Skip to content

Deep Security

Pinterest
More Options

Advanced protection for physical, virtual, and cloud servers

Delivers comprehensive, automated server protection through host-based security controls, including anti-malware, intrusion prevention (IPS), firewall, integrity monitoring, application control, and log inspection.

  • Accelerate virtualization investments
  • Minimize server security impact
  • Protect your servers from ransomware
  • Ensure cost-effective compliance
  • Move safely to the cloud

Trend Micro™ Deep Security™ provides advanced server security for physical, virtual, and cloud servers. It protects enterprise applications and data from ransomware, breaches, and business disruptions without requiring emergency patching. This comprehensive, centrally-managed product helps you simplify security operations while accelerating regulatory compliance and the ROI of virtualization and cloud projects.

open all

Ransomware protection

Protect your servers with a comprehensive set of security controls

Ransomware is increasingly targeting servers, including recent high profile examples such as SAMSAM, where attackers use known software vulnerabilities to inject ransomware. Attacks on your servers, where critical data (e.g. file servers) and applications reside, can be particularly disruptive to your business.

Deep Security features:

  • Anti-malware, which detects malicious software and stops it—powered by data from the Trend Micro™ Smart Protection Network™
  • Web reputation services stop access to known-bad URLs
  • Intrusion Prevention, which helps by:
    • Detecting and stopping ransomware-specific command and control (C&C) traffic
    • Protecting your servers and applications across the hybrid cloud (physical, virtual, and cloud) by shielding them against exploits of known software vulnerabilities that could be used to inject ransomware
    • Identifying suspicious activity when ransomware attempts to gain a foothold in a data center (e.g., via a compromised user to a file server), and preventing it from continuing, and alerting that there is an issue
    • Detecting and stopping lateral movement if ransomware gets into the data center by identifying and blocking the attack from spreading to more servers
  • Integrity monitoring, which alerts organizations that suspicious activity is happening on critical systems, enabling a rapid response to a potential ransomware attack
  • Application control, which automatically detects and blocks unauthorized software

Server virtualization

Improve ROI with industry-leading server security that can help you triple VM consolidation rates

Get mature technology from the recognized leader in virtualization security. With integrated security designed for virtual servers, you can deploy comprehensive security without sacrificing performance or management. Deep Security lets you secure your virtual environment while achieving the increased efficiencies and ROI of virtualization. Virtualization-aware security preserves performance and increases VM densities.

Desktop virtualization

Maximize VDI security and performance with both agentless and agent-based deployment options

Get comprehensive protection for virtual desktops while preserving performance and consolidation ratios. Built specifically to handle the rigors of virtual desktop environments, Deep Security maximizes protection for a broad spectrum of virtual desktop scenarios. Optimized security for VMware VDI environments—anti-malware, intrusion prevention, web application protection, host firewall, and more—ensures no extra footprint from a security agent to impact the virtual desktops and the underlying host.

Deep Security protects non-VMware VDI like Citrix, and virtual desktops in local mode. These flexible VDI security options let you maximize both the protection and ROI of your company’s unique VDI investment.

VMware NSX integration

Extend the benefits of micro-segmentation

The VMware NSX platform represents the latest step forward to secure the modern data center through VMware and Trend Micro’s joint commitment to design the ideal next-generation security framework. The combination of NSX and the Trend Micro Deep Security platform furthers the automation of security deployments while increasing protection for your virtual environment.

The software-defined data center with NSX micro-segmentation solves some of the most critical challenges of perimeter security. Deep Security extends the benefits of micro-segmentation with security policies and capabilities that automatically follow VMs no matter where they go. This results in the complete independence of a VM’s security posture, giving you the flexibility to run workloads with sensitive data next to workloads with no sensitive information because you no longer have to worry about threats moving laterally through the data center.

Virtual patching

Shield vulnerabilities before they can be exploited without the cost of emergency patching

Hundreds of software vulnerabilities like Shellshock and Heartbleed are exposed each month, and timely patching is expensive, prone to error and often impossible. Trend Micro Deep Security delivers immediate protection while eliminating the operational pains of emergency patching and costly system downtime. This includes protecting against ransomware attacks that attempt to use vulnerabilities. Deep Security keeps your servers protected while reducing the risk of breach.

Cloud protection

Seamlessly protect cloud deployments

Whether you’re deploying a private, public, or hybrid cloud, Trend Micro provides you with cloud protection that’s optimized for virtual and cloud environments. You get better protection, less administrative complexity, and increased performance.  Agentless and agent-based deployments provide flexible cloud implementation options with cross-cloud management to secure your servers, applications, and data.  

