Once the Center used DDI to visualize risks and knew the precise security requirements, it established a multi-layered security operation system leveraging several Trend Micro products which the Center was already using. The system not only improved the level of security, but could also be an effective countermeasure which eliminates the triggers of targeted attacks using a variety of techniques.
“Specifically, based on the real-time detection of malicious behavior and date and time logs from DDI, we take immediate action against a variety of threats and risks. For example, if DDI detects PCs without the latest OfficeScan™ pattern files, we perform virus scans and update the pattern files to the latest version. If it detects infected PCs, we immediately isolate them from the network and eliminate any risk of the infection spreading. We then remove the virus with Trend Micro Portable Security™, a tool that detects and removes viruses on off-line terminals,” explains Shiroma. In addition, the Center registers malicious URLs or emails detected by DDI on blacklists of gateway countermeasure products such as InterScan WebManager™ for URL filtering, and InterScan Messaging Security Virtual Appliance™ which deletes malicious email before it reaches the network, preventing malicious access and infiltration of malicious files in the future. Consequently, this prevents attacks which lead to information exploitation, such as the communication with the C&C server which was discovered in the past.
These were not the only results. In addition to detecting threats, the threat logs of DDI were also useful for instructing teachers. “By using the logs to collate details of threats and provide a weekly summary of them, it is possible to clearly demonstrate what happened, and where and when it happened. This has been useful for elevating the security consciousness of both students and teachers,” says Yamashiro.
Through the usage of Deep Discovery Inspector™ Advanced Optional Services, the Center receives reports analyzed by a Trend Micro specialist engineer. The report also includes an evaluation of the security level, and the latest report showed that the Center’s security level has improved dramatically.
“The engineers analyze the extensive logs and provide us with reports which indicate threats and the behavior of those threats accurately and in a manner that is easy to understand. We feel that this know-how is exactly what is expected from a specialized vendor. Thanks to Trend Micro it has been possible for us to make our countermeasures more effective,” explains Shiroma, appraising the feature.
The Center is considering a variety of IT initiatives such as the implementation of tablet devices in classes, and it has high expectations of Trend Micro as a company that supports security to utilize IT without restrictions.
Okinawa Prefectural Education Center