The Changing Threat Landscape - Zift Solutions
The Changing Threat Landscape - Zift Solutions
The Changing Threat Landscape - Zift Solutions
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>The</strong> <strong>Changing</strong> <strong>Threat</strong> <strong>Landscape</strong> January 2009<br />
Independent Validation of the Trend Micro Worry-Free Business Security Solution
Contents<br />
3<br />
4<br />
6<br />
7<br />
11<br />
13<br />
17<br />
18<br />
<strong>The</strong> <strong>Changing</strong> <strong>Threat</strong> <strong>Landscape</strong><br />
Malware Multipliers<br />
Business Mobility<br />
Comparative Testing<br />
West Coast Labs Conclusion<br />
Critical Security Components for SMBs<br />
<strong>The</strong> Business and Technical Benefits of Trend Micro WFBS-A<br />
Footnote<br />
2
<strong>The</strong> <strong>Changing</strong> <strong>Threat</strong> <strong>Landscape</strong><br />
In the last several years, malware has<br />
become far more prevalent and stealthy,<br />
targeting specific businesses and any<br />
information assets they possess. As a<br />
result, a computer security product must<br />
now include the protection of business<br />
information assets in its arsenal of<br />
protective tools.<br />
Indeed, security has become far more<br />
than a technology issue. It is a business<br />
issue where the protection of corporate<br />
information assets is a priority not just for<br />
IT and Security Managers, but also for C-<br />
Level Executives in businesses of all sizes.<br />
Businesses are operating in a global<br />
economy where internet connectivity<br />
and business mobility are essential. As<br />
malware writers around the world “follow<br />
the money”, they are targeting companies’<br />
reliance on mobility and web use, which<br />
they perceive to be the most vulnerable<br />
parts of security infrastructures.<br />
<strong>The</strong> exploitation of these weak links in<br />
the security perimeter has produced an<br />
exponential increase in malware threats<br />
especially through web and email attack<br />
vectors, to steal either personal or critical<br />
business information for malicious gain.<br />
For small business users (the focus of this<br />
report), this creates a host of concerns<br />
about which security products to purchase.<br />
Which solution offers the most effective<br />
security? Which solution is most relevant to<br />
specific business needs? Which is the easiest<br />
to use and manage? Which is the most costeffective?<br />
Trend Micro’s Worry-Free<br />
Business Security solution is offered as a<br />
comprehensive, yet easy-to-use answer to<br />
these questions.<br />
<strong>The</strong> Key Business & Technical Requirements of a ‘Worry-Free Business Security’ Solution<br />
• Proven security technology<br />
• Comprehensive attack vector protection<br />
• Relevance to business needs<br />
• Ease of use<br />
• Minimal system impact<br />
• Effective technical support<br />
3
Malware Multipliers<br />
<strong>The</strong> malware* world is now largely<br />
financially motivated, which means that<br />
any sort of pertinent, saleable data can be<br />
targeted. West Coast Labs’ own global<br />
malware testing and research programme<br />
continues to show how cybercriminals<br />
worldwide are attacking companies and<br />
individuals around the world, irrespective of<br />
their geographical location.<br />
Customer data (such as passwords, IDs,<br />
or account numbers) as well as credit card<br />
numbers and confidential business information<br />
are valuable commodities that can also include<br />
any sort of information that might make<br />
socially-engineered attacks more effective.<br />
Thus, malware has become more stealthy<br />
and sophisticated, with more frequent<br />
and specifically-targeted attacks from<br />
locations around the world. <strong>The</strong> propensity<br />
of malware attacks has grown by leaps<br />
and bounds. AVTest.org estimated that<br />
that the total number of malware at the end<br />
of the first quarter of 2008 was almost 12<br />
million files. This represented an increase<br />
of nearly 4 million files from the beginning<br />
of that year and it’s likely that this pace of<br />
