Data Center and Critical Asset Protection – Deep Security
With TrendMicro Deep Security, you get a tool to ensure comprehensive protection of your DC (storage, servers, cloud, virtual desktops and hybrid IT). The Deep Security solution includes several security modules such as Intrusion Prevention, Anti-Malware, Firewall, Web Reputation, Integrity Monitoring, Log Inspection, Application control and others.
Functionality:
Intrusion Prevention
The Intrusion Prevention module checks incoming and outgoing traffic to detect and block suspicious activity. This prevents the exploitation of known vulnerabilities and zero-day vulnerabilities. The module also includes so-called “virtual patching”, which will help you protect your environment from unknown vulnerabilities using Intrusion Prevention rules until they can be repaired (e.g. through an officially released patch)..
The Intrusion Prevention module also protects web applications and data from SQL injection attacks, cross-site scripting, and other web application vulnerabilities.
Anti-Malware
The Anti-Malware module protects Windows and Linux environments from malicious software such as malware, spyware, and Trojans. The Anti-Malware module, which uses the Trend Micro Smart™ Protection Network™, helps you instantly identify and remove malicious software and block domains known to be malicious command and control servers.
Firewall
The Firewall module is used to check incoming and outgoing traffic and also keeps the firewall up to date, e.g. for audit purposes.
Web Reputation
The Web Reputation module provides content filtering by blocking access to malicious domains and known communication and control (C&C) servers.
Integrity Monitoring
The Integrity Monitoring module provides the ability to track authorized and unauthorized changes made to the provisioning and allows you to receive notifications of unplanned or malicious changes.
Log Inspection
The Log Inspection module captures and analyses system events to provide audit evidence for compliance or internal requirements. It helps identify important security events that may be hidden in multiple event sources. You can configure the Log Inspection module to send suspicious events to a SIEM or to a centralized syslog server for correlation, reporting, and archiving purposes.
Application Control
The Application Control module monitors changes – “drift” or “delta” – compared to the original computer software. When application control is turned on, all software changes are recorded and events are created that record the new or changed software in the file system. For example, if the Deep Security agent detects changes, you can allow or block the software and possibly lock the computer.
Recommended Hardening
For each system, appropriate security measures are recommended after scanning (installed applications, registry, ports, directories, processes and services, variables, users).
TLS Encrypted Communications Inspection
Optional integration on Trend Micro Deep Discovery – sandbox analysis of suspicious IoC (files, IP, domains,..)
Optional integration on Trend Micro Vision One – XDR enhanced detection and response
No agent protection – VMware, AWS, Azure, GCP integration
Fulfillment of domains of Act No. 69/2018 Coll. on cybersecurity
- Cybersecurity and information security risk management,
- Security in the operation of information systems and networks,
- Evaluation of vulnerabilities and security updates,
- Protection against malicious code,
- Network and communication security,
- Acquisition, development and maintenance of information networks and information systems,
- Event recording and monitoring,
- Solving cybersecurity incidents.
Solution partner:
Key advantages:
- Strengthening the cyber resilience of an organization and its critical assets
- Protecting critical assets from exploiting vulnerabilities
- Multitenancy support for MSP provider or organisation
- Support for several requirements of Act no. 69/2018 Coll. on cybersecurity