Threats beyond Imagination Securing your Digital Information - PowerPoint PPT Presentation

Loading...

PPT – Threats beyond Imagination Securing your Digital Information PowerPoint presentation | free to view - id: 217cf2-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Threats beyond Imagination Securing your Digital Information

Description:

Security Evolution : Challenges on unpredictable threat ... Mailer. Worms. Spam. Web/MMC. Web Site. Network Worms. Trojan. Spyware. NVW. NVW. Appliance ... – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 49
Provided by: irene120
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Threats beyond Imagination Securing your Digital Information


1
Threats beyond Imagination Securing your
Digital Information
  • Goh Chee Hoh
  • Managing Director
  • Asia South Region
  • May, 2006

2
Agenda
  • Security Evolution Challenges on unpredictable
    threat
  • Digital Operation Continuity Strategy and
    Solution
  • The Technology Winning Path RoadMap
  • The Pioneer Trend Micro Profile Overview

3
The Problem
Malwares Growth
  • Malware More Than Just Viruses and Worms
  • New threats detected daily
  • New vulnerabilities (Mobile, IM, images, etc.)
  • Variants active for years

4
Review
  • File Viruses Projected Decline.
  • Worms Remain Stable at 150 per month.
  • Bots 250-300 per month with Potential for
    Increase.
  • Spam Projected Increase
  • Phishing 14,000-15,000 per month with Projected
    Increase.
  • - Spear Phishing Projected Increase
  • PhishWare Remain Stable at 500-700 per month.
  • GrayWare 1500-1600 per month with Projected
    Increase.
  • Mobile Threats 15 per quarter with Projected
    Increase

5
Reported Infections and Growth Projections
Reported Infections 9.5 Million in Q1, 12.1
Million in Q2, and 29.5 Million in Q3. 70
percent of all infections occurred in North
America.
Projected
6
The Problem
Malwares Impact
Global Attacks Cost Billions Each Year
7
Mobile Threats 2004-2005
20June04
4Apr
7Mar
17Jul04
21Sep
8Jul
29Dec04
8Mar
6Apr
2Oct
5Aug04
1Feb
15Apr
4Jul
19Jul
18Mar
12Aug04
21Nov04
Mabir
Cardtrp
Doomed
Comwar
Cardblk
Vlasco
Fontal
Cabir
Boottoon
Skulls
Dampig
Qdial
Hobbes
Skudoo
Locknut (Gavno)
Drever
Win CE DUTS
Camdesk
Symbian OS (Nokia, etc) Windows CE (HP, etc)
Win CE BRADOR
8
Social Engineering and Phishing
  • How about this email from Citibank asking for
    recipient to provide personal information?

9
Spam can kill businesses
10
50.000 USD, or we shut down your page!
And they did!!!
11
4th Generation Network Worm
days
Patch MS05-039 8/9/2005
Window between vulnerability announcement and
outbreak is shrinking
8/13/2005
ZOTOB
Patch MS04-011 8/13/2004
5/1/2004
SASSER
Patch MS03-026 6/16/2003
8/11/2003
BLASTER
Patch MS02-039 7/24/2002
1/25/2003
SLAMMER
Patch MS00-078 10/17/2000
9/18/2001
NIMDA
12
The Pain
  • New ATMs moving to Microsoft Windows, but
    Windows is a popular platform for virus authors.
  • Microsoft issued 77 patches for Windows OS in
    2003
  • 42 of them are for Windows XP.
  • 7 of them resulted from network virus
    vulnerabilities.
  • Supposedly isolated ATM networks have been
    exposed to network virus attacks
  • 1/2003 Slammer (SQL database attack)
  • Bank of America 13,000 ATMs shut down because
    of attack.
  • Canadian Imperial Bank of Commerce (CIBC) also
    impacted.
  • 8/2003 Nachi worm (Welchia)
  • Infected two unnamed ATM banking networks

Network worms can inhibit business and stop
transactions.
13
Malware Still Dominates Threat Landscape
Top Threats
Greatest Security Challenges
Source IDC Enterprise Security Survey, December
2005
14
Agenda
  • Security Evolution Challenges on unpredictable
    threat
  • Digital Operation Continuity Strategy and
    Solution
  • The Technology Winning Path RoadMap
  • The Pioneer Trend Micro Profile Overview