increase will continue for the foreseeable<br />
future. A great deal of this increase has<br />
been delivered through the web via<br />
socially engineered attacks leading to<br />
drive-by downloads. Google estimates<br />
that 10% of all websites now contain<br />
malicious content – a significant increase in<br />
just a few short years.<br />
Trend Micro states that while the number<br />
of conventional worms has grown only 22%<br />
since 2005, web threats have increased by<br />
1564% during the same period. Companies<br />
are feeling this effect in their network<br />
environments given that IDC reports that,<br />
“Up to 30% of companies with 500 or more<br />
staff have been infected as a result of Internet<br />
surfing, while only 20-25% of the same<br />
companies experienced viruses and worms<br />
from email.”<br />
s<br />
Malware Explained<br />
Malware is the term used to describe a<br />
variety of different types of malicious software<br />
which can include Viruses, Trojans, Worms,<br />
BOTs, Rootkits and Spyware which itself is a<br />
generic term for different types of Backdoors,<br />
Keyloggers, Financials, Proxies, Password<br />
Stealers, Crackers, Downloaders, Hijackers,<br />
and RATs. A complete description of each of<br />
these types of malware can be found on the<br />
West Coast Labs website at:<br />
www.westcoastlabs.com/checkmark/glossary/<br />
4
Malware Multipliers continued<br />
At the same time, companies are<br />
experiencing a dramatic increase in the<br />
number of email-based attacks on their<br />
employees and environments.<br />
Spam, phishing, and targeted email attacks<br />
not only affect employee productivity, they<br />
affect company networks. <strong>The</strong>se threats can<br />
also expose companies to legal risks such as<br />
compliance issues due to data leakage.<br />
This drastic increase in both the volume of<br />
malware and the wide variety of different<br />
types of malware has had a technical impact<br />
on the operating efficiency of security<br />
solutions.<br />
<strong>The</strong>re has been a corresponding increase in<br />
the deployment of traditional signature-based<br />
anti-virus pattern files within anti-malware<br />
solutions which affects both disk and<br />
memory usage. Such an increase in pattern<br />
file size can result in slower scanning times,<br />
decreased performance, and increased<br />
network load to download the pattern file<br />
updates.<br />
Trend Micro’s Worry-Free Business<br />
Security has addressed this issue by<br />
implementing a number of security features<br />
beyond traditional signature-based scans,<br />
which are customisable based on customers’<br />
specific needs.<br />
Trend Micro’s leading-edge reputationbased<br />
scanning for email, file and web<br />
threats, has moved a significant portion of its<br />
malware detection technology to an in-thecloud<br />
model to improve local response and<br />
scan times.<br />
5
Business Mobility<br />
<strong>The</strong> average worker is now much<br />
more mobile than ever before.<br />
Business mobility is a critical part of<br />
most commercial activity and customer<br />
interaction.<br />
According to Gartner, in 2007 40% of<br />
new PC sales were for notebooks. It’s<br />
estimated by DisplaySearch that this<br />
percentage equates to 228.8 million<br />
notebooks, which represents a tenfold<br />
increase from the number sold in 2001.<br />
This number was expected to climb<br />
significantly in 2008, with the percentage<br />
of new notebooks possibly equalling<br />
desktop machines sold, for the first time<br />
ever.<br />
This mobility presents unique challenges,<br />
as business notebooks are often used in<br />
situations or environments where they are<br />
generally outside a company’s security<br />
infrastructure.<br />
<strong>The</strong> combination of this new-found<br />
mobility and the threat of malware<br />
targeting sensitive corporate data<br />
highlights the need for security software<br />
development to respond accordingly, by<br />
addressing these specific and consequential<br />
business and technical needs.<br />
Trend Micro Worry-Free Business<br />
