Deep Security

Integrates new VMware vShield Endpoint APIs to provide agentless anti-malware protection for VMware virtual machines with zero in-guest footprint. Helps avoid security brown-outs commonly seen in full system scans and pattern updates. Also provides agent-based anti-malware to protect physical servers, Hyper-V and Xen-based virtual servers, public cloud servers as well as virtual desktops in local mode. Coordinates protection with both agentless and agent-based form factors to provide adaptive security to defend virtual servers as they move between the data center and public cloud.

Integrates with the Trend Micro™ Smart Protection Network™ web reputation capabilities to safeguard users and applications by blocking access to malicious urls. Provides same capability in virtual environments in agentless mode through the same virtual appliance that also delivers agentless security technologies for greater security without added footprint.

Helps achieve timely protection against known and zero-day attacks. Uses vulnerability rules shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits. Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email and FTP servers. Automatically delivers rules that shield newly discovered vulnerabilities within hours, and can be pushed out to thousands of servers in minutes, without a system reboot.

Helps achieve timely protection against known and zero-day attacks. Uses vulnerability rules shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits. Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email and FTP servers. Automatically delivers rules that shield newly discovered vulnerabilities within hours, and can be pushed out to thousands of servers in minutes, without a system reboot.

Defends against web application vulnerabilities

Enables compliance with PCI Requirement 6.6 for the protection of web applications and the data that they process. Defends against SQL injections attacks, cross-site scripting attacks, and other web application vulnerabilities. Shields vulnerabilities until code fixes can be completed.

Identifies malicious software accessing the network

Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the vulnerability exposure of your servers.

Centralizes management of server firewall policy using a bi-directional stateful firewall. Supports virtual machine zoning and prevents Denial of Service attacks. Provides broad coverage for all IP-based protocols and frame types as well as fine-grained filtering for ports and IP and MAC addresses.

Optimizes the identification of important security events buried in multiple log entries across the data center. Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting and archiving. Leverages and enhances open-source software available at OSSEC.

• Strengthens security without additional footprint through agentless integrity monitoring, intrusion prevention, firewall and anti-malware
• Frees staff from continually configuring, updating, and patching agents
• Protects virtual servers and virtual desktops as they move between data center and public cloud
• Available as elastic security offering from the cloud for Amazon Web Services

• Allows greater machine consolidation in virtual environments with agentless configuration for anti-malware and other security
• Eliminates the cost of deploying multiple software clients with a centrally managed, multi-purpose agent or virtual appliance
• Provides vulnerability protection to prioritize secure coding and cost-effective implementation of unscheduled patching
• Reduces security management costs by automating repetitive and resource intensive security tasks

• Detects and removes malware from virtual servers in real time
• Shields known and unknown vulnerabilities in enterprise applications and operating systems
• Leverages one of the world’s largest domain-reputation databases to protect systems from accessing compromised websites
• NEW: Integrity monitoring of the hypervisor via Intel TPM/TXT technology to meet evolving compliance needs

• Provides detailed, auditable reports that document prevented attacks and policy compliance status
• Reduces the preparation time and effort required to support audits
• Supports internal compliance initiatives to increase visibility

This virtual appliance provides agentless integrity monitoring, anti-malware, IDS/IPS, web application protection, application control, and firewall protection—coordinating with Deep Security Agent, if desired, for log inspection and defense in depth.

This small software component is deployed on the server or virtual machine being protected to help enforce security policies. Enables anti-malware, IDS/IPS, web application protection, application control, firewall, integrity monitoring, and log inspection.

This powerful management system has a centralized console for monitoring alerts and preventive actions taken in response to threats. The Manager can be configured to automate or distribute security updates to servers on demand. It also generates reports to gain visibility into activity and meet compliance requirements. Event Tagging functionality streamlines the management of high-volume events and enables workflow of incident response.

As organizations move to the cloud, they take on shared risk with their cloud partner. For those using Amazon Web Services, Trend Micro Deep Security as a Service provides the most complete set of recommended security capabilities, delivered in AWS with tight integration to make it fast and easy to realize the full benefits of the cloud. Learn more