Transcript Document
Kaspersky Lab Facts Kaspersky Lab vs. Trend Micro Fact 1: About the Company Trend Micro Kaspersky Lab Trend Micro is a Japanese company with headquarters in Tokyo Kaspersky Lab is a Russian company with headquarters in Moscow On the antivirus market since 1988 Eugene Kaspersky has been combating viruses since 1989; the group of antivirus software developers has existed for over 16 years; the company, Kaspersky Lab, is 9 years old Trend Micro is a public company with stock traded on the Tokyo Stock Exchange Over 18 years, Trend Micro has grown into a corporation with over 1,800 employees and representation offices in more than 30 countries Kaspersky Lab is a private company Over 700 employees in offices across the globe 10 local offices across the globe (including the US, UK, France, Germany, China, Japan and Korea). A large partner network: over 500 direct partners in more than 60 countries Fact 2: Market position. Kaspersky Lab is the fastest growing company Antivirus vendor revenue growth in 2004-2005 (estimate by IDC & Gartner) 100% 95% 80% 63% 60% 41% 43% 40% 27% 24% 20% 20% 13% 20% Mc Afee S ophos 11% 15% 12% 13% 17% 18% 9% 9% 14% 0% K as pers ky F-S ec ure P anda ID C S ym antec Norm an Trend Mic ro Total G a rtne r In 2006 Kaspersky Lab was recognized by Frost & Sullivan, a research company, as the fastest growing company on the antivirus market. Fact 2: Market position According to IDC, Kaspersky Lab is the leader in the Russian security software market. In Eastern Europe Kaspersky Lab is the third largest player in the market for secure content management software, while Trend Micro makes do with the fourth position, with a market share half that of Kaspersky Lab’s. According to GFK, Kaspersky Lab’s sales in the retail segment of the antivirus market of France, Germany and Spain exceed those of Trend Micro. Kaspersky Lab’s antivirus engine is used in products of many other developers, including BlueCoat (US), Juniper Networks (US), F-Secure (Finland), Microsoft (US), G Data (Germany), Deerfield (US), Alt-N (US), Microworld (India), BorderWare (Canada) etc. Fact 3: These companies and organizations have chosen Kaspersky Lab products Deutscher Bundestag I.NET S.p.a. International Atomic Energy T-Mobile, Czech Republic Agency (IAEA) Rectorat Amiens, France Retarus, Germany University of Western Government Development Australia Bank of Malaysia Bancaja Group, Spain Ministry of Equipment, France Tatneft, Russia Conseil General 92, France M&G Finanziaria Industriale, VimpelCom, Russia Italy Central Bank of Russia Ministry of Labor and Social And others Affairs, Czech Republic Fact 4: Antivirus laboratory - TrendLab TrendLab stands for: Over 800 experts in 15 local offices across the globe; 24/7 customer support; Client support and updating of threat signatures in real time; BUT: low threat detection levels and long new threat response times, which cannot be explained even by more thorough testing of updates April 23, 2005 became a black day in the history of Trend Micro. On that day the company released a new database update for its products. However, when users updated their databases an unexpected problem occurred: their computers either completely refused to run or became so “thoughtful” that nearly completely stopped responding to commands. The defective update uploaded by the Manila center was accessible on the developer’s website for about an hour and a half from about 7.30 am. Trend Micro received failure reports from over 300,000 users. Users in Japan were hit hardest, but complaints also came from Australia, the United States and some European countries. In Japan the local area networks of several large companies were paralyzed, including East Japan Railway Co and the Asahi and Yomiuri daily newspapers. Due to this incident Trend Micro stock lost 4.2% of its value. Fact 4: Kaspersky Lab virus laboratory - VirusLab VirusLab is located in a single research center in Moscow. Most experts are located in one place and are not distributed geographically. This makes it possible to train new analysts and share expert knowledge with minimal delays. The system for collecting malicious program samples is geographically distributed, with honeypots placed in numerous locations across the globe, enabling analysts to receive samples practically