Security includes a number of new features<br />
to address mobile workers such as<br />
Location Awareness, a Wi-Fi Advisor, and<br />
the previously-mentioned cloud-based<br />
reputation scanning.<br />
Trend Micro Worry-Free Business Security<br />
This product is an<br />
advanced multilayered<br />
cloud/<br />
server/client antimalware solution for laptops,<br />
desktops, servers, and Exchange Servers<br />
that balances in-the-cloud technologies (e.g.,<br />
URL reputation, IP Address reputation) with<br />
on-premise technologies (e.g., signatures,<br />
behavior monitoring, etc.). It provides locationawareness<br />
(In-office and Out-of-office settings<br />
for the Firewall, Web <strong>Threat</strong> Protection, and the<br />
TrendSecure Toolbars). www.trendmicro.com<br />
6
Comparative Testing<br />
Trend Micro commissioned West<br />
Coast Labs to validate the functionality<br />
and performance of key features<br />
of Worry-Free Business Security<br />
Advanced (WFBS-A) and to compare<br />
them to two competitor products. Trend<br />
Micro Worry-Free Business Security<br />
was tested alongside McAfee Total<br />
Protection Advanced and Symantec<br />
Endpoint Protection, per Trend Micro’s<br />
recommendation. Detailed test results<br />
are available in a separate Test Report<br />
which is available for download at www.<br />
westcoastlabs.com/productTestReports/<br />
with an overview of the findings as follows.<br />
A particular hallmark of Worry-Free<br />
Business Security is that installation<br />
is straightforward and that it keeps its<br />
footprint on the machine minimal, ensuring<br />
optimum efficiency of the machine’s<br />
operating system. It showed the lowest<br />
number of file and registry changes of the<br />
three products. Even when the WFBS-A<br />
product is in use, its effect remains minimal.<br />
Whether the system is idle or in use, the<br />
WFBS-A memory footprint is lower than<br />
that of its competitors.<br />
Where the real effect of Trend Micro’s<br />
technology comes to the fore is in<br />
‘proactive protection’: Worry-Free<br />
Business Security has a number of<br />
proactive protection strategies which,<br />
based on the testing carried out, appears to<br />
provide it with a competitive advantage. <strong>The</strong><br />
first of these is in the realm of Web <strong>Threat</strong><br />
Protection, a technology which prevents bad<br />
things on the web from happening up-front,<br />
rather than having to implement a fix after a<br />
security incident has taken place.<br />
Engineers at West Coast Labs tested a list<br />
of URLs against each product to see what<br />
malicious content would be allowed to be<br />
downloaded by each product.<br />
Trend Micro provided the highest level<br />
of protection, with URL blocking occurring<br />
before any malicious content can be<br />
downloaded onto a user’s machine. If a<br />
s<br />
<strong>The</strong> Comparative Test – Trend Micro Worry-Free Business Security<br />
In a test program<br />
commissioned by Trend<br />
Micro, West Coast<br />
Labs carried out a series of tests to validate the<br />
functionality and performance of key features of<br />
its Worry-Free Business Security Advanced<br />
product, comparing it to the McAfee Total<br />
Security Advanced product and Symantec's<br />
Endpoint Protection Solution.<br />
Worry-Free Business Security comes in<br />
Standard and Advanced versions, the latter<br />
adding security for email. Worry-Free<br />
Business Security Advanced (WFBS-A) was<br />
the version tested by WCL.<br />
www.trendmicro.com<br />
7
Comparative Testing continued<br />
malicious website is registered in the Trend<br />
Micro reputation database, a warning<br />
box is displayed informing the user that the<br />
website is dangerous and is then blocked.<br />
For additional protection against webthreats,<br />
Trend Micro has included<br />
TrendProtect reputation scanning of<br />
search engine results, another proactive<br />
technology which rates the safety of<br />
websites provided in web search engine<br />
results before the sites are accessed.<br />
WFBS-A was one of two products that<br />
includes this functionality and was able to<br />
classify more results on Google than the<br />
