Kaspersky Lab Facts Kaspersky Lab vs. Trend Micro.
-
Upload
nicholas-henderson -
Category
Documents
-
view
247 -
download
2
Transcript of Kaspersky Lab Facts Kaspersky Lab vs. Trend Micro.
Kaspersky Lab
Facts
Kaspersky Lab vs. Trend Micro
Fact 1: About the Company
Trend Micro Trend Micro is a Japanese company with
headquarters in Tokyo On the antivirus market since 1988 Trend Micro is a public company with
stock traded on the Tokyo Stock Exchange
Over 18 years, Trend Micro has grown into a corporation with over 1,800 employees and representation offices in more than 30 countries
Kaspersky Lab Kaspersky Lab is a Russian company with
headquarters in Moscow Eugene Kaspersky has been combating viruses
since 1989; the group of antivirus software developers has existed for over 16 years; the company, Kaspersky Lab, is 9 years old
Kaspersky Lab is a private company Over 700 employees in offices across the globe 10 local offices across the globe (including the
US, UK, France, Germany, China, Japan and Korea). A large partner network: over 500 direct partners in more than 60 countries
In 2006 Kaspersky Lab was recognized by Frost & Sullivan, a research company, as the fastest growing
company on the antivirus market.
Fact 2: Market position. Kaspersky Lab is the fastest growing company
9%
17%
9%15%
63%
20%20%
41%
27%
13% 14%12%
24%
43%
13%
95%
11%18%
0%
20%
40%
60%
80%
100%
Kaspersky F-Secure Panda McAfee Sophos Sym antec Norm an Trend Mic ro Total
ID C Gartner
Antivirus vendor revenue growth in 2004-2005 (estimate by IDC & Gartner)
Fact 2: Market position
According to IDC, Kaspersky Lab is the leader in the Russian security software market.
In Eastern Europe Kaspersky Lab is the third largest player in the market for secure content management software, while Trend Micro makes do with the fourth position, with a market share half that of Kaspersky Lab’s.
According to GFK, Kaspersky Lab’s sales in the retail segment of the antivirus market of France, Germany and Spain exceed those of Trend Micro.
Kaspersky Lab’s antivirus engine is used in products of many other developers, including BlueCoat (US), Juniper Networks (US), F-Secure (Finland), Microsoft (US), G Data (Germany), Deerfield (US), Alt-N (US), Microworld (India), BorderWare (Canada) etc.
Fact 3: These companies and organizations have chosen Kaspersky Lab products
I.NET S.p.a. T-Mobile, Czech Republic Rectorat Amiens, France University of Western
Australia Bancaja Group, Spain Tatneft, Russia VimpelCom, Russia Central Bank of Russia And others
Deutscher Bundestag International Atomic Energy
Agency (IAEA) Retarus, Germany Government Development
Bank of Malaysia Ministry of Equipment, France Conseil General 92, France M&G Finanziaria Industriale,
Italy Ministry of Labor and Social
Affairs, Czech Republic
Fact 4: Antivirus laboratory - TrendLab
TrendLab stands for: Over 800 experts in 15 local offices across the globe; 24/7 customer support; Client support and updating of threat signatures in real time; BUT:
low threat detection levels and long new threat response times, which cannot be explained even by more thorough testing of updates
April 23, 2005 became a black day in the history of Trend Micro. On that day the company released a new database update for its products. However, when users updated their databases an unexpected problem occurred: their computers either completely refused to run or became so “thoughtful” that nearly completely stopped responding to commands. The defective update uploaded by the Manila center was accessible on the developer’s website for about an hour and a half from about 7.30 am. Trend Micro received failure reports from over 300,000 users. Users in Japan were hit hardest, but complaints also came from Australia, the United States and some European countries. In Japan the local area networks of several large companies were paralyzed, including East Japan Railway Co and the Asahi and Yomiuri daily newspapers. Due to this incident Trend Micro stock lost 4.2% of its value.
VirusLab is located in a single research center in Moscow. Most experts are located in one place and are not distributed geographically. This makes it possible to train new analysts and share expert knowledge with minimal delays.
The system for collecting malicious program samples is geographically distributed, with honeypots placed in numerous locations across the globe, enabling analysts to receive samples practically immediately after they appear “in the wild”.
Kaspersky Lab has developed unique tools for automating collection and processing of malicious program samples. Each virus analyst uses these tools to analyze malware samples and add their signatures to antivirus databases. In most cases this takes just a few minutes.
