Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
EPS Global Launch Events Copyright 2002-2003, Trend Micro, Inc. Trend Micro Enterprise Protection...
-
Upload
marvin-carpenter -
Category
Documents
-
view
215 -
download
0
Transcript of EPS Global Launch Events Copyright 2002-2003, Trend Micro, Inc. Trend Micro Enterprise Protection...
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
Trend Micro Enterprise Protection Strategy Launch
Goh Chee Hoh
Regional Sales Director
Asia South Region
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Agenda
Trend Micro Corporate Profile Overview Viruses Evolution & Painful Scenarios with Product Approach How Trend Micro’s Enterprise Protection Strategy Addresses
This Issue Summary of Today’s AV Product Approach for Enterprise
Networks What is EPS, Features & Benefits of EPS Why Service Assurance is So Important
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
Trend Micro Corporate Profile Overview
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
• Established in the US in 1988
• Headquartered in Tokyo, Japan
• Leader in network antivirus and internet security software
• 1800+ employees in 23 countries
• Y2002 Revenue Achieved USD 364M with 37% grow YOY and
ordinary income rises 226% to USD 67M
• Virus Research & Development teams, 300+ engineers worldwide
• No 1 in overall Server, Email & Gateway Antivirus Market (IDC ’02)
• Listed on public markets:– Japanese Stock Market (4704) - 1998– NASDAQ (TMIC) – 1999
• Market Capitalization USD 2 Billion
Trend Micro Snapshot
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
A History of Firsts
Global Innovation
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Market Leadership: Server-based Protection
Server-based Market Leadership
#1 in the Overall Antivirus Server Market
#1 in the Internet Gateway Market
#1 in the Email Server Market
Source: IDC 2002
“Antivirus Software: A Segmentation of the Market”
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
Viruses Evolution
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
SARS Virus Epidemic
Early Early ContainmentContainment
Infectious CycleInfectious Cycle
Panic ModePanic Mode
Time LagTime Lag
Outbreak Prevention
Quick Response
Intangible Damages
Knowledge
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Computer Viruses Today
- More network virus infections
- Corporate damages increasing
- Security infrastructure matters
- IT is in panic mode
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
0
10,000
20,000
30,000
40,000
50,000
60,000
70,000
80,000
90,000
100,000
1998 1999 2000 2001 2002 (1Hx2)
Information Security Trends Incidents
Number of Incidents Quadrupled in 2 Years
Number of Incidents Reported
Source: CERT® Coordination Center, Carnegie Mellon University
5
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Information Security Trends Incidents
0% 10% 20% 30% 40% 50% 60% 70% 80% 90%
Web Vandalism
UnauthModification
Denial of Service
Unauth Use
Virus
% Experiencing
Source: IDC Security Survey, US, N=355, Mid-2001, IDC #25684
95% in Financial Sector
6
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Trend Micro’s Virus Roundup 2002 Observations
175% increase in global outbreaks first seen in 2000-2001 (reinfection)
“Mixed” threats continue mixing modes of attack Mass-mailing features, shared drives and P2P/IM Increase in the exploitation of system faults Bundled independent Simple Mail Transfer Protocol
(SMTP) (vs. MS Outlook) Internet relay chat (IRC) and P2P IM emerge
Trend toward the creation of worms (vs. traditional virus) Trend away from destructive payloads Decrease in number of macro viruses
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
1999 Melissa – 1.11 B USD Global Damage
2000 ILOVEYOU – 8.75 B USD Global Damage
2001 Sircam - 1.75 B USD Global Damage
2001 Code Red – 2.62 B USD Global Damage
2001 Nimda – 3.55 B USD Global Damage
2002 Klez – Global Damage unknown yet
Virus,conventional
Worm,conventional
Worm,conventional
Worm,mixed
Worm,mixed
Worm,mixed
Source: Computer Economics
Global Attacks
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
hack spam
trojan
virus
Next Generation• Corporate productivity
hit• Via multi email• Different hosts, different symptoms
Next Generation AttacksSimultaneous, Mixed Threat Attacks
Previous Generation• Personal productivity hit• Via SMTP email• Single host & symptom
trojantrojan
worm
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Trend Micro’s 2003 Predictions
“Mixed” threats continue as primary form of attack Mass-mailing features, shared drives and P2P/IM Malware will focus on disabling AV, personal firewall, and
anti Trojan horse monitoring Web filtering will be critical as malicious websites proliferate
SPAM hits 50 % of all email traffic .Net malicious activity will increase dramatically
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Why the current industry solution is ineffective
Mixed threat attacks need more than pattern files Attack-specific policy and system assessment and cleanup
Inconsistent or inaccurate security policy settings Lack of central policy management
Inability to respond quickly enough when outbreak or reinfection occurs Pattern files take time to develop
Out-of-date pattern files, AV not present on all hosts and pathways Lack of central management and updates = missed detections
Security devices don’t coordinate Enterprises must coordinate themselves with AV several vendors
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Attack Sophistication vs. Intruder Technical Knowledge
Source: Software Engineering Institute, Carnegie Mellon University.