other products tested.<br />
In order to protect against financially<br />
motivated malware, which targets<br />
keystrokes entered into web-browsers,<br />
Trend Micro has also included a<br />
Transaction Protector which helps block<br />
keylogging activities by encrypting<br />
passwords, social security card numbers,<br />
and credit card numbers so keyloggers<br />
can’t get your data.* Without having access<br />
to the samples before the independent<br />
testing, WFBS-A was able to detect and<br />
nullify all the keyloggers used in the tests.<br />
In the event of a malware outbreak it’s<br />
important to have a product which makes<br />
threat containment and malware cleanup<br />
simple and easy. WFBS-A has the Outbreak<br />
Defense and Damage Cleanup features to<br />
address threat containment needs, backed<br />
by a policy-based technology which prevents<br />
the spread of a malware outbreak whilst<br />
automatically disinfecting and cleaning any<br />
machines that might already be infected.<br />
In addition to protecting against keyloggers,<br />
WFBS-A adds the ability to filter IM and email<br />
content for sensitive data, protecting against<br />
the malicious or accidental external transfer of<br />
confidential corporate data. As this technology<br />
feature is customisable, not only can users<br />
prevent their own proprietary data from<br />
s<br />
*Trend Micro has removed the keystroke encryption function in post-5.0 versions of Worry-Free Business Security Standard and Advanced.<br />
8
Comparative Testing continued<br />
leaving the company, they can also secure<br />
commonly targeted data such as credit<br />
card numbers or personally identifying<br />
information such as Social Security<br />
numbers. WFBS-A was the only product<br />
tested that allowed the user to dictate what<br />
content should be protected in their unique<br />
business environment.<br />
Securing the email attack vector poses<br />
increasing challenges. With an everincreasing<br />
level of unwanted emails such as<br />
those with malware as well as phishing and<br />
spam, it’s imperative to have good multi-layer<br />
protection against these ever-present threats.<br />
All the vendor products tested provide<br />
malware detection for email-based<br />
malicious threats, but WFBS-A was the<br />
only product which offered host-based<br />
spam blocking capabilities based on<br />
IP addresses. This IP-based spam<br />
technology was able to detect 89% of<br />
spam with all functionality except the<br />
POP3 plug-in disabled. When the spam<br />
content filtering technology was fully<br />
enabled WFBS-A’s multi-layered antispam<br />
technologies blocked 96% of the<br />
spam it received, using a combination<br />
of IP-reputation technology and content<br />
scanning technology.<br />
To help protect the mobile user, Worry-Free<br />
Business Security now contains Location<br />
Awareness, which provides both in- and outof-office<br />
security policy control for the Trend<br />
Micro Firewall, Web <strong>Threat</strong> Protection, and<br />
TrendSecure technologies, which are key<br />
components of the overall WFBS-A solution.<br />
In the tests carried out by West Coast Labs,<br />
Worry-Free Business Security accurately<br />
identified the transition from the known-good<br />
network to that of the new one. <strong>The</strong> settings<br />
were recorded as switching to the Out-of-<br />
Office technology and users were protected as<br />
if they were still within the corporate network.<br />
<strong>The</strong> tests showed that Trend Micro’s<br />
s<br />
9
Comparative Testing continued<br />
product has the highest level of protection<br />
and warnings.<br />
Of the three products examined in the test<br />
program, Trend Micro WFBS-A was also<br />
found to be the only product that caters<br />
specifically to the use of wireless devices.<br />
Trend Micro’s Wi-Fi Advisor - a second<br />
utility provided by the Transaction Protector<br />
technology - offered warnings when the<br />
safety of a wireless network was uncertain-<br />
-a critical feature in reminding users to be<br />
extra-cautious with sensitive data when<br />
they can’t be assured of the safety of the<br />
