In order to meet AIL’s security needs, Trend Micro came up with a custom protection strategy that monitors the IT and utilities networks and controls the endpoints. The networks are now protected by Deep Discovery, specifically Deep Discovery Inspector for detection and Deep Discovery Analyzer for remediation. For the endpoints, Aziende Industriali di Lugano use the Enterprise Security Suite. These solutions communicate with each other in real time and are managed centrally by the Trend Micro Control Manager.
The cornerstone of this project is Trend Micro Deep Discovery, the most complete solution of its category in combating APT attacks. Not only does Deep Discovery have the tools it takes to detect zero-day exploits and other threats throughout the network and during all phases of an attack, it has also been designed to provide in-depth analysis tools to prevent future attacks. Deep Discovery’s network detention capabilities and custom sandbox analysis can detect the spear phishing email messages that are often at the heart of the attack, identify the malware, and discover the external command-and-control (C&C) sites used by the cybercriminals. Deep Discovery Inspector, in particular, is a network device that provides full control over all network traffic in order to detect any aspect of a targeted attack. Deep Discovery Inspector monitors all network ports and more than 100 protocols to provide the broadest protection available. Specialized detection engines and custom sandboxing identify and analyze malware, C&C communications, and the evasive actions of attackers that are invisible to standard security solutions. Deep Discovery Analyzer, in turn, provides analyses in custom sandboxes, thereby increasing the value of security products, such as endpoint protection, web and email gateways, network security, and other Deep Discovery products.