 Trend Micro Network VirusWall
Whilst Antivirus Software is intended to prevent viruses and
worms (e.g.Zotob) from infiltrating your company's network, Network VirusWall
deals with the consequences of what happens when virus scanning
fails and a worm outbreak starts.
The problem
arises primarily from the growth in laptops and mobile computing.
Mobile users who have not been protected by the corporate antivirus
defences can easily contract a network worm such as Zotob or Sasser whilst they are
travelling simply because they have not updated their pattern files.
If this happens, and they then return to the office and plug into
the network, it is at this point that the virus outbreak can take
hold.
Once a Network virus or worm like Sasser or Zotob establishes a foothold in the
network, worm removal is problematic for standard antivirus
software. In addition, firewalls and intrusion
detection systems cannot effectively stop network worms from
propagating to other devices.
Network worms can degrade network
performance, take mission critical devices offline and bring
network connections to a halt. Because of the difficulty in cleaning
up after a network virus outbreak, re-infection often occurs causing
spiralling support effort and costs to isolate and clean up after
the initial outbreak.
Network
VirusWall Provides The Answer
Network VirusWall is the only effective solution
to enable organisations to contain a worm outbreak within the
organisation and automatically clean up infected devices on the
network. Just as importantly, it can help to prevent the problem
occurring in the first place.
Network
VirusWall uses a combination of methods to identify, contain and
eradicate network viruses:
Network Outbreak
Monitoring:
Network VirusWall monitors key indicators to
identify a virus outbreak:
- Traffic flow changes
- Connections initiated to
and from a single client at any given time
- Sudden increases in
traffic through specific ports or protocols (TCP, UDP, ICMP, and
IGMP).
Any infected
host machines that are found are notified to the Systems
Administrator
Network Outbreak
Prevention:
When a network virus outbreak is detected, Network VirusWall
implements specific measures to contain it:
- IP address, port and protocol
filtering to prevent machines from spreading infection across
the Wide Area Network
- File type filtering
Deployment of these policies can
be automated to maximise protection or manually deployed to
provide greater control and flexibility.
Network Scanning and
Detection:
Scanning the network using network signatures
from TrendLabs and dropping infected packets.
Security Policy
Enforcement:
Security policy enforcement enables organisations to enforce
antivirus security policies and minimise network infections and
re-infections. Policy enforcement actions which can be taken
include detection of:
- Antivirus client
products (Symantec, Network Associates and Trend Micro)
- The latest scan engine and
pattern files (from Trend Micro)
Checks for compliance with these
policies are made as users access the network. If the user is not in
compliance, they can be directed to instructions on how to update
antivirus scan engine and pattern files or download antivirus
products in accordance with their company’s security policies.
"Trend Micro's
Network VirusWall offers our joint customers enhanced
security for their devices running Windows XP Embedded.
Trend Micro's appliance integrates with Windows XP
Embedded solutions to help protect a spectrum of devices
from network viruses and Internet worms."
Jane Gilson
Group Product Manager,
Mobile and Embedded Devices Division,
Microsoft Corporation |
Automated Damage Cleanup:
Trend Micro's Damage
Cleanup Service automates agent-less, remote cleanup of infected
host machines with damage cleanup templates from TrendLabs.
Damage cleanup includes cleanup of or fixing of unwanted
registry entries created by worms or Trojans, memory resident
worms or Trojans, garbage and viral file drop by worms or
Trojans, and system file configuration such as system.ini, after
they have been infected or altered by viruses.
Vulnerability Isolation:
Unpatched machines may be automatically
identified to the system administrator so that corrective action
may be taken to bring them into compliance with company policy.
By deploying Network VirusWall in network
LAN segments, organisations can significantly reduce their
security risk, network downtime, and outbreak management burden.
* Requires Trend Micro™ Vulnerability
Assessment
** Requires Trend Micro™ Outbreak Prevention Services
*** Requires Trend Micro™ Damage Cleanup Services |
