fact sheet
|
Think about the many ways that your Internet usage differs from just a few years ago. It's likely you're sending and receiving more e-mail and visiting more Web sites than you were a few years ago. It's also likely that you're using more Web 2.0 gadgets and sites, conducting more e-commerce, and you're more likely to access the Internet from a mobile device.
The same goes for all of the employees in your organization, and this means there are more avenues to attack the enterprise than ever before. In the datacenter, your enterprise might be using virtualization to consolidate the number of servers and save money, but it also adds complexity to datacenter security. It's also possible that partnerships and outsourcing agreements mean that your organization needs to share data with partners and suppliers through some type of online collaboration, exposing your enterprise to even more threats.
Much like your Internet usage, the threats that face your enterprise have evolved over the years. Spam was once an annoyance. Malware was once created by rogue developers looking for notoriety and to impress their friends. Most of today's Internet threats are profit-driven and are created by organized criminal enterprises that deliver faster, more vigorous attacks. The time between the discovery of a vulnerability and the release of code that exploited it used to be measured in days or weeks. Most exploit code now appears within a day.
The way the employees in your enterprise use the Internet has changed in recent years; so have the tactics of those trying to infect your systems, steal sensitive information, and wreak havoc on your organization. But it's likely the way you combat these threats hasn't changed much, if at all.
Many enterprises use a collection of point products to protect against various threats and keep endpoints safe. "Point-product sprawl" means your IT staff takes part in a constant cycle of deployments, administration, and product support.
The biggest problem with many enterprise security point products is they rely on periodic file downloads to recognize new threats. This is a reactive approach that relies on the discovery of a new threat, the creation of a threat signature, and the deployment of a pattern file. This method of protection is not only slow, it also consumes valuable resources.
Trend Micro's approach to enterprise security includes a proactive approach that addresses two key critical time challenges: 1) the time it takes to identify threats, create protection, and put that protection into place needs to be minimized in order to protect the enterprise from today's threats; 2) a security solution that minimizes complexity and provides effective protection will take less time to manage than several point solutions.
Trend Micro's Smart Protection Network blocks the latest threats before they reach your enterprise using a cloud-client architecture that combines in-the-cloud technology and a lightweight client infrastructure to protect information and employees.
The Smart Protection Network uses three integrated reputation databases—Web, e-mail, and file—that are updated from in-the-cloud threat correlation, behavior analysis, feedback loops, and global threat intelligence. Up-to-the-minute threat information is then supplied to the thin-client technology in Trend Micro products within the enterprise.
The Web Reputation database assigns a relative reputation score to individual pages on the Web based on several factors that could indicate suspicious behavior, including a Web site's age and frequent changes to the host server's location. It then monitors network traffic to identify any malware activity originating from a domain or Web page. The Trend Micro Web Reputation database also performs content crawling and scanning to complement the analysis with a blacklist of previously known bad sites and then blocks access to suspicious pages based on reputation rankings.
The Email Reputation database helps Trend Micro block up to 80 percent of e-mail-based threats before they reach the network or a user's PC. It validates IP addresses against a database of known spam sources and a dynamic service that can assess email sender reputation in real time. The reputation ratings are further refined using continuous analysis of the IP addresses' behavior, scope of activity, and prior history. Malicious emails are blocked at the source based on the reputation of the sender's IP address. Because the reputation status is continually updated a good reputation can be restored when an infected sender is cleaned, resuming the normal delivery of email.
Trend Micro's File Reputation database assesses the reputation of specific files, like those downloaded from Web sites and e-mail attachments. Analyzing files helps identify files that the Web Reputation database misses because cybercriminals move them from Web site to Web site.
The Trend Micro Smart Protection Network correlates threat intelligence across all of the reputation databases by constantly updating the databases and sharing the information among all three when one attack element gets a bad reputation. It also uses behavioral analysis to examine combinations of threat activities to determine if they are malicious. Information gathered from the behavioral analysis is distributed across all three threat databases.
Trend Micro also uses feedback loops to take each new threat identified via a single customer's reputation checks and automatically update databases around the world, blocking any subsequent customer encounters with that threat. Trend Micro's TrendLabs, a global network of research, service, and support centers, uses more than 1,000 content security threat experts to analyze threats and respond in real time. TrendLabs uses a number of methods including Web crawlers, honeypots, and customer and partner submissions to gather intelligence about the latest threats.
The Smart Protection Network analyzes 250 million malware samples every year and processes 50 million new IP addresses and URLs daily. It provides comprehensive defense from online threats across the Web, messaging, and endpoints and it does it faster and more efficiently than security point products.
Digg
del.icio.us
Newvine
furl
StumbleUpon
BlinkList
Newsvine
Magnolia
Facebook
Tailrank
Slashdot
Technorati
Google Bookmarks
Yahoo Favorites
Windows Live
Ask