Elastic Security from the Cloud: Deep Security as a Service

Cloud Security Best Practices from Forrester Consulting

Security and operations visibility

See security and operations status from a single view

VMware and Trend Micro have partnered to deliver the first security and operations management solution designed for virtualized environments. Trend Micro Deep Security Management Pack for vRealize Operations allows the operations team to see the security status, security-related events, and overall health of the virtual data center from a single view. This allows the operations team to correlate system activity with security activity and address problems in the virtual data center holistically.

Trend Micro Deep Security with VMware vRealize Operations (Advanced edition) delivers unique benefits including:

  • A real-time unified dashboard that allows the operations team to correlate IT and security incidents in their environment and be more effective in responding to these events
  • Correlation between security incidents and virtual machine operations that can save hours or days of debugging and prevent costly downtime of decommissioned VMs
  • A quick visual representation, through a heat map, that shows which computers have had security events triggered
  • Visibility into Data Center Security and Operations Management with Trend Micro and VMware

 

Compliance

Address major regulatory requirements for PCI DSS 3.1, HIPAA, NIST, SSAE16, and many others

The complexity and fluidity of desktop and server virtualization pose security, compliance, and performance risks that require specialized, virtualization-optimized protection and performance. Deep Security provides integrated security and compliance for business systems operating in physical, virtual, and cloud environments. It addresses several PCI DSS requirements and provides core security controls with a unique approach that economically solves the toughest compliance challenges. 

Say NO to ransomware
Over 100 million threats blocked and counting

Protect yourself

#1 For a Reason

IDC

 

2016 Key Technology Trends in Server Security

Get IDC’s free report now


The following tightly integrated Deep Security modules easily expand the platform to ensure server, application, and data security across physical, virtual, and cloud servers, as well as virtual desktops.

open all

Enterprise security

Anti-malware

Provides agentless and agent-based options that integrate with VMware and other virtual environments.

Web reputation

Strengthens protection against web threats to servers and virtual desktops

Integrates with the Trend Micro™ Smart Protection Network™ web reputation capabilities to safeguard users and applications by blocking access to malicious URLs.

Intrusion Prevention (IPS)

Protects against network attacks and shields known vulnerabilities from exploits until they can be patched

  • Protects servers and applications from ransomware attacks by shielding them against exploits of known software vulnerabilities that could be used to inject ransomware as well as from over-the-network attacks against file servers from a compromised user
  • Detects and stops command and control (C&C) traffic that could indicate an attack, like ransomware, is underway
  • Helps achieve timely protection against known and zero-day attacks
  • Uses vulnerability rules to shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits
  • Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email, and FTP servers
  • Automatically delivers rules that shield newly discovered vulnerabilities like Shellshock and Heartbleed within hours, and can be pushed out to thousands of servers in minutes, without a system reboot
  • Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the exposure of your servers

Firewall

Decreases the attack surface of your physical and virtual servers.

  • Centralizes management of server firewall policy using a bi-directional stateful firewall
  • Supports virtual machine zoning and prevents Denial of Service (DoS) attacks
  • Provides broad coverage for all IP-based protocols and frame types as well as fine-grained filtering for ports and IP and MAC addresses

Integrity monitoring

Detects and reports malicious and unexpected changes to files and systems registry in real time.

  • Identifies suspicious activity when malicious software, like ransomware, is used to gain a foothold in the data center (e.g. via a user to a file server). Deep Security detects suspicious activity and prevents it from continuing, while also alerting that there is an issue
  • Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time
  • Adds greater security to virtual machines without additional footprint through an agentless configuration
  • Protects the hypervisor from exploits with innovative hypervisor integrity monitoring technology
  • Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events across the entire data center

Application Control

Automatically detects and blocks unauthorized software.

  • Performs scans to determine which applications are currently on a machine
  • Locks down the system so no new applications can run without being whitelisted
  • Integrates to a DevOps environment to support continuous change to application stacks while maintaining application control protection using APIs
  • Helps to catch threats that yet to have a signature, including some zero-day threats
  • Simplifies administration through one-to-many policies, simplified drift timeline and application execution view, and automated through APIs

Log Inspection

Provides visibility into important security events buried in log files.

  • Optimizes the identification of important security events buried in multiple log entries across the data center
  • Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting, and archiving
  • Leverages and enhances open-source software available at OSSEC

 

Network security

Intrusion Prevention (IPS)

Protects against network attacks and shields known vulnerabilities from exploits until they can be patched.

