EPS Global Launch Events Copyright 2002-2003, Trend Micro, Inc. Trend Micro Enterprise Protection...

Copyright 2002-2003, Trend Micro, Inc.EPS Global Launch Events

Trend Micro Enterprise Protection Strategy Launch

Goh Chee Hoh

Regional Sales Director

Asia South Region

Copyright 2002-2003, Trend Micro, Inc.

RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line

EPS Global Launch Events

Agenda

Trend Micro Corporate Profile Overview Viruses Evolution & Painful Scenarios with Product Approach How Trend Micro’s Enterprise Protection Strategy Addresses

This Issue Summary of Today’s AV Product Approach for Enterprise

Networks What is EPS, Features & Benefits of EPS Why Service Assurance is So Important


Trend Micro Corporate Profile Overview




• Established in the US in 1988

• Headquartered in Tokyo, Japan

• Leader in network antivirus and internet security software

• 1800+ employees in 23 countries

• Y2002 Revenue Achieved USD 364M with 37% grow YOY and

ordinary income rises 226% to USD 67M

• Virus Research & Development teams, 300+ engineers worldwide

• No 1 in overall Server, Email & Gateway Antivirus Market (IDC ’02)

• Listed on public markets:– Japanese Stock Market (4704) - 1998– NASDAQ (TMIC) – 1999

• Market Capitalization USD 2 Billion

Trend Micro Snapshot




A History of Firsts

Global Innovation




Market Leadership: Server-based Protection

Server-based Market Leadership

#1 in the Overall Antivirus Server Market

#1 in the Internet Gateway Market

#1 in the Email Server Market

Source: IDC 2002

“Antivirus Software: A Segmentation of the Market”


Viruses Evolution




SARS Virus Epidemic

Early Early ContainmentContainment

Infectious CycleInfectious Cycle

Panic ModePanic Mode

Time LagTime Lag

Outbreak Prevention

Quick Response

Intangible Damages

Knowledge




Computer Viruses Today

- More network virus infections

- Corporate damages increasing

- Security infrastructure matters

- IT is in panic mode




0

10,000

20,000

30,000

40,000

50,000

60,000

70,000

80,000

90,000

100,000

1998 1999 2000 2001 2002 (1Hx2)

Information Security Trends Incidents

Number of Incidents Quadrupled in 2 Years

Number of Incidents Reported

Source: CERT® Coordination Center, Carnegie Mellon University

5




Information Security Trends Incidents

0% 10% 20% 30% 40% 50% 60% 70% 80% 90%

Web Vandalism

UnauthModification

Denial of Service

Unauth Use

Virus

% Experiencing

Source: IDC Security Survey, US, N=355, Mid-2001, IDC #25684

95% in Financial Sector

6




Trend Micro’s Virus Roundup 2002 Observations

175% increase in global outbreaks first seen in 2000-2001 (reinfection)

“Mixed” threats continue mixing modes of attack Mass-mailing features, shared drives and P2P/IM Increase in the exploitation of system faults Bundled independent Simple Mail Transfer Protocol

(SMTP) (vs. MS Outlook) Internet relay chat (IRC) and P2P IM emerge

Trend toward the creation of worms (vs. traditional virus) Trend away from destructive payloads Decrease in number of macro viruses




1999 Melissa – 1.11 B USD Global Damage

2000 ILOVEYOU – 8.75 B USD Global Damage

2001 Sircam - 1.75 B USD Global Damage

2001 Code Red – 2.62 B USD Global Damage

2001 Nimda – 3.55 B USD Global Damage

2002 Klez – Global Damage unknown yet

Virus,conventional

Worm,conventional

Worm,conventional

Worm,mixed

Worm,mixed

Worm,mixed

Source: Computer Economics

Global Attacks




hack spam

trojan

virus

Next Generation• Corporate productivity

hit• Via multi email• Different hosts, different symptoms

Next Generation AttacksSimultaneous, Mixed Threat Attacks

Previous Generation• Personal productivity hit• Via SMTP email• Single host & symptom

trojantrojan

worm




Trend Micro’s 2003 Predictions

“Mixed” threats continue as primary form of attack Mass-mailing features, shared drives and P2P/IM Malware will focus on disabling AV, personal firewall, and

anti Trojan horse monitoring Web filtering will be critical as malicious websites proliferate