Wi-Fi connection they’re on.<br />
Trend Micro WFBS-A has three more<br />
advanced security functions: the Firewall,<br />
an Intrusion Detection System and<br />
the Vulnerability Assessment Scanner.<br />
While the competitors’ firewall and IPS<br />
technology prevented the threat attacks<br />
against which they were tested and<br />
provided logs to show evidence that<br />
intrusion attempts were taking place, only<br />
the Trend Micro solution provided an<br />
accurate report of the scale and nature of<br />
the attacks and broke down the attempts<br />
into individual entries for later analysis.<br />
Trend Micro WFBS-A allowed scans<br />
of client machines to be initiated from the<br />
Administration console and the resulting<br />
reports for these scans included links for<br />
remediation advice and any required patch.<br />
Both these features are invaluable to resellers,<br />
IT, or Security staff, as it allows them to<br />
remotely ensure machines are up-to date, and<br />
to analyse any attacks found by the IPS to help<br />
prevent future attacks.<br />
With the Security Dashboard, resellers, IT, or<br />
Security staff can keep track of activities within<br />
their network. This shows a complete listing<br />
of events which have occurred with client<br />
machines.<br />
10
West Coast Labs Conclusion<br />
Trend Micro’s Worry-Free Business<br />
Security is a security solution with<br />
a host of highly effective business and<br />
technical benefits. It provides broadbased<br />
coverage of the security landscape<br />
affecting today’s businesses with a range<br />
of proactive technologies that provide<br />
comprehensive security in a single, easyto-use<br />
solution, protecting against attacks<br />
on a wide variety of levels and business<br />
situations.<br />
Tests proved that its anti-malware<br />
capabilities through Outbreak Defense<br />
and Damage Cleanup protect effectively<br />
in a variety of attack vectors - HTTP, FTP,<br />
SMTP and IM - against a wide variety of<br />
different types of malware.<br />
While tests showed that the Web <strong>Threat</strong><br />
Protection technology had the highest<br />
level of URL blocking, it was enhanced<br />
by the TrendProtect facility which rates<br />
the safety of websites provided in web<br />
search engine results before the sites are<br />
accessed.<br />
Transaction Protector also proved to be<br />
an extremely effective feature of WFBS-A<br />
in the way that it successfully detected<br />
and nullified keyloggers designed to steal<br />
important financial data; while its IM and<br />
email filtering technology provides effective<br />
protection against the malicious or accidental<br />
external transfer of confidential corporate<br />
data.<br />
<strong>The</strong> tests also showed that WFBS-A’s email<br />
security technologies provide high levels<br />
of protection against malware, phishing,<br />
and spam with the effective combination of<br />
leading-edge, multi-layered technologies.<br />
In the field of uncertainty that surrounds<br />
business mobility, Trend Micro’s Location<br />
Awareness facility was proved to provide<br />
the highest level of protection and out-ofoffice<br />
security policy control, while the WiFi<br />
s<br />
11
West Coast Labs Conclusion continued<br />
Advisor technology was the only one of<br />
the three solutions examined to provide<br />
confirmation of the security of wireless<br />
networks.<br />
With a further three advanced security<br />
functions in the form of Firewall, IDS, and<br />
Vulnerability Assessment technologies - all<br />
tested and validated by West Coast Labs -<br />
the overall technology feature set of Trend<br />
Micro Worry-Free Business Security is<br />
significantly enhanced.<br />
product. It takes a unique approach in<br />
these traditional technology areas, and<br />
integrates a variety of additional proactive<br />
technologies to create a complete<br />
security solution that provides high levels<br />
of security combined with maximum<br />
efficiency for the small-to-medium size<br />
business.<br />
In conclusion, it is evident that Trend<br />
Micro WFBS-A goes far beyond a<br />
simple anti-malware, anti-spam, or firewall<br />