15
Top 10 I.T. Director Concerns
  • Aligning IT with business strategy
  • Keeping up with technology
  • Security management
  • Managing costs and resources
  • Coping with change
  • Project management
  • Managing users
  • Workload and managing stress
  • E-business
  • Managing vendors

Readers survey by MIS Asia
16
Major Security Concern for CIO
  • How to Deal with Threat that coming from
    Unmanaged device ???
  • - like Mobile Users ( PDA, Mobile Phone,
    Notebook …. )
  • - like Third party access to network ( visitor,
    supplier consultant, … )
  • How to deal with Unknown Mixed Threat Attack ???
  • - no signature ( Virus Pattern ) exist
  • - zero day threat or attack
  • - Blended with different type of malware
  • 3. How to deal with Targeted Attacked ???
  • - no longer global outbreak
  • - target attack to a single organization with
    flooding hundred of malware

Readers survey by MIS Asia
17
Enterprise Protection Strategy Defined Intelligent
Threat Protection
Security policy compliance
Potential threats
Malicious Threats From Spreading
Infected devices
The Whole Is Better Than The Sum Of Parts
18
Monitor Detect Potential Threats
  • Ongoing detection of known and unknown threats in
    real-time
  • Identify source of threat
  • Limit network access to users that comply with
    security policies
  • Facilitate regulatory compliance

NCIT Network Content Inspection Technology
19
Prevent Stop Malicious Threats
  • Stops known and unknown threats from disrupting
    business continuity
  • Protection Everywhere

Bring business back to normal by repairing
infected devices Agent and Agent-less solutions
20
Central Management Lowers cost of administration
  • Central threat management console
  • Better Protection, Less Mistakes
  • Enterprise-wide view of all threats
  • One Throat To Choke
  • Components
  • Trend Micro Control Manager
  • Provides enhanced Updates/Reporting/Events/Notific
    ations
  • Cisco Incident Control System (ICS)
  • Supports Routers, Switches and IPS devices

NEW
Better Protection With One Throat To Choke
21
EPS A Security Framework Intelligent Threat
Protection
The Whole Is Better Than The Sum Of Parts
22
The EPS ROI Intelligent Threat Protection
EPS Lowers Overall Threat Exposure
23
Summary
  • EPS provides a security framework for
    intelligent, customized and comprehensive
    protection against known and unknown threats
  • Detects first instance of potential threats in
    real-time
  • Offers simple NAC solution for the mobile
    workforce
  • Protects every critical entry point of threats
  • Automates recovery for managed and unmanaged
    users
  • Trend Micro Enterprise core competence
  • Intelligent Threat Protection
  • Integration with network information flow (Cisco,
    NCIT)

24
Architectural Evolution - From the Server to
the Network Access Point
Outbreak Prevention
Virus Response
Assessment and Restoration
Vulnerability Prevention
Manage and Coordinate Outbreak Security Actions
Mass Mailer Worms
Policy Management Reporting
Spam
Office Scan
TMCM
PC-cillin
Web/MMC
L3 Switch
NVW
NVW
Internet/ISP
Firewall VPN
WAN Router
Web Site
ISVW
eMail Servers
File Servers
Network Worms
SMEX
SP
L3 Switch
Spyware
Appliance
IMSS SPS NRS
Trojan
IWSS
25
Trend Micro Control Manager
  • Centralized Management (Web- based)
  • Supports 3000 managed servers on Windows, UNIX
    and Linux
  • Log collection and reporting
  • Service update and delivery platform
  • Outbreak Prevention Service
  • Damage Cleanup Service
  • Vulnerability Assessment Service
  • Centralized Management and configuration for
    Network Viruswall 1200
  • Cascaded Console for greater scalability

26
InterScan Messaging Security Suite
  • Comprehensive messaging security at the
    Enterprise gateway.
  • Virus scanning for SMTP / POP-3
  • Special mass-mailing virus handling
  • Policy-based management enforces corporate email
    policies
  • Integrated Anti- spam database and Content
    Filtering
  • Implements Outbreak Policies for email virus
    outbreaks
  • Supports Heuristic Spam Prevention Solution