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
E-mail is now the biggest virus threat!
*Source: ICSA (International Computer Security Association) Computer Virus Prevalence Survey 2001
>80%
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Effects of Viruses
• Loss of productivity 70%• Corrupted file/data base 66%• PC was unavailable to the user 50%• Loss of user confidence to the user 48%• Loss of access to data (server) 44%• …..• Threat of someone losing their job
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
Painful Scenarios with Product Approach
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Nimda, CodeRed changing the way the IT Directors view about virus issue
Discussed with over 100 enterprise customers 40 % global enterprises 40 % medium-large 20 % resellers, system integrators, channel
3 continents NA, Europe, Asia
Tested both raw needs and concepts
The Last 6 Months
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Customer Chaos
Virus propagates by email -- shut down smtp
Customer perception of attacks: Steps 1-3 = identify, isolate, and combat
Scan email with XX header
Isolate and clean
Http attack
Isolate and clean
Restrict remote access
Shut down Http
Remote worker arrives - shared drive
Isolate and clean
Step 4 = relax
Step 6 = repeat steps 1-3 Step 5 = panic
“I have cleaned the same desktops 5-6 times for one outbreak”
-- customer refuses to be named
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Threat Information
Attack Prevention
Notificationand
Assurance
Pattern File
Scan and Eliminate
Assess and cleanup
Restore and Post-mortem
Support Programs
Centralized management =• Deployment of pattern files and scan engines• Monitoring of AV products across the network
Content Security
(eManager)
Corporate TCO and lost productivity
$$ $$$$$$$ $$ $$
“An estimated 80% of outbreak cost is related to cleaning.” -- Computer Economics, 2001
The Customer’s View of AV Today
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
XXX Customer having 3000 desktops and get infected by NIMDA virus
Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours
Per man power will take about 6000 hours to clear the mass for one incident
10 man power will take about 600 hours to clear the mass for one incident
Out Source will cost about USD 40,000 for one incident
WHAT SHOULD I DO FOR NEXT INCIDENT ?????
Today Painful Scenario
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
How Trend Micro’s Enterprise Protection Strategy Addresses This Issue
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
Enterprise Protection Strategy
Enterprise Protection Strategy: Proactive Outbreak Lifecycle Management
Attack Preventio
n
$$
Notification and
Assurance
$
Pattern File
$$
Scan and Eliminate
$$
Assess and
Cleanup
$$$$
Restore and Post-Mortem
$
Threat Informati
on
$
Outbreak Prevention Virus Response Assessment and Restoration
TREND MICRO CONTROL MANAGER – outbreak lifecycle management, deployment, and deployment
Copyright 2002-2003, Trend Micro, Inc.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
EPS Global Launch Events
XXX Customer having 3000 desktops and get infected by NIMDA virus
Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours
Per man power will take about 6000 hours to clear the mass for one incident
10 man power will take about 600 hours to clear the mass for one incident
Out Source will cost about USD 40,000 for one incident
WHAT SHOULD I DO FOR NEXT INCIDENT ?????
DEPLOY OFFICESCAN V5.02
From thousands of resources, hours and $$$ to just few hours
How it Benefit from today Scenario
Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events
Summary of Today’s AV Product Approach for Enterprise Networks