Trend Micro Expands Enterprise Protection Strategy

Extensive New Product, Service, and Central Management Innovations Strengthen Proactive Outbreak Management Capabilities for the Enterprise

Cupertino, CA – January 14, 2003 – Trend Micro, Inc. (Nasdaq: TMIC; TSE: 4704), a worldwide leader in network antivirus and Internet content security solutions, today announced the expansion of Trend MicroTM Enterprise Protection Strategy (EPS) with the delivery of a range of new products, services and architectural enhancements to assist in the management of outbreaks across multiple points of the corporate network. Products and services announced today are designed to further address the common challenges faced by IT Managers when dealing with virus and malicious code outbreaks, from coordinating security policies across many different devices, platforms, and systems in different geographic locations to determining the overall effectiveness of current security investments and procedures.

Trend Micro launched EPS in May 2002 in response to mixed threat viruses like NIMDA and Code Red, which pushed back the frontiers of traditional virus protection. EPS is an industry-unique approach to addressing mixed-threat attacks based on the coordination of any Trend Micro products and services, and the expertise of TrendLabs, to address each stage of what the company has termed the outbreak lifecycle: outbreak prevention, virus response, and assessment and restoration.

“Existing antivirus solutions are mostly centered around the distribution of virus signature updates”, says Peter Firstbrook, Senior Research Analyst with META Group. “However, companies also need more information and policy controls to protect businesses against virus threats in the initial stages of an outbreak to contain the damage and more tools to clean and disinfect resources to prevent further reinfection. Vendors that provide security organizations easy-to-use tools and information to guide their activities throughout the entire lifecycle of an outbreak will best equip customers to combat rapidly spreading viruses and mixed threats.”

“We believe the key to addressing NIMDA-like threats lies in the ability to help customers address an attack from the first moment it appears, not just when the details are obvious and it’s time to clean up,” said Steve Chang, Chairman and CEO, Trend Micro. “The new services, products, and product revisions we are delivering today demonstrate our commitment to broadening the capability that an IT administrator has to thwart increasingly virulent attacks in real-time.”

Coordinated Defense System Halts and Mitigates Mixed-threat Attacks

As the complexity of mixed-threat attacks has continued to increase, traditional industry solutions used to address them are largely inadequate. The current approach of delivering pattern files to address a specific attack is inherently limited; more complicated threats can propagate and cause damage much more quickly, leaving less time to put a solution in place. Moreover, delivering pattern files does little to ease the burden of ensuring consistent and timely policy deployment across a corporate network in the event of an outbreak or restoring systems after the outbreak has occurred.

“We talk to many enterprise customers who continue to struggle with mixed-threat attacks like NIMDA and CodeRed,” said Larry Bridwell, content security programs manager at ICSA Labs, which offers vendor-agnostic testing and certification of security products. “While they have options from shutting down network traffic altogether to deleting or blocking attachments by file types, they are still unclear about the optimal action for them to take, while still minimizing the downside of losing data or inadvertently letting malicious content through.”

To answer these needs, in May 2002 Trend Micro launched its subscription-based Outbreak Prevention Services for enterprise messaging environments, an industry first, by delivering proactive, attack-specific instructions to help enterprises deflect, isolate and stem the behaviors of attacks as soon as they are identified, prior to the release of a pattern file. These policies incorporate timely knowledge from TrendLabs, Trend Micro’s worldwide network of research experts and can be implemented by Trend Micro products automatically or for an action specified by the IT administrator.

Trend Micro has now expanded its Outbreak Prevention Services to include its products residing at all critical points of the network and include support for Solaris, Linux, and Windows operating environments. This service can now be enabled through new versions of OfficeScanTM and ServerProtect?¤ for corporate desktops and file and application servers, ScanMail(tm) for MicrosoftTM Exchange for Microsoft Exchange environments, ScanMail for Lotus NotesTM for Domino messaging environments, InterScan(tm) Messaging Security Suite for the Internet gateway, and InterScan WebProtectTM for ICAP for web caching products.

Today, Trend Micro also introduces Outbreak Prevention Services support for NetScreen-Global PRO, enabling Trend Micro to deploy outbreak prevention policies to firewall administrators who use the Netscreen-Global PRO management console that enables policy deployment to NetScreen devices. By integrating with third-party security technologies and supporting heterogeneous platforms, Outbreak Prevention Services represents a true enterprise-focused approach to stopping mixed-threat attacks.

