Title: Marko Djordjevic
1Selfdefending Networks Managed Antivirus
Strategy
- Marko Djordjevic
- Product Manager EEUR
2Agenda
- Trendmicro Overview
- What means NAC ?
- Trendmicro Solution and Difference
- Summary
3Trendmicro Overview
- Fastest growing antivirus vendor in the world.
- Founded in the US in 1988. Corporate headquarters
in Tokyo, Japan. Publicly traded on NASDAQ(TMIC)
and Tokyo Stock Exchange (4704) - Antivirus and content security software and
services provider to enterprise, small and medium
business, and consumer segments - Transnational company with 2000 employees,
operations, and representation in over 30
countries worldwide - 2004 revenues
- US584 Million
Antivirus Software 2002 A Segmentation of the
Market (IDC)
4Trendmicro Overview
- Global Leader in Internet Gateway and Mail Server
Virus Protection - 1 in the Internet gateway antivirus market for
fourth consecutive year - 1 in the mail server antivirus market for third
consecutive year - 1 growth rate in the file server antivirus
market
- Over the years, Trend Micro has proven to be an
enterprise technology market leader in the
security space with the kind of vision and
innovation needed to address evolving Internet
threats. - Brian Burke
- Research Manager, IDC
Based on IDC Market Analysis Worldwide
Antivirus and Software Forecast and Analysis,
2003-2007
5Industry Firsts
Revenue in Millions
6Threats Are Evolving
18,284 new virus patterns in 2004 as of Oct
2003 SQLSlammer RED, Love gate YELLOW, Mydoom
YELLOW, MSBlaster RED, Sobig YELLOW, Deluder
YELLOW, McAlister RED 2004 Sasser YELLOW, Sober
YELLOW, Bagle YELLOW
Number of Scan Patterns
7Threats Are Evolving
- Viruses and worms can infect millions in minutes
without action by end users - Virus writers are becoming more creative and the
damage from malware can soar into the billions
(USD) - Infected emails may appear to come from
legitimate sources - Differences between viruses, malware, spam, and
spyware are blurring
8Problems with IT-Security
- Viruses and worms continue to disrupt business
- Day-zero attacks make current solutions less
effective - Point technologies preserve clients, rather than
network availability and enterprise continuity - Non-compliant servers and desktops are common,
but difficult to detect and contain - Locating and isolating infected systems is time
and resource intensive
9Challenge - Networks are dynamic
Todays enterprise Networks are more dynamic
Extranet Partners
Mobile Workers Contractors
Remote Offices
Will they always comply with security policy?
10Todays situation
Infected machine with non-existant or outdated
AV
11Todays situation
Infection spreads to other PCs and Servers on
the network
12Todays situation
AV software detects, removes and cleans all
policy compliant devices on the LAN
13Todays situation
But the network remains vulnerable to
re-infection and the non-compliant machine has
still not been isolated
14Policy Enforcement
Does PC comply With Policy?
Direct to update
NO
YES
Grant Access
By Cisco Network Admission Control (NAC) enabled
Deviceas client requests access to network
15OfficeScan 7
Enhanced antivirus Desktop Server
Enterprise Client Firewall
Cisco NAC Policy Enforcement
EPS, OPS, Automated DCS
Network Virus Scanning
Intrusion Detection
Network Session Monitoring
Integrated, centrally managed protection from
todays multiple threats
16Cisco NAC Overview
- Components of an OfficeScan network
- using Cisco NAC
- OfficeScan client with a Cisco Trust Agent (CTA)
installed - Network access device (NAD)
- Cisco Access Control Server (ACS)
- Trend Micro Policy Server
- OfficeScan server
TM Cisco
Trendmicro
Cisco
17OfficeScan Server
- The following can be configured on OfficeScan
management console - Communication between the ACS Policy Server
- Client certificate
- CTA deployment
18Policy Server
- Responsible for evaluating client credentials
against ACS - Available comparison criteria in rules
- real-time scan ? enable/disable
- engine version ? update to date/out of date
- pattern ? version OR release date comparison
- Available remediation actions
- enable real-time scan
- update now
- cleanup now
- cleanup now scan now
- notification msg
19The TrendMicro Difference ?
- Integrated Security Enforcement through Cisco NAC
- Trend Micros Solution
- Cisco NAC support includes Posture Plugin and
Policy Server - Ability to deploy CTA
- Posture can be validated from external Policy
Server - Competitive Solutions
- Cisco NAC support includes only Posture Plugin
- No CTA deployment capability
- ACS can only do local policy validation
20NAC Summary
- Reduced IT costs by preventing external and
- internal threats
- Proactive protection to ensure all devices
- comply with security policies
- Prevents contagious endpoints from
- infecting network reduced downtime due to
- worms and viruses
- Leverages existing Cisco, antivirus, and
- endpoint investments
- Increased network availability, resilience,
- and productivity
21Q A
- For detailed Information please visit our booth!