|
|
Trend Micro™ Network VirusWall™ is an outbreak prevention appliance
that helps organizations stop network viruses (Internet worms),
block high threat vulnerabilities during outbreaks, and quarantine
and clean-up infection sources including unprotected devices as they
enter the network, using threat-specific knowledge from Trend Micro
deployed at the network layer. Unlike security solutions that only
monitor threats or provide threat information, Network VirusWall
helps organizations take precise outbreak security actions and
proactively detect, prevent or contain, and eliminate outbreaks. By
deploying Network VirusWall in network LAN segments, organizations
can significantly reduce their security risk, network downtime, and
outbreak management burden. Network VirusWall supports the Trend
Micro Enterprise Protection Strategy and is managed by Trend Micro
Control Manager™ 3.0.
1 - Early warning of internal network outbreak
2 - Unpatched machine sheltered
3 - Outbreak prevention policies deployed
4 - Network virus signatures deployed
5 - Remote office machine quarantined and cleaned
6 - Non-compliant machine blocked and remediated
Automated Damage Cleanup:
Automated damage cleanup*** helps prevent re-infections by targeting
sources of infection on the network and isolating them until
cleanup. Designed to minimize cost and administrative burden
associated with manual cleanup and restoration, automated damage
cleanup automates agent-less, remote cleanup of infected host
machines with damage cleanup templates from TrendLabs. Damage
cleanup includes cleanup of or fixing of unwanted registry entries
created by worms or Trojans, memory resident worms or Trojans,
garbage and viral file drop by worms or Trojans, and system file
configuration such as system.ini, after they have been infected or
altered by viruses.
Ease of Use, Manageability, and Security Control:
Network VirusWall is an integrated appliance architecture, designed
to deploy critical outbreak prevention services for ease of use,
configuration, installation, and management. SNMP Monitoring
provides enhanced manageability and viewing capabilities. An
in-built local host firewall helps prevent attacks to the Network
VirusWall appliance. Active Update and Trend Micro Control Manager
deliver periodic and automated threat-specific updates. |
Network Outbreak Monitoring:
Network VirusWall enables organizations to implement proactive and timely
security measures by providing early warning information of outbreaks in the
network segment(s) using heuristics. Monitoring methods include, but are not
limited to analyzing traffic flow delta, number of connections initiated to
and from a single client at any given time, sudden increases in traffic
through specific ports or protocols (TCP, UDP, ICMP, and IGMP). Network
outbreak monitoring identifies infected host machines, virus attack targets,
and attacks on specific vulnerabilities and notifies IT managers through
TMCM 3.0
Network Outbreak Prevention:
Network VirusWall helps prevent or contain network viruses with timely,
granular, threat-specific prevention policies** from TrendLabsSM that can be
deployed at the network LAN segment(s) to block one or a combination of the
following in the event of an outbreak:
* Range or specific IP addresses (to prevent these machines from infecting
machines outside of the LAN segment), ports, and protocols (TCP, UDP, ICMP)
* Instant Message Channels (AIM, MSN, Yahoo, ICQ
* File type extensions
* File Transfers (FTP, HTTP, Windows file sharing)
Deployment of these policies can be automated to maximize protection or
manually deployed to provide greater control and flexibility.
Network Scanning and Detection:
Viruses (Internet worms) propagating at the network layer can be eradicated
by scanning and detecting using network signatures from TrendLabs and by
dropping infected packets. Antivirus products work in concert with network
scanning and detection, to help identify viruses at the application layer
for comprehensive virus protection.
Security Policy Enforcement:
Security policy enforcement enables organizations to enforce antivirus
security policies and minimize network infections and re-infections. Policy
enforcement actions which can be taken include detection of antivirus client
products (Symantec, Network Associates and Trend Micro) and the latest scan
engine and pattern files (from Trend Micro) as users access the network,
blocking network access, if not in compliance, and enabling users to update
antivirus scan engine and pattern files or download antivirus products in
accordance with their company’s security policies. Network VirusWall detects
Symantec - Norton Antivirus Corporate Edition, NAI - McAfee VirusScan 7.0
with Orchestrator agent and Trend Micro OfficeScan and ServerProtect for NT.
It does not require installation of
host-based agents, program updates or changes to network configuration.
Vulnerability Isolation:
Network VirusWall helps prevent viruses from exploiting vulnerabilities* on
the network by enabling organizations to selectively isolate vulnerable
(e.g.- unpatched) machines for specific high-threat vulnerabilities
(currently identifies major Microsoft vulnerabilities only) before an attack
or as an attack occurs. By prohibiting unpatched machines from infecting
machines in other network segments during outbreaks, Network VirusWall can
help minimize traffic congestion caused by viruses. * Requires Trend Micro™
Vulnerability Assessment
** Requires Trend Micro™ Outbreak Prevention Services
*** Requires Trend Micro™ Damage Cleanup Services
|