Trend Micro also extends the Virus Response Service Level Agreement (SLA) on a stand-alone basis to all customers who purchase any Trend Micro product. First introduced in October 2002, the Virus Response SLA, is a penalty-backed guaranteed two-hour virus support service. Another industry first, the Virus Response SLA is designed to minimize the time between virus identification and delivery of a high-quality solution.

New Services Decrease Vulnerability Throughout the Enterprise
Prior to 2001, viruses like LoveLetter hit, were stopped and cleaned. One of the fastest-spreading viruses seen to date, it reached its height of activity five days from its initial launch, and one month later, saw the virtual end to its spread. Today this is not the case; certain variants of NIMDA are almost as virulent today as when they first emerged in 2001[1]. Additionally, while the incidences of major outbreaks such as CodeRed seem to be lessening in frequency, the actual number of infections continues to rise.

“We continue to see many viruses that were introduced 2-3 years ago which in their first month did not cause as much damage as compared to CodeRed in the same time period, but are re-appearing in many companies, re-infecting existing systems or causing damage to ones not previously affected,” said Bridwell.

For many administrators, ridding the network of virus remnants can be time consuming and expensive, since most rely on manual processes. Computer Economics estimated that 74[2] per cent of the costs incurred by companies due to the Goner Worm virus were attributed to clean up efforts required after the virus attack occurred.

To manage complex cleanup activities, Trend Micro now offers attack-specific cleanup templates that help isolate and rid desktops and servers of virus remains, such as hidden guest accounts, registry entries or memory-resident payloads. The templates are part of the services provided through Trend Micro’s Damage Cleanup Services, available as a standalone, server-based software offering or as feature in OfficeScan and ServerProtect, Trend Micro’s centrally-managed antivirus products for corporate desktops and file servers.

Trend Micro’s damage cleanup capabilities also help reduce the potential for subsequent assaults, by helping IT administrators determine the effectiveness of their current security infrastructure through detailed reports that track which systems were cleaned and where potential vulnerabilities might be. Additionally, IT managers can reduce the vulnerability of the network to future attack, lessen the potential associated cleanup costs, and better determine the effectiveness of their security infrastructure for handling new and re-occurring threats.

Centralized Management Delivers Enterprise-Wide Coordination and Visibility Into Security Effectiveness

Trend Micro Control Manager 2.5 is the core of EPS, providing centralized management and enterprise-wide coordination for Trend Micro antivirus and content security products and services. Trend Micro Control Manager provides a comprehensive view of outbreak activity and acts as a central command center to deploy Outbreak Prevention Policies and subsequent pattern files across the network. New reporting capabilities help administrators consolidate information on virus events or unusual activity, and create graphical reports for analysis and monitoring. Specifically, the reports can demonstrate tangible business results achieved through the use of Outbreak Prevention Services by identifying the number of policies deployed, where they were deployed, and the level of their effectiveness.

With current enhancements to Trend Micro Control Manager, enterprises can also automatically deploy Outbreak Prevention Policies as soon they become available. This level of automation enables corporations to deploy a safety net for their networks when they may not be physically present to take action. This capability is also beneficial to small and medium businesses that may not be staffed around the clock to develop and distribute prevention policies on their own.

“EPS is designed to provide a tightly coordinated means to solving the increasing complexity of mixed-threat attacks and delivering real answers to customers where currently available solutions fall short,” said Chang. “To further deliver on our promise, we have been working closely with industry-recognized leaders in other security disciplines such as firewall, secure connection (VPN), and anti-spam to optimize the capabilities of EPS and deliver a comprehensive solution beyond just the merits of our antivirus and content security capabilities. While this announcement is one of a series of developments to come to achieve this end, customers can already benefit from EPS today.”

About ICSA Labs
ICSA Labs, an independent division of TruSecure Corporation, offers vendor-agnostic testing and certification of security products. Hundreds of the world’s top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests 95% of products in key technology categories such as anti-virus, cryptography, PKI, IPSec, VPN, firewall, PC firewall, intrusion detection and content security.

About Trend Micro
Trend Micro, Inc. is a leader in network antivirus and Internet content security software and services. The Tokyo-based corporation has business units worldwide. Trend Micro products are sold through corporate and value-added resellers. For additional information and evaluation copies of all Trend Micro products, visit our website at

Don't miss