  • Protects servers and applications from ransomware attacks by shielding them against exploits of known software vulnerabilities that could be used to inject ransomware as well as from over-the-network attacks against file servers from a compromised user
  • Detects and stops command and control (C&C) traffic that could indicate an attack, like ransomware, is underway
  • Helps achieve timely protection against known and zero-day attacks
  • Uses vulnerability rules to shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits
  • Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email, and FTP servers
  • Automatically delivers rules that shield newly discovered vulnerabilities, like Shellshock and Heartbleed, within hours, and can be pushed out to thousands of servers in minutes, without a system reboot
  • Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the exposure of your servers

Firewall

Decreases the attack surface of your physical and virtual servers.

  • Centralizes management of server firewall policy using a bi-directional stateful firewall
  • Supports virtual machine zoning and prevents Denial of Service (DoS) attacks
  • Provides broad coverage for all IP-based protocols and frame types, as well as fine-grained filtering for ports and IP and MAC addresses

System security

Integrity monitoring

Detects and reports malicious and unexpected changes to files and systems registry in real time.

  • Identifies suspicious activity when malicious software, like ransomware, is used to gain a foothold in the data center (e.g. via a user to a file server). Deep Security detects suspicious activity and prevents it from continuing, while also alerting that there is an issue
  • Monitors critical operating system and application files, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time
  • Adds greater security to virtual machines without additional footprint through an agentless configuration
  • Protects the hypervisor from exploits with innovative hypervisor integrity monitoring technology
  • Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events across the entire data center

Application Control

Automatically detects and blocks unauthorized software.

  • Performs scans to determine which applications are currently on a machine
  • Locks down the system so no new applications can run without being whitelisted
  • Integrates to a DevOps environment to support continuous change to application stacks while maintaining application control protection using APIs
  • Helps to catch threats that yet to have a signature, including some zero-day threats
  • Simplifies administration through one-to-many policies, simplified drift timeline and application execution view, and automated through APIs

Log Inspection

Provides visibility into important security events buried in log files.

  • Optimizes the identification of important security events buried in multiple log entries across the data center
  • Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting, and archiving
  • Leverages and enhances open-source software available at OSSEC

Anti-malware security

Anti-malware

Provides agentless and agent-based options that integrate with VMware and other virtual environments.

Web reputation

Strengthens protection against web threats to servers and virtual desktops

Integrates with the Trend Micro Smart Protection Network web reputation capabilities to safeguard users and applications by blocking access to malicious URLs.


open all

Accelerates virtualization, VDI, and cloud ROI

Provides a lighter, more manageable way to secure VMs, helping you make the most out of your virtualization and cloud investments

  • Strengthens security through comprehensive security capabilities applicable across the hybrid cloud
  • Frees staff from continually reacting to emergency patch demands without leaving any gaps in security
  • Protects servers from the latest attacks, including ransomware, as they move between the data center and the public cloud
  • Available as elastic security for AWS, Microsoft Azure, and many other cloud service providers
  • Leverages Deep Security’s tight integration with VMware to automatically detect new VMs and apply context-based policies for consistent security across the data center and cloud
  • Extends the benefits of VMware NSX micro-segmentation in the software-defined data center with security policies and capabilities that automatically follow VMs no matter where they go

Lowers costs

Maximizes efficiency to reduce operational costs with lower overhead, fewer staff hours, and higher VM consolidation rates

  • Allows greater machine consolidation in virtual environments with agentless configuration for anti-malware and other security
  • Eliminates the cost of deploying multiple software clients with a centrally managed, multi-purpose agent or virtual appliance
  • Provides vulnerability protection to prioritize secure coding and cost-effective implementation of unscheduled patching
  • Reduces security management costs by automating repetitive and resource intensive security tasks
  • Ensures improved operational efficiency with a lighter, more dynamic smart agent that eases deployment to maximize resource allocation across the data center and cloud
  • Matches security to your policy needs so fewer resources need to be dedicated to specific security controls
  • Simplifies administration with centralized management across Trend Micro security products.

Prevents data breaches

Minimizes business disruptions with advanced protection that enables self-defending servers and virtual desktops.

  • Detects and removes malware from virtual servers in real time through behavioral monitoring
  • Shields known vulnerabilities, like Shellshock and Heartbleed, in enterprise applications and operating systems, protecting from new attacks like ransomware
  • Detects and blocks internal network attacks—e.g., a compromised user with ransomware attempting to attack a file server
  • Detects and blocks unauthorized software with application control whitelisting
  • Leverages one of the world’s largest domain-reputation databases to protect systems from accessing compromised websites
  • Identifies and blocks botnet and targeted attack command and control (C&C) communications using global and local threat intelligence

 

Helps achieve compliance

Addresses major requirements for standards such as PCI DSS 3.1, HIPAA, NIST, SSAE16, and many others.

