While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The new reality of persistent, advanced cyberthreats against all network levels
requires new thinking by IT managers about how to secure every layer while at
the same time providing an integrated view of what’s going on.
Trend Micro Enterprise Security Suite offers a single set of integrated products to protect networks in depth — at the Internet gateway, on mail and file servers, and on desktop clients and mobile devices. Its management system provides a relatively simple and scalable way to continuously monitor network and system security.
Enterprise Security Suite offers protection at nearly every level of an organization’s network.
At the network gateway, two “virtual appliances” — InterScan Messaging Security Virtual Appliance and InterScan Web Security Virtual Appliance — check SMTP, web and FTP traffic for malware before it can enter the network. There’s also ScanMail Suite protection for Microsoft Exchange or IBM Lotus Domino, which checks content at the mail server; and ServerProtect for Windows, Novell NetWare and Linux at the file server level.
At the client level, the suite includes the OfficeScan antimalware scanner and Trend Micro’s Intrusion Defense Firewall, plus endpoint protection for Apple computers and mobile devices.
Trend Micro Enterprise Security Suite uses a cloud-based “reputation” system, called the Smart Protection Network, as part of its gateway and endpoint security. While some signature information is cached on each of Trend Micro’s local agents, the lion’s share of threat signature storage and recognition happens on Trend Micro’s cloud of servers.
The company’s File Reputation feature works to prevent malicious files, web links and scripts from ever reaching users’ desktops, which means Trend Micro’s agents have a much smaller footprint on the systems they protect. Because the analysis of files, e-mail and web addresses is passed off to the cloud, less processing power is used by the agent at the desktop and on the server, reducing the impact on overall system performance.
This also means, of course, that the protection offered by Trend Micro’s agents can be updated much more quickly. If a new security threat is identified, it can be added to the central threat detection database in the cloud. This functionality allows Trend Micro customers to benefit immediately from the change without having to download a new set of updates.
Enterprise Security Suite performs well in enterprise environments, thanks to Control Manager Advanced, a management console that gives administrators a powerful set of policy controls and reporting capabilities. Control Manager uses a web-based interface, so administrators can access information about threats and agent configurations from any web browser, either within the network or over a secure VPN connection.
Control Manager can be configured to generate alerts via e-mail, instant message or pager, and its reporting capabilities are impressive. Administrators can use the included report templates or customize their own. Reports can be generated automatically on a schedule and sent via e-mail in HTML, Microsoft Excel spreadsheet
and XML formats.
For more automated, continuous monitoring, Control Manager’s database and schema can be accessed directly, making it relatively simple to create a web service or other interface to meet new reporting requirements as they emerge.
What’s more, Control Manager can be scaled across a large network. A central Control Manager server can be used to manage remote servers, replicating policy and configuration settings to them. Different administrators can be given role-based access to information and configuration capabilities. And Control Manager also can be used to schedule updates to endpoint clients and server agents, so that the information that needs to be cached locally can be sent when it won’t impact operations.
Trend Micro also provides a number of services through its cloud offering to administrators. Control Manager can be connected through an opt-in service to a database of global threat reports, allowing organizations of all sizes to share information about the latest threats, which attacks are growing in frequency and their point of origin. The company also provides new components (or “widgets”) for the Control Manager web portal on a monthly basis, so administrators can add new threat intelligence views to their dashboards.
While the cloud-based services of Enterprise Security Suite are powerful, they may not be suited to some organizations — especially those reluctant to connect to an external web service for information security support. The service won’t work on networks that are segregated from the Internet.
Although having mobile support is a real plus, Trend Micro Mobile Security is limited to Microsoft Windows Mobile versions 5.0 and 6.0 and the Symbian mobile operating system. And there’s currently no direct support for SMS alerts from Control Manager.
On the whole, however, Enterprise Security Suite is well suited to organizations that want to improve security across their networks. The reduced costs of ownership and administration make the suite attractive to budget-constrained organizations of all sizes.