SPAM hits 50 % of all email traffic .Net malicious activity will increase dramatically




Why the current industry solution is ineffective

Mixed threat attacks need more than pattern files Attack-specific policy and system assessment and cleanup

Inconsistent or inaccurate security policy settings Lack of central policy management

Inability to respond quickly enough when outbreak or reinfection occurs Pattern files take time to develop

Out-of-date pattern files, AV not present on all hosts and pathways Lack of central management and updates = missed detections

Security devices don’t coordinate Enterprises must coordinate themselves with AV several vendors




Attack Sophistication vs. Intruder Technical Knowledge

Source: Software Engineering Institute, Carnegie Mellon University.




E-mail is now the biggest virus threat!

*Source: ICSA (International Computer Security Association) Computer Virus Prevalence Survey 2001

>80%




Effects of Viruses

• Loss of productivity 70%• Corrupted file/data base 66%• PC was unavailable to the user 50%• Loss of user confidence to the user 48%• Loss of access to data (server) 44%• …..• Threat of someone losing their job


Painful Scenarios with Product Approach




Nimda, CodeRed changing the way the IT Directors view about virus issue

Discussed with over 100 enterprise customers 40 % global enterprises 40 % medium-large 20 % resellers, system integrators, channel

3 continents NA, Europe, Asia

Tested both raw needs and concepts

The Last 6 Months




Customer Chaos

Virus propagates by email -- shut down smtp

Customer perception of attacks: Steps 1-3 = identify, isolate, and combat

Scan email with XX header

Isolate and clean

Http attack

Isolate and clean

Restrict remote access

Shut down Http

Remote worker arrives - shared drive

Isolate and clean

Step 4 = relax

Step 6 = repeat steps 1-3 Step 5 = panic

“I have cleaned the same desktops 5-6 times for one outbreak”

-- customer refuses to be named




Threat Information

Attack Prevention

Notificationand

Assurance

Pattern File

Scan and Eliminate

Assess and cleanup

Restore and Post-mortem

Support Programs

Centralized management =• Deployment of pattern files and scan engines• Monitoring of AV products across the network

Content Security

(eManager)

Corporate TCO and lost productivity

$$ $$$$$$$ $$ $$

“An estimated 80% of outbreak cost is related to cleaning.” -- Computer Economics, 2001

The Customer’s View of AV Today




XXX Customer having 3000 desktops and get infected by NIMDA virus

Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours

Per man power will take about 6000 hours to clear the mass for one incident

10 man power will take about 600 hours to clear the mass for one incident

Out Source will cost about USD 40,000 for one incident

WHAT SHOULD I DO FOR NEXT INCIDENT ?????

Today Painful Scenario


How Trend Micro’s Enterprise Protection Strategy Addresses This Issue




Enterprise Protection Strategy

Enterprise Protection Strategy: Proactive Outbreak Lifecycle Management

Attack Preventio

n

$$

Notification and

Assurance

$

Pattern File

$$

Scan and Eliminate

$$

Assess and

Cleanup

$$$$

Restore and Post-Mortem

$

Threat Informati

on

$

Outbreak Prevention Virus Response Assessment and Restoration

TREND MICRO CONTROL MANAGER – outbreak lifecycle management, deployment, and deployment




XXX Customer having 3000 desktops and get infected by NIMDA virus

Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours

Per man power will take about 6000 hours to clear the mass for one incident

10 man power will take about 600 hours to clear the mass for one incident

Out Source will cost about USD 40,000 for one incident

WHAT SHOULD I DO FOR NEXT INCIDENT ?????

DEPLOY OFFICESCAN V5.02

From thousands of resources, hours and $$$ to just few hours

How it Benefit from today Scenario


Summary of Today’s AV Product Approach for Enterprise Networks

EPS Global Launch Events Copyright 2002-2003, Trend Micro, Inc. Trend Micro Enterprise Protection...

Documents

Transcript of EPS Global Launch Events Copyright 2002-2003, Trend Micro, Inc. Trend Micro Enterprise Protection...