27
Spam Prevention Solution
  • Heuristic Spam filtering engine
  • 90 95 Accuracy with 1/80,000 false positive
    rate
  • Automatic updates for Heuristic engine from
    Trends Active Update servers
  • Integrated with IMSS 5.5 for ease of
    implementation
  • Increases Spam catch rate over just fingerprint
    matching
  • IMSS Policy- based framework allows highly
    granular Spam sensitivity settings

28
Anti-Spam Building Blocks
Spam Caught Today
Spam Caught Future
Quarantine
Probability of Being Good or Bad
Are you Good?
Who Are You?
Heuristic Signature Filters
Reputation
Mail Servers
Authorization Authentication
End Users
SPF Domain Keys DKIM CSV
29
Email Reputation Flow
  • IP Reputation clears out the obvious spam
  • Sender Authorization confirms the senders
    domain
  • Domain Reputation applies knowledge to the
    sender
  • Can decide to block, filter or pass
  • Content Filtering removes the gray/questionable
    messages

30
InterScan Web Security Suite
  • HTTP/FTP/ICAP 1.0 Antivirus scanning
  • Web site (URL) filtering (optional)
  • Controls access to unproductive sites (raise
    employee productivity)
  • Controls access to restricted sites (reduce legal
    liabilities)
  • Allows use of pre-approved and/or customizable
    list of sites
  • Manage internet usage
  • Displays employee patterns of web usage
  • Alerts administrators of unusual activity based
    on historical current Web usage
  • Allows administrators to implement individual
    surfing quotas

31
ScanMail for Microsoft Exchange
  • Server-based e-mail virus protection
  • Administrator controls and monitors virus
    activities
  • Transparent virus scanning at the server mailbox
  • Stops viruses, malicious code, sensitive content
    and spam in email and shared folders, before they
    can reach desktop and spread
  • Emergency Attachment Blocking for outbreak
    situations like Sircam, Nimda, Netsky,
    Bagle...etc.
  • Alerts sender, recipients and administrator when
    a virus is found
  • Microsoft certified for new Exchange Virus Scan
    API (Microsoft Exchange 2003)

32
ScanMail eManager Content Filtering
  • eManager Plug-in for ScanMail for Exchange
  • Content Filter - allows administrator to filter
    out offensive and inappropriate email from
    entering Exchange Server
  • Anti-Spam- Filters out spam or unsolicited junk
    email coming to the Exchange server
  • Improves mail server efficiency and ensures that
    only valid messages are received by the end-user
  • Frees up valuable disk space on the server

ScanMail eManager ScanMail Suite
33
ServerProtect
  • ServerProtect efficiently safeguards
    multiple servers, domains and NAS from virus
    attack with next-generation antivirus software
    that can be installed and managed from a single
    secure console.
  • Network OS supported - NT, Win2000, Novell
    Netware, Linux, Win2003
  • Network Attached Storage Supported Platform -
    EMC, Network appliances

34
OfficeScan Corporate Edition
  • Comprehensive security solution designed for
    the corporate desktop environment.
  • Robust security protection against multiple types
    of threats that threaten corporate desktops users
  • Powerful web based management console to
    coordinate effective security policies and deploy
    rapidly
  • Accepts and implements Outbreak Policies and
    Damage Cleanup Templates from Control Manager
  • Supports security policy enforcement via Cisco
    NAC

35
Agenda
  • Security Evolution Challenges on unpredictable
    threat
  • Digital Operation Continuity Strategy and
    Solution
  • The Technology Winning Path RoadMap
  • The Pioneer Trend Micro Profile Overview

36
Our Approach The Whole Threat Lifecycle
Management
Antivirus Consultation Service
Plan
Plan
Antivirus Review Audit Service
Knowledge And Expertise
Knowledge And Expertise
Review
Review
Deploy
Antivirus Deployment Service
Deploy
Monitor
Monitor
Respond
Respond
Outbreak Prevention Damage Cleanup
37
Where does the Value comes from
In the short term, the benefit reflects on the
number of virus outbreak , user downtime and
damage severity.
No. of Outbreaks
  • The benefit is the product of reduced outbreaks,
    range of impact and downtime
  • If each dimension is reduced by 30, total damage
    will reduce by 65

