EPS Launch Event Presentation
Download
Report
Transcript EPS Launch Event Presentation
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Trend Micro Enterprise Protection Strategy Launch
Goh Chee Hoh
Regional Sales Director
Asia South Region
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Agenda
Trend Micro Corporate Profile Overview
Viruses Evolution & Painful Scenarios with Product Approach
How Trend Micro’s Enterprise Protection Strategy Addresses
This Issue
Summary of Today’s AV Product Approach for Enterprise
Networks
What is EPS, Features & Benefits of EPS
Why Service Assurance is So Important
Copyright 2002-2003, Trend Micro, Inc.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Trend Micro Corporate Profile Overview
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Trend Micro Snapshot
• Established in the US in 1988
• Headquartered in Tokyo, Japan
• Leader in network antivirus and internet security software
• 1800+ employees in 23 countries
• Y2002 Revenue Achieved USD 364M with 37% grow YOY and
ordinary income rises 226% to USD 67M
• Virus Research & Development teams, 300+ engineers worldwide
• No 1 in overall Server, Email & Gateway Antivirus Market (IDC ’02)
• Listed on public markets:
– Japanese Stock Market (4704) - 1998
– NASDAQ (TMIC) – 1999
• Market Capitalization USD 2 Billion
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
A History of Firsts
Copyright 2002-2003, Trend Micro, Inc.
Global Innovation
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Server-based Market Leadership
Market Leadership: Server-based Protection
#1 in the Overall Antivirus Server
Market
#1 in the Internet Gateway Market
#1 in the Email Server Market
Source: IDC 2002
“Antivirus Software: A Segmentation of the Market”
Copyright 2002-2003, Trend Micro, Inc.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Viruses Evolution
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Early Containment
Infectious Cycle
Time Lag
Panic Mode
SARS Virus Epidemic
Outbreak Prevention
Quick Response
Intangible Damages
Knowledge
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Computer Viruses Today
- More network virus infections
- Corporate damages increasing
- Security infrastructure matters
- IT is in panic mode
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Information Security Trends Incidents
Number of Incidents Reported
100,000
90,000
Number of Incidents
Quadrupled in 2 Years
80,000
70,000
60,000
50,000
40,000
30,000
20,000
10,000
0
1998
1999
2000
2001
2002 (1Hx2)
Source: CERT® Coordination Center, Carnegie Mellon University
Copyright 2002-2003, Trend Micro, Inc.
5
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Information Security Trends Incidents
% Experiencing
Virus
Unauth Use
95% in Financial
Sector
Denial of Service
Unauth
Modification
Web Vandalism
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
Source: IDC Security Survey, US, N=355, Mid-2001, IDC #25684
Copyright 2002-2003, Trend Micro, Inc.
6
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Trend Micro’s Virus Roundup 2002 Observations
175% increase in global outbreaks first seen in 20002001 (reinfection)
“Mixed” threats continue mixing modes of attack
Mass-mailing features, shared drives and P2P/IM
Increase in the exploitation of system faults
Bundled independent Simple Mail Transfer Protocol (SMTP)
(vs. MS Outlook)
Internet relay chat (IRC) and P2P IM emerge
Trend toward the creation of worms (vs. traditional virus)
Trend away from destructive payloads
Decrease in number of macro viruses
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Global Attacks
– 1.11 B USD Global Damage
Virus,
conventional
2000 ILOVEYOU – 8.75 B USD Global Damage
Worm,
conventional
2001 Sircam
- 1.75 B USD Global Damage
Worm,
conventional
2001 Code Red
– 2.62 B USD Global Damage
Worm,
mixed
2001 Nimda
– 3.55 B USD Global Damage
Worm,
mixed
2002 Klez
– Global Damage unknown yet Worm,
1999 Melissa
mixed
Source: Computer Economics
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Next Generation Attacks
Simultaneous, Mixed Threat Attacks
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Previous Generation
•
Personal productivity hit
•
Via SMTP email
•
Single host & symptom
trojan
worm
virus
hack
spam
Copyright 2002-2003, Trend Micro, Inc.
