Anti-spyware • Anti-phishing • Content filtering • Outbreak Prevention • • • • • Active Update Quarantine Logging Notifications Secure web-based console Copyright 2006 - Trend Micro Inc. Malware– the IGSA Solution X X X X Keep desktops & Servers free of malware Block Malware at the internet gateway Internet cloud InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. Malware & Spyware – the IGSA solution 2. Block Phone Home Attempts 1. Block Spyware at Internet Gateway X Internet cloud X InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. X 3. Clean-Up Spyware SECRET X Spam – the IGSA solution End-User Quarantine Prevents: Network Reputation Services DIRECTORY HARVEST ATTACKS X X Fewer Productivity Challenges or X mail server Internet cloud InterScan Gateway Security Appliance Heuristic Filters highly effective with reduced load Connection Dropped Before Mail is sent Reduced Storage Challenges Copyright 2006 - Trend Micro Inc. desktops Mail Content – the Solution Filter Mail leaving or entering your organisation at the internet gateway Profanity X X X Damaging X Confidential Hate Inappropriate InterScan Gateway Security Appliance Add Disclaimers – Legal Liability desktops Copyright 2006 - Trend Micro Inc. Web Content – the IGSA solution X Hate Block at Internet Gateway Allow personal access at appropriate times X InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. Operation Modes— Transparent and Fully Transparent Compared • Transparent Proxy Mode (outgoing traffic) User Request IGSA IP Address: 10.0.0.199 IP Address: 10.0.0.5 Access / Edge Router / Firewall Internet IP Address Seen on the Outside: 10.0.0.5 • Fully Transparent Mode (outgoing traffic) User Request IGSA IP Address: 10.0.0.199 IP Address: 10.0.0.5 Access / Edge Router / Firewall Copyright 2006 - Trend Micro Inc. Internet IP Address Seen on the Outside: 10.0.0.199 IGSA Integration— One Firewall without a DMZ Firewall Switch/Hub POP3 Clients Internet FTP Clients Web (HTTP) Clients IGSA Corporate LAN SMTP Email Server Copyright 2006 - Trend Micro Inc. IGSA Integration— Two Firewalls with a DMZ POP3 Clients Internet FTP Clients External Firewall Internal Firewall SMTP Relay (optional) DMZ Copyright 2006 - Trend Micro Inc. Web (HTTP) Clients Corporate LAN SMTP Email Server IGSA Global pricing model Pricing and licensing: – IGSA Hardware replacement – IGSA 100 users * – IGSA 200 users * – IGSA 300 users * – IGSA 600 users * – IGSA 800 users * – IGSA 1000 users * * Includes hardware and software license with all functionality enabled so NRS, URL etc. become differentiators rather than optional addons. Hardware Warranty is included in 1st year price. Copyright 2006 - Trend Micro Inc. Q&A and Thank You!