Trend Micro Adds File Monitoring In Server Security Release

Trend Micro is adding to an ever-growing list of capabilities in its newly upgraded server security platformm, Deep Security, to include file monitoring, a feature that aims to incorporate customers adhering to compliance regulations in virtual environments.

Perhaps the most significant change in the latest version of its server security product, Deep Security 8, unveiled Tuesday at the VMworld Conference in Las Vegas, Nev., is the addition of an agentless file integrity monitoring capability built into the VMware vSphere 5 virtual environments. Among other things, the file monitoring feature enables hypervisor integrity checks and other cloud-sourced functions, Trend Micro executives said.

Meanwhile, Mike Brown, senior virtualization consultant for INXi, a Houston, Tex-based solution provider , said that all in all, the changes between Deep Security 7.5 and Deep Security 8 were relatively minor. ’They’ve taken out some of the stuff that used to require an agent,’ he said.

However, Brown added that the that the inclusion of an agentless file integrity monitoring into VMware’s VSphere would be a big draw for health-care organizations or those adhering to HIPAA or any other kind of compliance regulations that require copious maintenance of log files.

’You have to make sure the integrity of those log files is good. That’s going to be a big selling point for those people,’ he said, adding that the potential customers would also be more apt to adopt file monitoring capabilities if it didn’t require installing an agent.

’Most of our customers would look at it from that point. Currently, if you want to use this feature, you still have to have to install an agent. Not having to install an agent now will hopefully trend sales on that particular feature,’ Brown said.

Meanwhile, Harish Agastya, Trend Micro director of product marketing, said that the incorporation of an agentless file integrity monitoring capability would ultimately designed to lower the barrier to adopting the technology in both virtual and compliance driven environments.

’Previously it was a point solution,’ Agastya said. ’The value proposition now is that you just have to turn on that capability. Integrity monitoring will really grow, both for Trend Micro and the broader market and channel as well. We’re bringing new technology to a much larger set of customers, and now it’s much easier to deploy.’

The newly released Deep Security 8 comes equipped with several enhancements for both virtual servers and desktops. On the server side, the product incorporates agentless file integrity monitoring, as well as flexible deployment architecture, hypervisor integrity monitoring and support for VMware VSphere 5 and VMware vShield Manager 5.

In addition, Deep Security 8 serves virtual desktops with agent-based anti-malware for VDI local mode. It also leverages Web reputation capabilities and provides an optional end-user notifier to alert the user with malware notifications, in lieu of a full blown antimalware agent.

For physical servers, the latest Deep Security product features automatic cloud-based event white listing and agent-based anti-malware, applied to physical servers running Windows and Linux operating systems.

Next: Virtual Agentless File Monitoring Expands Customer Base For Partners

Agastya said that the agentless file monitoring capabilities for virtual environments opened up opportunities for channel partners to target new customers whose file monitoring licenses are up for renewal, rather than displacement for existing customers.

’The bigger area for the channel is to look at customers that don’t have Deep Security. There’ less of a need to try to go in and displace an incumbent,’ he said.

The Deep Security 8 product starts at $1,000 per server and is set to ship by the year’s end.

In addition, Trend Micro released the latest version of its cloud data protection offering, SecureCloud 2, Tuesday, beefed up with an encryption agent complete with FIPS 140-2 certification, a government security standard.

SecureCloud 2, which works in conjunction with Deep Security server security products, was enhanced with capabilities allowing it to query Deep Security Manager and gather information about the servers it protects. IT administrators can then draw from the information to build policies and enhance rules that govern which servers are allowed access to encryption keys.

Agastya added that the SecureCloud 2 release, which incorporates context aware data protection, enables IT administrators to have more control over policy due to tighter integration with the Deep Security server security platform.

’If the VM does not have antivirus on it, or does not have integrity monitoring, or the rules for intrusion prevention are not set, then Deep Security will reflect that state of security and SecureCloud can be designed to interpret those rules and set appropriate policy,’ Agastya said, adding that the combined products work in tandem to alleviate some of the security concerns that have inhibited customers from adopting more cloud infrastructure. ’The two work together to provide more confidence to move into the cloud.’