When the analysis is completed and a relevant signature has been added to the antivirus database (it takes several seconds to add a signature to the antivirus database), the updates are automatically tested. Performing multiple operations in parallel accelerates the update testing process, which takes less than an hour.
Fact 4: Kaspersky Lab virus laboratory - VirusLab
Fact 5: Kaspersky Lab’s SpamLab
A team of professional linguists
Spam is analyzed 24 / 7 / 365
a network of spam traps across the world (“exposed” mailboxes on public mail servers)
mass mailing detection system
volume of information analyzed: 100,000–150,000 spam messages every day
Algorithms for linguistic analysis are continually improved and updated
It takes just a few minutes to add a spam signature to the database
Clients receive updates in real time (using the UDS technology)
Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies
Overall detection of malicious programs
98,96%
97,89%
87,00%
93,46%
50% 60% 70% 80% 90% 100%
AV-Comparatives.org
AV-Test.org
Kaspersky Trend Micro
Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies
Treatment of active infections
70%
30%
0% 17% 34% 50% 67% 84%
Kaspersky
Trend Micro
Source: Anti-Malware-Test.com
Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies
New threat response times
0-2 hours
4-6 hours
0 2 4 6 8 10
Kaspersky
Trend Micro
Source: PC World, AV-Test.org
risk zone (period before updates are released) period during which updates are released
Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies
Frequency of malicious program database updates
38
615
0 100 200 300 400 500 600 700
Trend Micro
Kaspersky
Source: AV-Test.org
Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies
Personal firewall scores in "leak tests"
7500
7950
7200 7300 7400 7500 7600 7700 7800 7900 8000
Kaspersky
Trend Micro
Source: matousec.com
Fact 7: Minimal load on the system
Effect of the antivirus solution on system performance (time in seconds required to perform standard operations while on-demand
scanning is running)
174
162
194
236
234
208
296
206
196
0 50 100 150 200 250 300
AVG
Trend Micro
BitDefender
Symantec/Norton
CA
McAfee
NOD32
Kaspersky
No antivirus
Source: CNET Labs
Fact 8: Home users need adequate protection
Features Kaspersky Internet Security Trend Micro PC-cillin Internet Security
Installation on infected computers and treatment of active infections -*
Self-defense** -
Proactive protection (heuristic analyzer/ behavior blocker/rollback of malicious changes) / / / -/-
File antivirus
Mail antivirus (POP3/SMPT/IMAP4) / / / -/-
Web antivirus (scanning of HTTP traffic) -
Rootkit detection (scanning of masked files/ detection of system anomalies) / / -
Protection from spyware
Protection from network attacks
Protection from phishing, spam and unwanted advertising
Protection of confidential data
Parental control
*Anti-Malware.ru** PC Professionell
Fact 9: In today’s world of threats a company needs integrated protection!
Protection types Kaspersky Lab products Trend Micro productsProtection of workstations
−KAV for Windows Workstations;−KAV for Linux Workstations
−Server Protect for Windows/NetWare−OfficeScan (Windows);−Server Protect for Linux;−Server Protect for NetApp;−Server Protect for EMC Celerra;
Protection of file servers
−KAV for Windows File Servers;−KAV for Novell Netware File Server;−KAV for Linux File Server;−KAV for xBSD File Server;−KAV for Samba File Server
Protection of email −Kaspersky Mail Gateway;−Kaspersky Security for MS Exchange Server
2003−KAV for MS Exchange;−KAV for IBM Lotus Domino;−KAV for Linux Mail Server (Sendmail, Qmail,
Exim, Postfix)−Kaspersky Anti-Spam
− InterScan Massaging Security Suite;− InterScan Antivirus for SendMail;− ScanMail for MS Exchange− ScanMail for Lotus Domino− IM Security for Microsoft Office Live
Communications Server− Spam Prevention Solution
Protection of Internet gateways
−KAV for Proxy Server−KAV for MS ISA Server 2000 St/Ent Edition;−KAV for MS ISA Server 2004 St/Ent Edition;−KAV for CheckPoint Firewall;
− InterScan Web Security Suite;− InterScan WebProtect for MS ISA
(ISA Server 2004 St/Ent Edition);− InterScan VirusWall;
Protection of mobile devices
−Kaspersky Anti-Virus Mobile−Kaspersky Security for PDAs
−Trend Micro Mobile Security
Administration system
− Kaspersky Administration Kit −Trend Micro Control Manager
Fact 10: Integrated and effective protection in one product for workstations
Kaspersky Anti-Virus
for Windows Workstations
Trend Micro OfficeScan Client/Server Edition
1. File antivirus; 2. Mail antivirus; 3. Protection against spyware and adware;4.Protection against network attacks (IDS); 5. Firewall; 5. Cisco NAC support
7. Installation on infected computers and treatment of active infection
8. Proactive protection (behavior blocker) with system recovery
9. Detection of rootkits (known and unknown);
10. Web antivirus (on-the-fly scanning of Internet traffic)
11. Protection from spam and phishing12. Protection from unwanted advertising,
including popup windows and banners
?
