What is Trendmicro Deep Security?
Trend Micro™ Deep Security™ provides advanced server security for physical, virtual, and cloud servers. It protects enterprise applications and data from ransomware, breaches and business disruptions without requiring emergency patching. This comprehensive, centrally-managed platform helps you simplify security operations while accelerating regulatory compliance and the ROI of virtualization and cloud projects.
Trendmicro Comes Solution Comes with difference modules. which tightly integrated and easily expand the platform to ensure server, application, and data security across physical, virtual, and cloud servers, as well as virtual desktops.
What are different Trendmciro Modules?
- Network Security
- System Security
- Antimalware Security
Lets See what type of protection or components included in different modules.
Network Security Module
Network Security Module comes with two type of protection or components (Intrusion Prevention (IPS) & Firewall).
These are the features included in IPS and Firewall Components.
1-Intrusion Prevention (IPS)
Protects against network attacks and shields known vulnerabilities from exploits until they can be patched
- Protects servers and applications from ransomware attacks by shielding them against exploits of known software vulnerabilities that could be used to inject ransomware as well as from over-the-network attacks against file servers from a compromised user.
- Detects and stops command and control (C&C) traffic that could indicate an attack, like ransomware, is underway.
- Helps achieve timely protection against known and zero-day attacks.
- Uses vulnerability rules to shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits.
- Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email, and FTP servers.
- Automatically delivers rules that shield newly discovered vulnerabilities like Shellshock and Heartbleed within hours, and can be pushed out to thousands of servers in minutes, without a system reboot.
- Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the exposure of your servers.
Decreases the attack surface of your physical and virtual servers
- Centralizes management of server firewall policy using a bi-directional stateful firewall.
Supports virtual machine zoning and prevents Denial of Service (DoS) attacks.
- Provides broad coverage for all IP-based protocols and frame types as well as fine-grained filtering for ports and IP and MAC addresses
System Security Module
System Security Module comes with two types of protection or components ( Integrity monitoring & Log Inspection).
These are the features included in Integrity Moniroting and Log Inspection components.
Detects and reports malicious and unexpected changes to files and systems registry in real time.
- Identifies suspicious activity when malicious software, like ransomware, is used to gain a foothold in the data center (e.g. via a user to a file server). Deep Security detects suspicious activity and prevents it from continuing, while also alerting that there is an issue.
- Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time.
- Adds greater security to virtual machines without additional footprint through an agentless configuration.
- Protects the hypervisor from exploits with innovative hypervisor integrity monitoring technology.
- Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events across the entire data center.
Provides visibility into important security events buried in log files
- Optimizes the identification of important security events buried in multiple log entries across the data center.
Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting, and archiving.
- Leverages and enhances open-source software available at OSSEC.
Antimalware Security Module
Antimalware Security Module comes with two types of protection or components (Antimalware & Webreputation).
These are the features included in Antimalware and Web reputation Components.
Provides agentless and agent-based options that integrate with VMware and other virtual environments.
- Strengthens protection against web threats to servers and virtual desktops
- Integrates with the Trend Micro™ Smart Protection Network™ web reputation capabilities to safeguard users and applications by blocking access to malicious urls.