Baseline Damage
Damage after adopting ESO
Range of Impact
Average Downtime
38
Long-Term Value Proposition
In the long term, benefit comes from the
improvement of overall company security.
Illustrative
Total Damage
Damage for Clients Without Any Protection
  • When the clients organization awareness,
    reaction process and security environment are
    improved through adopting ESC, the benefit will
    reflect in the accelerative decrease of damage
    caused by malware

Damage for Clients Using AV Products
Damage for Clients Using Products and ESC
Time
39
The Building Blocks
Security Infrastructure
Organizational Security Awareness/Behavior
Customer
24 x 7 monitoring and service
Trend Micro Partner
Trend Micro
Provider
Technical Account Manager
Online real-time monitoring mechanism
Service Mechanism
Premium Support Program
Monitoring Service Offerings
Products
Consulting Service
Service packaging
Trend Micro Security Expertise
Customer Service Experience
Knowledge
40
Agenda
  • Security Evolution Challenges on unpredictable
    threat
  • Digital Operation Continuity Strategy and
    Solution
  • The Technology Winning Path RoadMap
  • The Pioneer Trend Micro Profile Overview

41
Corporate Fact Sheet
Trend Micro Incorporated Address Shinjyuku
MAYNDS Tower 27F 2-1-1 Yoyogi, Shibuya-ku Tokyo
151-0053 Japan Founded 1989, CA, US Founder
Steve Chang, honored Innovator of the Year
award from 2004 Asia Business Leader Awards
(ABLA). Traded Tokyo Stock Exchange (4704),
NASDAQ (TMIC) Business Nature Antivirus and
content security software and services Offices
Operate in more then 30 countries and with 6
Global RD Centers Number of Employees
2,900 2005 Revenue USD 621.9M Q1/2006 Revenue
USD 179.6M ( grow 19 ) Market Value USD 5
Billion
42
COMPANY OVERVIEW
  • Our Vision
  • Create a world safe for exchanging digital
    information
  • Our Mission
  • Ensure operational continuity against
    unpredictable, malicious threats
  • Our Strategy
  • To provide timely updates for threat management
    by integrating with network information flow

43
Market Leadership
  • Global Leader in the Server-based Antivirus
    Market
  • 1 market share in the Internet gateway antivirus
    market for sixth consecutive year
  • 1 market share in the mail server antivirus
    market for fourth consecutive year
  • 1 market share in the file server antivirus
    market for second consecutive year
  • "Trend Micro has consistently demonstrated a
    strong position in the global antivirus market. 
    To remain successful Trend Micro has adapted
    quickly to market challenges and the evolution of
    security threats. Given Trend Micros track
    record and its strong momentum, we expect the
    company to continue delivering innovative
    solutions that provide customers with timely
    protection against unpredictable threats."
  • Brian Burke
  • Research Manager, IDC

Source IDC, Worldwide Antivirus 2005-2009
Forecast and Analysis Antivirus Evolves from
Product to Feature, Doc 34567, December 2005.
44
Technology Innovation
45
Innovation Support TrendLabs Delivers Global
Service and Support
  • Global Service and Support Excellence
  • TrendLabs provides a worldwide platform for
    delivering timely customized updates, services,
    and support anytime, anywhere.

Munich, Germany
Cork, Ireland Paris, France
Tokyo, Japan
Irvine, U.S.
Taipei, Taiwan
Manila, the Philippines
  • More than 800 Threat Research and Service
    and Support experts at 6 locations
  • Collaborative account management
  • Automated alerts for new threats
  • ISO 9001 2000, BS7799 certifications
  • COPC-2000 Standards Certification

Protection requires more than a product… It
requires service timely and expert service
46
EPS Success Story
  • A global healthcare leader
  • RevenueUS27b, Employees93k
  • Trend Micro products deployed
  • Control Manager, Network VirusWall, ScanMail,
    OfficeScan, ServerProtect
  • Key benefits derived
  • Centralized management
  • Superior product integration
  • Comprehensive threat protection
  • Automatic company-wide updates

EPS Made Us A Partner, Not Just A Vendor
47
(No Transcript)
48
Thank you! More information, please
visit/contact www.trendmicro.com goh_chee_hoh_at_tre
ndmicro.com Misoft Vietnam Distributor www.miso
ft.com.vn 844-9331613
About PowerShow.com