West Coast Labs Test Report<br />
<strong>The</strong> complete test report is available for download at:<br />
www.westcoastlabs.com/producttestreports/<br />
12
Critical Security Components for SMBs<br />
With testing and research facilities<br />
around the world, West Coast Labs<br />
has a leading-edge insight into online<br />
security risks and trends as well as the<br />
relevance and performance of security<br />
solutions in dealing effectively with them.<br />
As threat vectors multiply and the need<br />
for security and vigilance increases<br />
across the whole spectrum of commercial<br />
activities, businesses around the world<br />
need proactive, enabling technologies<br />
which enhance the implementation of<br />
security strategies both within and on the<br />
fringes of today’s networks.<br />
To help organizations choose the right<br />
security solutions for their organisations,<br />
West Coast Labs can confirm from both<br />
internal and external research that the<br />
following types of security technology are<br />
critical components in any security strategy<br />
for a small business. Naturally, just as<br />
individual businesses security needs vary<br />
so will the solutions that are most relevant.<br />
<strong>The</strong> following tabulations, compiled by<br />
Trend Micro, identify a variety of critical<br />
technical and business requirements<br />
for any SMB security infrastructure and<br />
highlight the specific technology features<br />
that McAfee, Symantec and Trend<br />
Micro have integrated into the solutions<br />
examined in this report to satisfy such<br />
needs.<br />
<strong>The</strong> product ratings, shown in red in the<br />
tabulations relate to actual tests also shown<br />
in red, carried out by West Coast Labs<br />
Test Engineers. <strong>The</strong>se are reported in full<br />
in the Test Report, which is available for<br />
download at www.westcoastlabs.com/<br />
productTestReports/. <strong>The</strong> report includes a<br />
detailed listing of the individual technology<br />
feature sets of each of the products, which<br />
form a basis for the test project and this<br />
narrative.<br />
Further detailed information on each of the<br />
products can be obtained from<br />
www.mcafee.com, www.symantec.com and<br />
www.trendmicro.com.<br />
13
Key Technical Requirements<br />
Trend Micro<br />
Worry-Free Business Security<br />
Advanced<br />
v5.0<br />
Symantec<br />
Endpoint Protection<br />
v11.0<br />
McAfee<br />
Total Protection Advanced<br />
v4.5<br />
Web Protection Technologies<br />
Test Rating<br />
Feature Rating<br />
Email Protection Technologies<br />
Test Rating<br />
Feature Rating<br />
File Protection Technologies<br />
Test Rating<br />
Feature Rating<br />
URL Reputation ii<br />
Browser Page Ratings Service<br />
4 stars<br />
5 stars<br />
In-the-Cloud: IP Reputation xii<br />
In-the-Cloud: Anti-spam, Antimalware<br />
content scanning v<br />
Exchange Server: Anti-spam,<br />
Antivirus, Content Filtering<br />
POP3 Anti-spam, Antivirus Plug-in<br />
4 stars<br />
5 stars<br />
Real-time Anti-malware<br />
Manual anti-malware scan<br />
Scheduled scan<br />
Behavior Monitoring<br />
QuickBooks Protection<br />
4 stars<br />
5 stars<br />
N/A iii<br />
N/A<br />
Not applicable<br />
Not applicable<br />
N/A<br />
N/A<br />
N/A ix<br />
N/A<br />
Not tested<br />
3 stars<br />
Real-time Anti-malware<br />
Manual anti-malware scan<br />
Scheduled scan<br />
Behavior Monitoring<br />
N/A<br />
4 Stars<br />
4 Stars<br />
N/A<br />
Browser Page Ratings Service<br />
3 stars<br />
4 stars<br />
N/A<br />
In-the-cloud: Anti-spam, Antivirus,<br />
Content Filtering x<br />
N/A viii<br />
N/A<br />
Not tested<br />
4 stars<br />
Real-time Anti-malware<br />
Manual anti-malware scan<br />
Scheduled scan<br />
Behavior Monitoring<br />
N/A<br />
4 stars<br />
4 Stars<br />
14
Key Technical Requirements<br />
Trend Micro<br />
Worry-Free Business Security<br />
Advanced<br />
v5.0<br />
Symantec<br />
Endpoint Protection<br />
v11.0<br />
McAfee<br />
Total Protection Advanced<br />
v4.5<br />
Perimeter Protection<br />
Technologies<br />
Test Rating<br />
Feature Rating<br />
Data Protection Technologies<br />
