Next-gen? Think XGen™ with Trend Micro’s cybersecurity systems
When does next-generation become the last generation? That’s the question asked by cybersecurity professionals each time new protection devices and techniques become available.
In the case of intrusion prevention systems (IPS), “next-gen” systems can no longer be relied on solely to protect networks. Although able to judge whether traffic is malicious in real time, the first wave of IPS arrived at the end of the noughties. And in internet terms, 10 years is ancient; by no means utterly ineffective, but certainly providing only partial protection against today’s malware.
Several things have changed in the last decade of which data security teams are well aware. As well as the internet of things providing new attack possibilities for hackers (IOT devices tend not to come shipped with cyber protection, so network-based systems are mandatory), workplace technology has also become consumerized.
Employees entering the workplace bring with them powerful miniature computers, understatedly referred to as “phones”. Increased risks caused by this proliferation of endpoints require a new attitude in which the many more possible malware entry points have to be protected.
As most attacks are now multi-vector, no single safeguard can deliver an absolute 100 percent assurance of effectiveness. It is imperative therefore that internal traffic (data center and LAN) is analyzed effectively for threats not to be able to pass across a network from an infection site to a high-value asset.
But because many threats remain unknown, or undisclosed (known by security researchers but not public knowledge), organizations need advanced detection and protection techniques, as supplied by Trend Micro’s true next-generation network security.
Via ZDI, Trend Micro gains incredible insight into threats as they become apparent, allowing quick amelioration of exploits, such as patching, to take place before threats can have any effect, and before they are more likely known.
ZDI provides its intelligence to organizations with everything to lose by a data breach – household names like Adobe and Microsoft – and any of Trend Micro’s clients also benefit from the same security goldmine.
Trend Micro’s TippingPoint solution provides a balance between allowing business data to function and flow as the enterprise needs, and the requirement to flag up any anomalous behavior – all with absolutely minimal impact.
Any potential threat or possible points of compromise are automatically sandboxed for safe analysis. The virtual images in the sandbox replicate an organization’s real systems configurations, down to individual drivers, operating systems, and installed apps.
This means malware will execute and drop payloads in a safe environment, thus exposing their behavior. Even complex malware deployments like multistaged downloads and command and control communications traffic can be discovered and acted upon.
Of course, no system is 100 percent safe.
Once a data breach has taken place, the onus is on cybersecurity teams to place routines which prevent lateral movement. East-west data analysis shows malwares’ hops from one node to the next, perhaps through unsecured protocols or to unprotected devices. When threats are missed by perimeter-centric security, it is up to the latest cybersecurity solutions from Trend Micro to provide 360° visibility, helping prevent undetected threats from spreading — especially before they reach mission-critical servers or applications.
Going beyond everyday whitelists, blacklists, and packet inspections, Trend’s true next-gen network security solutions analyze particular traffic characteristics. Employing machine-learning-based statistical analysis, bad actors are extracted from networked data with minimal impact and very low network traffic or processor cycle overheads. Decisions can be taken to immediately block traffic, either by a human operator or by machine-learning algorithms.
Trend Micro’s TippingPoint solutions were the first standalone IPSes to use artificial intelligence in this manner. Of course, the beauty of machine learning is its ongoing self-education. This is particularly important in preventing malware from executing, and the learning code base, plus custom sandbox, form a formidable duo protecting the enterprise’s entire network from attack.
In an ideal world, cybersecurity teams would be able to raise existing defense and protection systems to the ground and rebuild from scratch using next-generation solutions.
Trend Micro’s solutions take a more practical approach, however, allowing any number of disparate cybersecurity solutions to work together. Whether they’re focused primarily on the enterprise’s networks, its endpoints, edge facilities or any cloud environments in use, Trend Micro solutions can integrate and connect, enabling threat data sharing and openness via the vendor-agnostic APIs.
Any threat intelligence from Trend’s own systems or third-party defense measures is sent to the TippingPoint security management system, which automatically distributes policies to the next-gen IPS and other security defenses, to block the current breach as well as similar ones in the future.
The aggregation of multiple security tools, plus the provision of a unified dashboard through which all security information can be viewed, provides big-picture analysis. Trend Micro’s offerings offer, therefore, a point of unification for new and/or existing threat mitigation and repair.
Security administrators gain overviews of critical threat vectors and can isolate and drill down into data to prevent issues escalating, right across even the most complex of enterprise networks.
Leveraging the power of hundreds of millions of sensors, endpoints, and the combined cybersecurity data of many thousands, the Trend Micro Smart Protection Network gathers the very latest in security intelligence. By continuously mining data on known good and malicious files, applications, and URLs, the Smart Protection Network is a canonical source of information for understanding threats and driving innovation.
To find out how Trend Micro’s solutions go beyond so-called “next-gen” IPS and its cybersecurity solutions, get in touch with a local representative today