Fact 11: Solutions for filtering all types of traffic at the gateway level
Traffic types Kaspersky Lab products Trend Micro products
SMTP −Kaspersky Mail Gateway;−KAV for CheckPoint Firewall;−KAV for Linux Mail Server
(Sendmail, Qmail, Exim, Postfix)−Kaspersky Anti-Spam
−InterScan Massaging Security Suite;
−InterScan VirusWall;−InterScan Antivirus for SendMail−Spam Prevention Solution
HTTP/FTP −KAV for Proxy Server;−KAV for MS ISA Server 2000
Standart/Enterprise Edition;−KAV for MS ISA Server 2004
Standart/ Enterprise Edition;−KAV for CheckPoint Firewall
−InterScan Web Security Suite;−InterScan Web Protect for MS ISA
(ISA Server 2004 St/Ent Edition);−InterScan VirusWall;
Fact 12: A fully-functional security administration tool is needed
Features Kaspersky Administration Kit
Trend Micro Control Manager
STANDARD ENTERPRISE
Multi-level administration structure (administration group and server hierarchy)
Yes No Two tiers only
Management of subordinate administration servers Yes No Yes
Product administration Yes Yes Yes
Generation of reports on administered products Yes No Yes
Control panel MMC, SSL, Windows authorization
HTTPS HTTPS
Updates (Pull/Push) Yes Yes Yes
Support for Wake-on-LAN/Shut Down Yes No No
Different access levels for different administrators Yes No No
Outbreak Prevention Services Short new threat response time addresses the issue
Optional, for an additional charge
Optional, for an additional charge
Damage Cleanup ServicesYes (workstation functions
without additional services or utilities)
For an additional charge For an additional charge
Vulnerability Assessment Search for unprotected computers For an additional charge For an additional charge
Special policies for mobile users Yes No No
Price Free Free Premium
Fact 13: Trend Micro Outbreak Management Services
Trend Micro offers its users additional software solutions (Outbreak Management Services), using the currently trendy word “services” in the title and declaring it proactive:
Vulnerability Assessment Service (VAS): detection of vulnerabilities and isolation of vulnerable devices from the rest of the network
Outbreak Prevention Service (OPS): in the event of an outbreak Trend Micro will release special policies (e.g. to close specific ports) in order to stop the outbreak before the relevant updates are available
Damage Cleanup Service (DCS): cleanup after an infection
Fact 13: Trend Micro Outbreak Management Services
These solutions: Were developed due to an inability to release signatures for new
malicious programs within a short time of their appearance
Trend Micro is forced to take additional measures for the protection of users before the signatures are released and to help mitigate the consequences of infection
Are essentially not proactive (in spite of Trend Micro declarations), because they require constant updating like classical signature-based methods
Require additional subscription for an additional charge comparable to the cost of the antivirus solution itself
Fact 13: Trend Micro Outbreak Management Services
Kaspersky Lab customers do not require such additional tools to supplement their antivirus solutions:
VirusLab rapidly responds to new threats and ensures a high level of malicious software detection (confirmed by AV-Test.org, AV-comparatives.org, VB100% etc.)
After detecting and removing a malicious object Kaspersky Lab solutions are able to roll back all malicious changes made to the system (records in system files and the registry, modified data, etc.)
The system is restored even after modifications made by unknown malicious processes detected by the Proactive Defense module
Unique technologies for self-defense and treatment of active infections (AdvancedDisinfection) successfully mitigate outbreak consequences even on infected machines
Kaspersky Anti-Virus for Windows Servers are able to block access of infected workstations to the file server
Fact 14: Cost of solutions
Kaspersky Lab products are cheaper than Trend Micro products
Renewal of a Trend Micro product license costs 30% of the base price, while the figure for Kaspersky Lab is 70%. At first glance, this makes Trend Micro products a better buy, BUT:
Trend Micro solutions are cheaper only in the long-term perspective
Kaspersky Lab solutions include support provided by the company, while users of Trend Micro products can count only on support by local partners
Direct support by Trend Micro is a premium service and its cost often exceeds the cost of the solution supported.
What do you need these facts for?
To make the right choice!