Review: Trend Micro Appliance Finds The Middle Ground
Businesses with around a hundred users often are caught between a rock and a hard place when it comes to security. They have too much traffic to use an all-in-one appliance yet too small of a budget to fully implement an enterprise-style layered approach to security.
Trend Micro's IGSA line, unveiled this week, comprises six extendable security appliances for 100, 200, 300, 600, 800 and 1,000 users. The CRN Test Center engineers took a look at the IGSA 100, which offers all of the features of its bigger brethren but is scaled for 100 users.
At an MSRP of $4,490, the IGSA 100's pricing works out to less than $50 per seat, which is very reasonable compared with the cost of traditional, software-only desktop security products. IGSA does a lot more than the typical antivirus product. Classified as a unified threat management (UTM) device, the product combines antivirus, antispam, antispyware and content filtering to combat multilevel threats.
The antivirus capability prevents incoming and outgoing virus outbreaks, and the antispyware component identifies and blocks spyware-related activity. Add to that the one-two punch of antispam and content filtering, and all avenues for infection and replication of malware are blocked.
For example, if spyware is delivered via an e-mail, the spam filter should block it; if not, the antispyware component will prevent the installation of spyware. And if those first two steps fail, the content filter would prevent any information being delivered via the Web to a spyware site. The same type of process also applies for viruses. That combination of threat isolation brings a layered approach to security, while identifying and blocking unified attacks.
The IGSA 100 is housed in an attractive, red 1U rack appliance. The unit sports three 10/100/1000 Ethernet ports for connectivity and a front-mounted LCD panel for initial setup and status. Designed to be plug and play, the product is one of the easiest UTM appliances to deploy, the Test Center found.
Powered by a 3GHz Intel Pentium 4 processor with 1 Gbyte of RAM and running a hard-end version of Linux, the IGSA 100 offers more than adequate performance for 100 users. Setup tasks are completed using an HTTPS-based Web console, as is overall management of the device. Management is broken down into easy-to-understand menus with help dialogs and should pose no challenge for a typical administrator.
The ability to fully control the device remotely plays well into the hands of VARs seeking to offer a management service for the unit. That may prove to be a lucrative service, since many midsize businesses lack on-site IT security professionals. Most of the IGSA 100's capabilities are wizard-driven, making the unit easy for those new to security management to configure and maintain. The integrated reporting tools allow VARs to create informative status reports to inform clients of the effectiveness of the device and help identify usage trends. Trend Micro keeps the unit updated via a subscription service, which can be sold through the VAR. Updates are automated and occur as frequently as needed.
For end users, the device proves to be seamless. Users are notified of viruses, spam or other problems via e-mail, while a content control page is accessible through a browser if content filtering is in place. Blocked sites are identified, and users are informed of the issue with the site and why it is blocked. The unit introduces no real latency into the environment, and users shouldn't notice any network slowdowns or interruptions when the device is installed.
When it come to resiliency, the IGSA 100 relies on a "fail open" methodology. If the unit fails, then all traffic is allowed to pass through it. Regrettably, Trend Micro doesn't offer a failover or clustering approach to combating failures. That option could help double a solution provider's sales in high-demand environments. All is not lost, though, since VARs can sell complementary, third-party failover-enabled intelligent switches to deal with unit failures, as well as be able to sell some resiliency into high-demand environments.
One feature worth noting is the IGSA 100's ability to clean infections and repair desktops. Administrators can install a desktop client application that directly interacts with the unit to bring an additional level of security into the mix. As a matter of fact, the desktop client is the only way to ensure that a client system is fully protected and managed.
Trend Micro's two-tier channel program consists of SecureOne VARs and Advantage partners, who receive varying levels of training, account management assistance, MDFs, partnering on events, pre- and post-sales support, a technical help desk and opportunities to cross-sell other Trend Micro products and services.
The SecureONE level requires members to make a substantial investment in Trend Micro and the future direction of their security practices. SecureONE members get field support and have priority access to lead distribution, confidential information and Sales Development Funds. SecureONE partners are required to meet revenue goals, and membership is via invitation only. Technical and sales certifications are also requirements for the top tier, where partners get dedicated support staff.
The Advantage channel level is geared toward VARs looking to evolve or aggressively grow a security business. Advantage members get access to the Vantage Rewards Program (earning cash rewards by selling Trend Micro solutions), sales training, Not-For-Resale (NFR) products, and the opportunity to grow within the partner program.