Test Rating<br />
Feature Rating<br />
Mobile Protection Technologies<br />
Test Rating<br />
Feature Rating<br />
Outbreak Protection<br />
Technologies<br />
Test Rating<br />
Feature Rating<br />
Firewall<br />
IDS + Network virus scanning<br />
5 stars<br />
5 stars<br />
Keylogger detection + Keystroke<br />
Encryption xiii<br />
Email/IM content filter<br />
4 stars<br />
5 stars<br />
Location Awareness: Web <strong>Threat</strong><br />
Protection vi<br />
Wi-Fi Protection: Wi-Fi Advisor<br />
5 stars<br />
5 stars<br />
Outbreak Defense<br />
Vulnerability Assessment<br />
Damage Cleanup<br />
4 stars<br />
5 stars<br />
Firewall<br />
IDS/IPS<br />
4 Stars<br />
5 stars<br />
Keylogger detection<br />
Application and Device Control<br />
4 Stars<br />
4 Stars<br />
Location Manager<br />
Wi-Fi Protection: Anti-MAC spoofing<br />
5 stars<br />
5 stars<br />
N/A<br />
N/A<br />
Remote Scanner (Damage Cleanup)<br />
3 Stars<br />
3 Stars<br />
Firewall<br />
N/A<br />
4 stars<br />
4 stars<br />
Keylogger detection<br />
Email content filter<br />
3 stars<br />
3 stars<br />
N/A<br />
N/A<br />
Not applicable<br />
Not applicable<br />
N/A<br />
N/A<br />
N/A<br />
Not applicable<br />
Not applicable<br />
15
Key Business Requirements<br />
Trend Micro<br />
Worry-Free Business Security<br />
Advanced<br />
v5.0<br />
Symantec<br />
Endpoint Protection<br />
v11.0<br />
McAfee<br />
Total Protection Advanced<br />
v4.5<br />
Installation<br />
Test Rating<br />
Feature Rating<br />
Memory Footprint<br />
Test Rating<br />
Feature Rating<br />
Management<br />
Test Rating<br />
Feature Rating<br />
TOTAL TEST RATING<br />
TOTAL FEATURE RATING<br />
Server Deployment: Setup Wizard<br />
Client Deployment: Remote Install<br />
Multiple Client Deployment Options<br />
Not applicable<br />
5 stars<br />
Kernel Mode<br />
User Mode<br />
4 stars<br />
Not applicable<br />
Dashboard: Accuracy<br />
Reporting<br />
Notification<br />
5 stars<br />
5 stars<br />
39 stars<br />
45 stars<br />
Server Deployment: Setup Wizard<br />
Client Deployment: Remote Install<br />
Multiple Client Deployment Options<br />
Not applicable<br />
5 stars<br />
Kernel Mode<br />
User Mode<br />
3 Stars<br />
Not applicable<br />
Dashboard: Accuracy<br />
Reporting<br />
Notification<br />
5 stars<br />
5 stars<br />
28 stars<br />
34 stars<br />
N/A<br />
Client Deployment: Web Download<br />
Multiple Client Deployment Options<br />
Not applicable<br />
4 stars<br />
Kernel Mode<br />
User Mode<br />
3 stars<br />
Not applicable<br />
Dashboard: Accuracy<br />
Reporting<br />
Notification<br />
5 stars<br />
5 stars<br />
22 stars<br />
28 stars<br />
ii Red Indicates feature was tested by West Coast Labs<br />
iii N/A = Not Available<br />
iv For the Email protection vector, West Coast Labs testing focused on Anti-spam<br />
v Provided by InterScan Messaging Hosted Security Standard, which is bundled with WFBS-A<br />
vi WFBS-A Location Awareness also applies to the Firewall and TrendSecure Toolbars<br />
vii Disparate installation methods were not comparable (West Coast Labs)<br />
viii GroupShield for Exchange was available as a separate download, as part of the Total Protection<br />
Advanced license. This is not the Email Protection Service offered by the Total Protection hosted<br />
service.<br />
ix Symantec Mail Security for Exchange is shipped with Symantec Endpoint Protection, however a<br />
separate license is required for Antispam protection. As such, Mail Security was not included in the<br />
Email Protection test.<br />
x While available, this technology was not tested as the project focussed on on-premise antispam.<br />
xi This technology was not tested as anti-spam does not form part of the One Care Server solution.<br />
xii ERS is activated within the on-premise WFBS-A Web console.<br />
xiii Trend Micro has removed the keystroke encryption function in post-5.0 versions of Worry-<br />
Free Business Security Standard and Advanced.<br />
16
<strong>The</strong> Business and Technical Benefits of Trend Micro WFBS-A<br />
Ease of use: straightforward Installation with various<br />
options for user preferences.<br />
Memory footprint: a smaller memory footprint versus the<br />
number of technologies and features provided.<br />
