Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc.

Trend Micro Web Security-Overview


The Threat Landscape

• 3.5 new threats every second

• 92% of threats come from the Internet

• Defending against malware attacks is the No. 1 driver in the secure Web gateway (SWG) market, because the Internet has become the main delivery vehicle for malware.

• Due to the anonymous nature of Web 2.0, where anyone can post content, many social media sites are hosting malware.

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 20100

2,000,000

4,000,000

6,000,000

8,000,000

10,000,000

12,000,000

14,000,000

16,000,000

18,000,000

20,000,000

New unique samples added to AV-Test's malware repository (2000-2010)

Dec

Nov

Oct

Sep

Aug

Jul

Jun

May

Apr

Mar

Feb

Jan

The web is now where the majority of people become infected with malware and, given the extent to which the internet is such an integral part of all corporations’ business activities, the web is a potent threat vector.

http://www.gartner.com/


SWG Pain PointsCustomer Pain InterScan Web Security Benefits

Users demanding use of Web 2.0 applications

New Application Control and HTTP Inspection features allow organizations to provide tools their users need, but ensure that neither their users or systems are at risk.

Users accessing compromised and inappropriate websites and downloading malicious content.

Stops malware at the source by blocking exposure via web

Immediate protection with in-the-cloud threat intelligence protects against sites infected with malware

Stops web file downloads of viruses

Controls access of malicious websites

High/increasing costs of gateway security

Lowers IT Security costs by:

Software virtual appliances lower TCO in the datacenter. Deployment, management, licensing, heating and cooling costs all are reduced with a virtual appliance deployment

Leverage preferred hardware vendors for deployment of solutions in the DMZ, supporting heterogeneous hardware deployments

Employee productivity and legal exposure due to inappropriate internet usage

URL Filtering helps secure the network, and increases employee productivity by filtering inappropriate non-work related websites and allowing for time limit quotas on allowable sites.

No visibility into Internet usage or why the internet connection slows

Advanced Reporting provides unprecedented visibility into Internet activity and shows administrators what’s happening on their network by providing Internet use reports, dynamic dashboards and real-time monitors for problem identification and analysis.


File Reputation

Threat Correlation,

Feedback Loops, Analysis

Email Reputation

Web Reputation

EMAIL THREATS

FILE THREATS

WEBSITE THREATS

•Intelligence from cross-correlation

•Immediate access from the cloud

•Integration throughout the portfolio

The difference:

Trend Micro Smart Protection Network

“Vendors like Trend Micro that have invested in and provided solutions that block threats at multiple layers (Exposure, Infection & Dynamic) provide better overall security against the new threats propagating today.”

Endpoint Security Testing. 5/11


Recent Positive Reviews

WEST COAST LABS – Anti-malware Technology Report Feb 2011Trend Micro's IWSVA solution offers the ease of virtualization and the flexibility to handle web traffic in a number of types of network. The technologies at work that contribute to the operation of this solution include anti-malware, and URL content filtering, and allow for very fine grained control.

SC Magazine– Anti-malware Gateway Review April 2011Verdict: All the tools and options you need. An enterprise-worthy solution that we make our Recommended product. .

http://www.scmagazineus.com/trend-micro-enterprise-security-for-gateways/review/3448/


Trend Micro Web Gateway Security Powered by the Trend Micro Smart Protection Network

• Application Visibility: Identifies over 420 Internet application categories, many more than most web gateway solutions

• URL Filtering and Reputation: Uses industry’s first, largest, most reliablecloud-based reputation and categorization service

• Web Content filtering: Enables customers to control who sends what content through their browser

• Antimalware: Leverages award-winning malware protection to stop viruses, spyware, rootkits, bots,malicious scripts

• Caching: Increases performance and lowers latency

• Advanced Reporting and Management: Provides real-time activity monitoring, highly customizable reporting and central management

• Software Virtual Appliance: Supports bare-metal, VMware and Hyper-V

• Secure the organization, data and users

• Maintain employee productivity

• Ensure appropriate use of the Internet

CONSOLIDATE WEB GATEWAY SECURITY


Key New Features in IWSVA 5.5/ARM 1.5• Application Control (Monitoring, Reporting and Policy

Enforcement)– Support for over 420 Internet protocols including IM, P2P, social networking applications, and

streaming media. – Bandwidth usage monitoring and Reporting integrated in the base IWSVA and ARM to show

application usage by bandwidth and users

• HTTP Inspection– A powerful policy definition feature that allows customers to better control the HTTP traffic their

users send and receive. An example of this is the ability to restrict uploads to Social Networking sites such as Facebook while allowing read access.

• URL Filtering - Time Quotas– Along with the Allow, Block, Monitor, and Warn actions available for URL Filtering policies, there is

a new Time Limit action that sets a time quota for selected URL categories within the Work and Leisure time segments.

– This feature also includes the ability for an administrator to extend a user’s time quota for certain sites on a day-by-day basis as work requirements demand

• URL Filtering - Password Override– The ability to allow administrators to temporarily allow access to a URL from the end-user block

screen.


Application Control - Monitoring

• Application bandwidth and connection monitoring to ensure users don’t experience excessive Internet latency and to understand the distribution of protocols across the bandwidth


Application Control - Policy

• Choose to block/allow among over 420 application families in 23 categories

• Flexibility to block during work time, but allow during leisure time


Application Control - Reporting

• Application usage reports that let you drill down based on protocol, bandwidth, and specific users’ activity


HTTP Inspection

• The default filters enable enforcing browser type policies, blocking large file transfers, blocking Web file uploads and blocking Web Distributed Authoring and Versioning (WebDAV) traffic.

• These filters can be applied to users/group to enforce security policies like protecting company data from loss, blocking video uploads, and preventing message posting on social networking service sites.


URL Filtering - Time Quotas

• End-user access to URL categories or individual sites can be controlled by time quotas within the pre-defined work hours and/or leisure hours.

• This addresses one of the remaining URL filtering policy features needed for customers to swap out their Websense deployments


URL Filtering – Password Override

• Sites that are blocked due to policy can be temporarily un-blocked when another authorized user enters a password on the end-user notification screen

• This addresses a key usability requirement for education environments where teachers need to allow students to access improperly blocked sites.

• This addresses another one of the remaining URL filtering policy features needed for customers to swap out their Websense deployments

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Documents

Transcript of Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.