trojan
trojan
Next Generation
•
Corporate productivity
hit
•
Via multi email
•
Different hosts, different
symptoms
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Trend Micro’s 2003 Predictions
“Mixed” threats continue as primary form of attack
Mass-mailing features, shared drives and P2P/IM
Malware will focus on disabling AV, personal firewall, and
anti Trojan horse monitoring
Web filtering will be critical as malicious websites proliferate
SPAM hits 50 % of all email traffic
.Net malicious activity will increase dramatically
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Why the current industry solution is ineffective
Mixed threat attacks need more than pattern files
Attack-specific policy and system assessment and cleanup
Inconsistent or inaccurate security policy settings
Lack of central policy management
Inability to respond quickly enough when outbreak or
reinfection occurs
Pattern files take time to develop
Out-of-date pattern files, AV not present on all hosts and
pathways
Lack of central management and updates = missed detections
Security devices don’t coordinate
Enterprises must coordinate themselves with AV several vendors
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Attack Sophistication vs. Intruder Technical Knowledge
Source: Software Engineering Institute, Carnegie Mellon University.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
E-mail is now the biggest virus thre
>80%
*Source: ICSA (International Computer Security Association) Computer Virus Prevalence Survey 2001
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Effects of Viruses
• Loss of productivity 70%
• Corrupted file/data base 66%
• PC was unavailable to the user 50%
• Loss of user confidence to the user 48%
• Loss of access to data (server) 44%
• …..
• Threat of someone losing their job
Copyright 2002-2003, Trend Micro, Inc.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Painful Scenarios with Product Approach
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
The Last 6 Months
Nimda, CodeRed changing the way the IT Directors view
about virus issue
Discussed with over 100 enterprise customers
40 % global enterprises
40 % medium-large
20 % resellers, system integrators, channel
3 continents
NA, Europe, Asia
Tested both raw needs and concepts
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Customer Chaos
Customer perception of attacks:
Shut down Http
Steps 1-3 = identify, isolate, and combat
Step 4 = relax
Step 5 = panic
Step 6 = repeat steps 1-3
Virus propagates by
email -- shut down smtp Scan email with XX
header
Remote worker arrives shared drive
Restrict remote access
Http attack
Isolate and clean
Isolate and clean
“I have cleaned the same desktops 5-6 times for
one outbreak”
-- customer refuses to be named
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
The Customer’s View of AV Today
Support
Programs
Threat
Information
$
Centralized management =
• Deployment of pattern files
and scan engines
• Monitoring of AV products
across the network
Content
Security
(eManager)
Attack
Prevention
$$
Notification
and
Assurance
$
Pattern
File
Scan and
Eliminate
$$
Assess and
cleanup
$$
$$$$
Restore and
Post-mortem
$
Corporate TCO and lost productivity
“An estimated 80% of outbreak cost is related to
cleaning.” -- Computer Economics, 2001
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Today Painful Scenario
XXX Customer having 3000 desktops and get infected by NIMDA virus
Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours
Per man power will take about 6000 hours to clear the mass for one incident
10 man power will take about 600 hours to clear the mass for one incident
Out Source will cost about USD 40,000 for one incident
WHAT SHOULD I DO FOR NEXT INCIDENT ?????
Copyright 2002-2003, Trend Micro, Inc.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
How Trend Micro’s Enterprise Protection Strategy
Addresses This Issue
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
Enterprise Protection Strategy
Enterprise Protection Strategy: Proactive Outbreak Lifecycle Management
TREND MICRO CONTROL MANAGER – outbreak lifecycle management, deployment, and deployment
Outbreak Prevention
Threat
Information
$
Attack
Prevention
$$
Assessment and Restoration
Virus Response
Notification
and
Assurance
$
Pattern
File
$$
Scan and
Eliminate
$$
Copyright 2002-2003, Trend Micro, Inc.
Assess and
Cleanup
$$$$
Restore and
PostMortem
$
EPS Global Launch Events
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
How it Benefit from today Scenario
XXX Customer having 3000 desktops and get infected by NIMDA virus
Average time per man power to do damage assessment and cleanup for a single desktop will take about 2 hours
Per man power will take about 6000 hours to clear the mass for one incident
10 man power will take about 600 hours to clear the mass for one incident
Out Source will cost about USD 40,000 for one incident
WHAT SHOULD I DO FOR NEXT INCIDENT ?????
DEPLOY OFFICESCAN V5.02
From thousands of resources, hours and $$$ to just few hours
Copyright 2002-2003, Trend Micro, Inc.
Copyright 2002-2003, Trend Micro, Inc.
EPS Global Launch Events
Summary of Today’s AV Product Approach for
Enterprise Networks