Trend Micro Takes On Network Security

OSCE adds to Trend Micro's existing arsenal of client security technology tools to combat threats such as the recent Sasser worm variants, which rely more on the network rather than e-mail attachments or other file-based methods to unleash assaults, said Bob Hansmann, director of product marketing at Trend Micro, Cupertino, Calif.

"Threats like Sasser come through the network; they never become a file," said Hansmann. "So this version of OSCE has a server component to go along with the client component, and we are actually monitoring the network activity at a lower level to detect a network-based virus."

Protection against spyware, adware and dialers is also new to OSCE, and an enterprise client firewall has been added, giving the software the ability to enable and disable ports, a feature key to preventing worms such as Sasser that exploit port-related vulnerabilities.

In addition, OSCE's client firewall can scan both inbound and outbound messaging packets for malicious threats or unauthorized access to desktop clients, said Hansmann.

Aside from adding protection for network-based threats, the server component also eases client installation. As many as 11 client installation options can be used, including deployment via CD, e-mail or a downloadable central file. OSCE can even automate the uninstall of existing third-party antivirus software on clients. A Web-based management console allows administrators to coordinate policies and system configurations via the Internet.

Wes Parker, sales representative at Stalwart Systems, a $2.3 million security solution provider in Charlotte, N.C., said these improvements should impress customers who, in past engagements, opted for competitive security tools. "I feel Trend has shown a lot of foresight [with OSCE] and are in step with my customers," he said.

OSCE includes support for Cisco Systems' Network Admissions Control (NAC), said Hansmann. The NAC program uses Cisco routers as part of a network's defense, enabling the routers to analyze client devices and detect whether virus definitions are up-to-date or proper patching has been done before allowing the client to log on to the network.

Just last week the two companies agreed to integrate Trend Micro's network worm and virus signatures with the Cisco Intrusion Detection System (IDS). Cisco, Network Associates, Symantec and Trend Micro each contributed to the development of the NAC program.

Trend Micro's effort with OSCE is to integrate a number of tools "so customers no longer have to install four, five or six security products," said Hansmann. "We are trying to include all the content security and access security in one package."

Price for a user group of about 25 clients runs at about $25 per user for the first year, said Hansmann. Existing Trend Micro customers can upgrade to OSCE for free.

Meanwhile, Trend Micro's IWSS adds additional protection to the network by monitoring for malicious code transmitted by certain Web sites, or from client infections such as spyware. IWSS can monitor code running in and out of an organization, preventing spyware from sending data. It can also block access to URLs deemed dangerous to the network, such as phishing sites that pose as familiar Web sites in order to steal user information and access codes, said Hansmann.

Available add-on features for OSCE, such as URL filtering, provide upsell opportunities for resellers, said Mike Canavan, security system engineer at CDW, Vernon Hills, Ill. The arrival of network-based threats has plenty of customers asking, "Is my network secure enough?" said Canavan.