Web threat protection: using a reputation technology to<br />
block or warn users about bad URLs.<br />
Location awareness: provides both in-office and out-ofoffice<br />
policy control for the Firewall, Web <strong>Threat</strong> Protection,<br />
and the TrendSecure technologies.<br />
Firewall and IDS/IPS: proactive technologies protecting<br />
against attacks, system changes and network intrusion<br />
attempts.<br />
Transaction protector: proactive security functions to<br />
provide both Keystroke Encryption* and a Wi-Fi advisor.<br />
TrendProtect: uses Trend Micro’s Web Reputation<br />
technology to provide URL page ratings and warnings for<br />
search results.<br />
Behaviour monitoring: protects users and applications<br />
from malicious system changes.<br />
Security dashboard: provides at-a-glance, up-to-date<br />
profile of the protected network/computers.<br />
Email protection vector: provides multi-layer protection<br />
against a variety of security threats.<br />
File protection vector: protects against a host of different<br />
types of malaware in a variety of attack vectors.<br />
Data leakage: protects against transfer of confidential<br />
corporate data out of the office via email and Instant<br />
Messaging.<br />
Outbreak defense: protects a user’s network at the onset<br />
of an outbreak, before signatures have been issued against<br />
the threat.<br />
Damage cleanup: provides automatic built-in cleanup of<br />
infected networks/computers. Works in tandem with the<br />
Outbreak Defense function to help clean up infections.<br />
Vulnerability assessment: user can analyze when a<br />
computer is vulnerable to threats and provides remediation<br />
steps/advice.<br />
www.trendmicro.com<br />
* Trend Micro has removed the keystroke encryption function in post-5.0 versions<br />
of Worry-Free Business Security Standard and<br />
Advanced.<br />
17
Footnote: While West Coast Labs is dedicated to ensuring the highest standard of security product testing in the industry, it is not always possible within<br />
the scope of any given test to completely and exhaustively validate every variation of the security capabilities and/or functionality of any particular product<br />
tested and/or guarantee that any particular product tested is fit for any given purpose.<br />
Test results published within any given report should not be taken and accepted in isolation. Potential customers interested in deploying any particular<br />
product tested by West Coast Labs are recommended to seek further confirmation that the said product will meet their individual requirements, technical<br />
infrastructure and specific security considerations.<br />
All test results represent a snapshot of security capability at one point in time and are not a guarantee of future product effectiveness and security capability.<br />
West Coast Labs provide test results for any particular product tested, most relevant at the time of testing and within the specified scope of testing and<br />
relative to the specific test hardware, software, equipment, infrastructure, configurations and tools used during the specific test process.<br />
West Coast Labs is unable to directly endorse or certify the overall worthiness and reliability of any particular product tested for any given situation or<br />
deployment.<br />
18
US Sales: T +1 (949) 870 3250<br />
Europe Sales: T +44 (0) 2920 548 400<br />
China Sales: T +86 1 343 921 7464<br />
Corporate Offices and Test Facilities:<br />
US Headquarters and Test Facility<br />
West Coast Labs, 16842 Von Karman Avenue,<br />
Suite 125, Irvine, California, CA92606, USA<br />
T +1 (949) 870 3250<br />
F +1 (949) 251 1586<br />
European Headquarters and Test Facility<br />
West Coast Labs,<br />
Unit 9, Oak Tree Court, Mulberry Drive,<br />
Cardiff Gate Business Park, Cardiff<br />
CF23 8RS, UK<br />
T +44 (0) 2920 548400, F +44 (0) 2920 548401<br />
Asia Headquarters and Test Facility<br />
A2/9 Lower Ground floor, Safdarjung Enclave,<br />
Main Africa Avenue Road,<br />
New Delhi 110 029, India.<br />
T +91 (0) 11 4602 0622<br />
Test Facilities also in Hong Kong, London,<br />
Singapore and Sydney<br />
E info@westcoast.com<br />
W www.westcoastlabs.com