  • Provides detailed, auditable reports that document prevented attacks and policy compliance status
  • Reduces the preparation time and effort required to support audits
  • Supports internal compliance initiatives to increase visibility

open all

Architecture

Deep Security is a comprehensive server security platform designed to protect dynamic data centers comprising physical, virtual, and cloud servers as well as virtual desktops. The solution consists of Deep Security Virtual Appliance, Deep Security Agent, and Deep Security Manager.

Deep Security Virtual Appliance

Transparently enforces security policies on VMware virtual machines

This virtual appliance provides agentless options for security controls that include integrity monitoring, anti-malware, IDS/IPS, application control, and firewall protection.

Deep Security Agent

Deploys protection on a server or virtual machine

This small software component is deployed on the server or virtual machine being protected to help enforce security policies. Enables anti-malware, IDS/IPS, web application protection, application control, firewall, integrity monitoring, application control, and log inspection.

Deep Security Manager

Allows administrators to create security profiles and apply them to servers

This powerful management system has a centralized console for monitoring alerts and preventive actions taken in response to threats. The Manager can be configured to automate or distribute security updates to servers on-demand. It also generates reports to gain visibility into activity and meet compliance requirements. Event Tagging functionality streamlines the management of high-volume events and enables workflow of incident response.

Deep Security as a Service

Cloud-based offering delivers comprehensive security for leading cloud service providers

Delivered as an elastic service for rapid deployment from a central management console, Deep Security as a Service enables you to quickly and easily add security to cloud workloads for instant protection. Learn more

Deep Security for SAP

Deep Security integrates with the SAP Virus Scan (VSI) interface to scan content for applications such as NetWeaver, HANA, and Fiori.



PLATFORM ARCHITECTURE

Microsoft® Windows®

  • Windows XP, Vista, 7, 8, 8.1 (32-bit/64-bit)
  • Windows Server 2003 (32-bit/64-bit)
  • Windows Server 2008 (32-bit/64-bit), 2008 R2, 2012, 2012 R2, 2012 Server Core (64-bit)
  • XP Embedded (32-bit/64-bit)1

Linux2

  • Red Hat® Enterprise 5, 6, 7 (32-bit/64-bit)3
  • SUSE® Enterprise 10, 11, 12 (32-bit/64-bit)3
  • CentOS 5, 6 (32-bit/64-bit)5
  • Ubuntu 10, 12, 14 (64-bit, LTS only)4, 5
  • Oracle Linux 5, 6, 7 (32-bit/64-bit)4, 5
  • CloudLinux 5, 6 (32-bit/64-bit)4
  • Cloud Linux 7 (32-bit/64-bit)2
  • Amazon Linux4, 5
  • Debian 6, 7 (64-bit) 4

Oracle Solaris™ 6, 7

  • OS: 9, 10, 11 (64-bit SPARC), 10, 11 (64-bit x86)7, 8
  • Oracle Exadata Database Machine, Oracle Exalogic Elastic Cloud, and SPARC Super Cluster via the supported Solaris operating systems

UNIX6

  • AIX 5.3, 6.1, 7.1 on IBM Power Systems7, 8
  • HP-UX 11i v3 (11.31)7, 9

VIRTUAL

  • VMware® vSphere: 5.0/5.1/5.5/6.0,  vCloud Networking and Security 5.1/5.510, View 4.5/5.0/5.1, ESX 5.5, NSX 6.1.X
  • Citrix®: XenServer11
  • Microsoft®: HyperV11

1Due to the customization possible with Windows XP Embedded, we request that customers validate correct operation in their own environments to ensure the services and ports necessary to run the Deep Security Agent have been enabled
2See documentation for supported kernels
3Support for SAP protection only in Red Hat 6 (64-bit) and SUSE 11 (64-bit) agent side only. To have SAP protection function correctly, the anti-malware module must be enabled in the agent side.
4Anti-malware support for on-demand scan only
5See latest release notes for supported versions
6Anti-malware and web reputation monitoring not available
7Supported via 9.0 agents
8Anti-malware not available
9Log inspection and integrity monitoring only
10vCloud Networking and Security allows for agentless anti-malware and integrity monitoring
11Protection via Deep Security Agent only


Connect with us on