InterScan VirusWall 6.0
advertisement
What’s new in Trend Micro Filip Demianiuk Sales Engineer Eastern Europe 13.11.06 Agenda • Trend Micro – Cisco alliance • Enterprise Protection Strategy • Innovation – – – – – NVW Enforcer IWSA IMSA IGSA TMMS • Q&A Copyright 2006 - Trend Micro Inc. Trend Micro - Cisco Alliance Strategic importance of Cisco Alliance Copyright 2006 - Trend Micro Inc. Strategic importance of Cisco Alliance “ One of Trend Micro’s Key differentiators against Symantec and McAfee is the strength of it’s alliance with Cisco” Analyst event with Eva Chen • Cisco key priority for Trend Micro Executive Board • Opportunity for Trend to leverage the Cisco Brand • Competitive UTM Copyright 2006 - Trend Micro Inc. Complementary Security Strategies Network Security Solutions Cisco System’s Self-Defending Network Comprehensive Content Security + Trend Micro’s Enterprise Protection Strategy Innovative, complementary marriage of solutions to deliver world-class threat prevention Copyright 2006 - Trend Micro Inc. 2006 Trend-Cisco Solutions OEM to Cisco NAC Phase I ACS Cisco Incident Control System ASA CSC-SSM OfficeScan Trend Labs NAC Phase II Cisco ICS Network Virus/Worm Signature Integration TrendLabs Servers IPS, Routers, Switches ACS CSA & OfficeScan Cisco Update Server 2004 ServerProtect & Call Manager IWSS and Cisco WAE/ Content Engine IPS Devices 2005 Copyright 2006 - Trend Micro Inc. OfficeScan 2006 Enterprise Protection Strategy The Problems Facing Businesses Shifting Threat Motivation Key Issues Facing Businesses Today BUSINESS RESILIENCY & EFFICIENCY Malware Viruses Spyware Spam • Stop disruption of business systems • Mitigate impact on employee productivity CLEANUP COSTS • Prevent threat, infections, breaches • Stop them at the edge of the network OPERATIONAL COSTS • Reduce management complexity • Consolidate services • Minimize retraining and sparing Source: IDC, December 2005 #34677 “2005 worst year for breaches of computer security” -- USA Today, JanMicro ‘06 Inc. Copyright 2006 - Trend LEGAL LIABILITY • Stop inappropriate content • Enforce proper use policies Enterprise Protection Strategy Defined Intelligent Threat Protection Security policy compliance For potential threats Malicious Threats From Spreading Infected devices Copyright 2006 - Trend Micro Inc. EPS: A Complete Security Framework Customized and Comprehensive Content Security The Whole Is Better Than The Sum Of Parts Copyright 2006 - Trend Micro Inc. The Solution: Comprehensive Threat Management The Trend Micro “Package” I. TrendLabs • Enterprise-wide service and support II. Network Security Services Group III. EPS Monitor Prevent Internet Infrastructure Enforce Recover Firewall V. Multi-threat security • Antivirus • Anti-spyware • Anti-spam • Anti-phishing Gateway IV. Multi-layered security • Gateways • Email servers, • File servers • Desktops • Mobile devices Server Server The network and application security infrastructure that offers comprehensive protection throughout the network. Mobile Desktop Devices Copyright 2006 - Trend Micro Inc. Laptop Desktop The Value of EPS Pattern Deployed Cleanup Pattern released Policy deployed Cost and Effort EPS can save OPS released Cleanup Copyright 2006 - Trend Micro Inc. Innovation Trend Micro – Continuous Innovation Our #1 goal is to create value for our customers through continuous innovation Copyright 2006 - Trend Micro Inc. Innovation NVW Enforcer Introducing The Network VirusWall Enforcer Integrated, plug-and-protect NAC in a box Agent-less NAC appliance 1. 2. 3. 4. Enforces corporate security policies Stops mass-mailing network worms Performs automatic agent-less remediation Plug-and-protect deployment through web-console Enterprise Network Copyright 2006 - Trend Micro Inc. Key Product Features Precise/Granular Policy enforcement - Agent-less user scan: - # of AV product versions 100+ (20 vendors) - Microsoft vulnerabilities Yes - Registry key scan Yes Yes Network worm prevention Built-in Automatic remote remediation Multi-vendor signature revisions Yes On Demand agent support Yes Asymmetric routing (HSRP) Yes Web-based console Built-in Copyright 2006 - Trend Micro Inc. The Network VirusWall Enforcer Advantage Second generation NAC appliance Benefit: Mature and proven - - Yes Integrated NAC & worm prevention Benefit: Lower network downtime - - Yes Precise scan of security posture Benefit: Robust policy compliance Limited Yes Yes - - Yes Limited - Yes - Yes Yes Limited - Yes Automatic agent-less remediation Benefit: Works for unmanaged users Turnkey NAC solution Simpler NAC deployment Benefit: Plug-and-protect deployment Benefit: Higher IT productivity Central management console Benefit: Lower administrative burden Integrated, Plug-n-protect NAC In A Box Copyright 2006 - Trend Micro Inc. Innovation IWSA InterScan Web Security Software and Appliance Gateway Solutions – Introducing IWSA 2500 • • • IWSS 2.2 for Linux and Solaris IWSS 2.5 for Windows IWSA 2500 • • • • • • • • • • • • HTTP and FTP malware scanning Spyware and grayware scanning Anti-Phishing ICAP support LDAP Support Reporting URL Filtering* EPS-enabled Applet and ActiveX Security module (AAXS)* Transparent proxy support DCS collaboration Appliance format Copyright 2006 - Trend Micro Inc. *IWSA 2500 Enterprise Edition only Multi-layered Enterprise Anti-Spyware Strategy File Server Remote Office OfficeScan or Anti-Spyware Enterprise Ed. Damage Cleanup Services OfficeScan or Anti-Spyware Enterprise Ed. Desktop PCs Internet • • • • Gateway Server Desktop Central Management and Reporting Firewall InterScan Web Security Suite/Appliance Trend Micro Control Manager Copyright 2006 - Trend Micro Inc. OfficeScan or Any Antivirus and Anti-Spyware Anti-Spyware Enterprise Ed. Enterprise Ed. Multi-layered Enterprise Anti-Spyware Strategy File Server Remote Office OfficeScan or Anti-Spyware Enterprise Ed. Damage Cleanup Services OfficeScan or Anti-Spyware Enterprise Ed. Desktop PCs Internet • • • • Gateway Server Desktop Central Management and Reporting Firewall InterScan Web Security Suite/Appliance • First line of defense • Inbound blocking • Outbound blocking of ‘phone homes’ • Trigger agentless cleaning via DCS • URL Filtering • Applet and ActiveX Trend Micro Control Manager Copyright 2006 - Trend Micro Inc. OfficeScan or Any Antivirus and Anti-Spyware Anti-Spyware Enterprise Ed. Enterprise Ed. Enterprise Protection Strategy Defined Intelligent Threat Protection Security policy compliance For potential threats Malicious Threats From Spreading Infected devices IWSA + DCS = Prevent and Recover Copyright 2006 - Trend Micro Inc. Innovation IMSA Cost of Spam 75-90% of Email is Spam 1 2 In 2005, spam cost organizations worldwide an estimated $50 billion in lost productivity and other expenses. The US lost $17 billion in 2005 compared to only $10 billion in 2003. Spam has increased fivefold in the last couple of years, but costs have increased at a lower rate because of anti-spam tools. 2 Source: Gartner “Benchmarking Anti-Spam Effectiveness.” April 25, 2006 (Gartner customers report that 75-90% of the emails they receive are spam) 1 2 Source: Ferris The Global Economic Impact of Spam, 2005. February 2005 (Other statistics and chart) Copyright 2006 - Trend Micro Inc. Phishing Attacks Phishing affects both individuals and corporations with thousands of unique phishing threats sent out every month. 1 Email fraud makes up 4% of email in 2006 2 Companies need to protect themselves from loss of confidential information and potential liability Copyright 2006 - Trend Micro Inc. 1 Source: Anti-Phishing Working Group. Retrieved from Web site: http://www.antiphishing.org/ 2 Source: The Radicati Group, Inc. Email Security Market, 2006-2010. June 2006 (fraud 4% of email) IMSA 5000 Hardware Specs • • • • • • Intel Xeon 2.8GHZ x 2 2G Memory 3Ware SATA Raid 1 (128M Cache, BBU) 80G 7200RPM HDD x 2 (hot swappable) Hot Swappable Power x 2 Hot Swappable Fan x 2 Copyright 2006 - Trend Micro Inc. Threat Protection Summary Viruses, Worms, Trojans Spyware Spam Phishing Inappropriate Content Best-of-Breed Perimeter Security – Antivirus • Zero-Day Virus Prevention (OPS & IntelliTrap) • Anti-Spyware – Spam Prevention Solution (anti-spam, anti-phishing) • Network Reputation Services • Composite Engine Content Compliance – Email and Attachment Scanning – Regulatory Compliance & Corporate Governance Copyright 2006 - Trend Micro Inc. IntelliTrap vs. Competition IntelliTrap brings zero-day protection one step closer Best Performance—73% • Out of 23 outbreaks declared in 2005, 17 were detected by IntelliTrap’s generic pattern Best Protection at the Gateway—52% • For outbreaks spreading through the gateway, 12 were blocked (messaging related malware) Competitive Comparison Heuristic detection McAfee Symantec Sophos 11/23 : 48% 0/23 : 0% 5/23 : 22% Copyright 2006 - Trend Micro Inc. How Network Reputation Services Works Mail Abuse Prevention System RBL+ Updated per investigation 250 million entries RBL, OPS, RSS, DUL And Dynamic Reputation Reputation DNS Server DNS Query Response with Rating End-user IMSS or IMSA Internet End-user SPAM is rejected Spammer Remaining emails are scanned with TMASE Copyright 2006 - Trend Micro Inc. Mail Server Innovation TMMS Trend Micro Mobile Security 3.0 Combined AV & Firewall for Mobiles • Targeted General Availability: December 2006 (standalone) Key Competitive Differentiators – AV & Firewall – Basic IDS – Improved UI Key Features (Details) – Addition of firewall – Avoid synchronized flood attacks via firewall – Simplified registration process • Supported Operating Systems / Versions – Windows Mobile 5.0, followed by Symbian/S60 3rd Edition Copyright 2006 - Trend Micro Inc. Innovation IGSA What is a Mid-Market customer? • Limited security expertise – A few generalists -often < 5 • • • • Networks can be complex Don’t have time to become experts But still like to feel in control Need to be seen to have taken appropriate security measures • More price sensitive than Enterprise • IT owns budget and makes purchase decision Copyright 2006 - Trend Micro Inc. ? What products do they want? THEY DON’T! They want SOLUTIONS which: • • • • • Solve recognizable business problems Employ best of breed technology Are simple to buy, deploy and manage Are flexible and scaleable Help IT staff to feel in control Copyright 2006 - Trend Micro Inc. SCM – Secure Content Management Most medium businesses already have a firewall Internet cloud Firewall SCM Appliance SCM builds upon This investment Copyright 2006 - Trend Micro Inc. Protected LAN What appliances do customers need at the gateway? Seamless SCM portfolio Users 2000 Scalability Performance Separate Mail & Web IWSA IMSA 1000 600 300 200 100 Flexibility, Easy Price performance All-in-one -SCM Price sensitive All-in-one -SCM IGSA Below 100 users customers may prefer UTM Since best of breed becomes less important Copyright 2006 - Trend Micro Inc. ASA 5500 IGSA Key Features Entry-point protection for SMTP, POP3, HTTP & FTP • Transparent scanning • Antivirus – True type file recognition – IntelliTrap • Anti-spyware • Anti-phishing • Content filtering • Outbreak Prevention • • • • • Active Update Quarantine Logging Notifications Secure web-based console Copyright 2006 - Trend Micro Inc. Malware– the IGSA Solution X X X X Keep desktops & Servers free of malware Block Malware at the internet gateway Internet cloud InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. Malware & Spyware – the IGSA solution 2. Block Phone Home Attempts 1. Block Spyware at Internet Gateway X Internet cloud X InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. X 3. Clean-Up Spyware SECRET X Spam – the IGSA solution End-User Quarantine Prevents: Network Reputation Services DIRECTORY HARVEST ATTACKS X X Fewer Productivity Challenges or X mail server Internet cloud InterScan Gateway Security Appliance Heuristic Filters highly effective with reduced load Connection Dropped Before Mail is sent Reduced Storage Challenges Copyright 2006 - Trend Micro Inc. desktops Mail Content – the Solution Filter Mail leaving or entering your organisation at the internet gateway Profanity X X X Damaging X Confidential Hate Inappropriate InterScan Gateway Security Appliance Add Disclaimers – Legal Liability desktops Copyright 2006 - Trend Micro Inc. Web Content – the IGSA solution X Hate Block at Internet Gateway Allow personal access at appropriate times X InterScan Gateway Security Appliance Copyright 2006 - Trend Micro Inc. Operation Modes— Transparent and Fully Transparent Compared • Transparent Proxy Mode (outgoing traffic) User Request IGSA IP Address: 10.0.0.199 IP Address: 10.0.0.5 Access / Edge Router / Firewall Internet IP Address Seen on the Outside: 10.0.0.5 • Fully Transparent Mode (outgoing traffic) User Request IGSA IP Address: 10.0.0.199 IP Address: 10.0.0.5 Access / Edge Router / Firewall Copyright 2006 - Trend Micro Inc. Internet IP Address Seen on the Outside: 10.0.0.199 IGSA Integration— One Firewall without a DMZ Firewall Switch/Hub POP3 Clients Internet FTP Clients Web (HTTP) Clients IGSA Corporate LAN SMTP Email Server Copyright 2006 - Trend Micro Inc. IGSA Integration— Two Firewalls with a DMZ POP3 Clients Internet FTP Clients External Firewall Internal Firewall SMTP Relay (optional) DMZ Copyright 2006 - Trend Micro Inc. Web (HTTP) Clients Corporate LAN SMTP Email Server IGSA Global pricing model Pricing and licensing: – IGSA Hardware replacement – IGSA 100 users * – IGSA 200 users * – IGSA 300 users * – IGSA 600 users * – IGSA 800 users * – IGSA 1000 users * * Includes hardware and software license with all functionality enabled so NRS, URL etc. become differentiators rather than optional addons. Hardware Warranty is included in 1st year price. Copyright 2006 - Trend Micro Inc. Q&A and Thank You!
0
advertisement
Download
advertisement
Add this document to collection(s)
You can add this document to your study collection(s)
Sign in Available only to authorized usersAdd this document to saved
You can add this document to your saved list
Sign in Available only to authorized users