immediately after they appear “in the wild”. Kaspersky Lab has developed unique tools for automating collection and processing of malicious program samples. Each virus analyst uses these tools to analyze malware samples and add their signatures to antivirus databases. In most cases this takes just a few minutes. When the analysis is completed and a relevant signature has been added to the antivirus database (it takes several seconds to add a signature to the antivirus database), the updates are automatically tested. Performing multiple operations in parallel accelerates the update testing process, which takes less than an hour. Fact 5: Kaspersky Lab’s SpamLab A team of professional linguists Spam is analyzed 24 / 7 / 365 a network of spam traps across the world (“exposed” mailboxes on public mail servers) mass mailing detection system volume of information analyzed: 100,000–150,000 spam messages every day Algorithms for linguistic analysis are continually improved and updated It takes just a few minutes to add a spam signature to the database Clients receive updates in real time (using the UDS technology) Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies Overall detection of malicious programs 97,89% AV-Comparatives.org 87,00% 98,96% AV-Test.org 93,46% 50% 60% 70% Kaspersky 80% Trend Micro 90% 100% Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies Treatment of active infections 70% Kaspersky 30% Trend Micro 0% 17% 34% 50% Source: Anti-Malw are-Test.com 67% 84% Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies New threat response times 0-2 hours Kaspersky 4-6 hours Trend Micro 0 2 4 6 8 10 Source: PC World, AV-Test.org risk zone (period before updates are released) period during which updates are released Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies Frequency of malicious program database updates Kaspersky 615 Trend Micro 38 0 100 200 300 400 Source: AV-Test.org 500 600 700 Fact 6: Trend Micro antivirus technologies are inferior to Kaspersky Lab technologies Personal firewall scores in "leak tests" Kaspersky 7950 Trend Micro 7200 7500 7300 7400 7500 7600 7700 Source: matousec.com 7800 7900 8000 Fact 7: Minimal load on the system Effect of the antivirus solution on system performance (time in seconds required to perform standard operations while on-demand scanning is running) No antivirus 162 Kaspersky 174 NOD32 194 McAfee 196 CA 206 Symantec/Norton 208 BitDefender 234 Trend Micro 236 AVG 296 0 50 100 150 Source: CNET Labs 200 250 300 Fact 8: Home users need adequate protection Features Kaspersky Internet Security Trend Micro PC-cillin Internet Security Installation on infected computers and treatment of active infections -* Self-defense** - / / / -/- / / / -/- - / /- Protection from spyware Protection from network attacks Protection from phishing, spam and unwanted advertising Protection of confidential data Parental control Proactive protection (heuristic analyzer/ behavior blocker/rollback of malicious changes) File antivirus Mail antivirus (POP3/SMPT/IMAP4) Web antivirus (scanning of HTTP traffic) Rootkit detection (scanning of masked files/ detection of system anomalies) *Anti-Malware.ru ** PC Professionell Fact 9: In today’s world of threats a company needs integrated protection! Protection types Kaspersky Lab products Trend Micro products Protection of workstations − KAV for Windows Workstations; − KAV for Linux Workstations Protection of file servers − − − − − Protection of email − − − − − Kaspersky Mail Gateway; Kaspersky Security for MS Exchange Server 2003 KAV for MS Exchange; KAV for IBM Lotus Domino; KAV for Linux Mail Server (Sendmail, Qmail, Exim, Postfix) − Kaspersky Anti-Spam − − − − − Protection of Internet gateways − − − − − InterScan Web Security Suite; − InterScan WebProtect for MS ISA (ISA Server 2004 St/Ent Edition); − InterScan VirusWall; Protection of mobile devices − Kaspersky Anti-Virus Mobile − Kaspersky Security for PDAs − Trend Micro Mobile Security Administration system − Kaspersky Administration Kit − Trend Micro Control Manager KAV for Windows File Servers; KAV for Novell Netware File Server; KAV for Linux File Server; KAV for xBSD File Server; KAV for Samba File Server KAV for Proxy Server KAV for MS ISA Server 2000 St/Ent Edition; KAV for MS ISA Server 2004 St/Ent Edition; KAV for CheckPoint Firewall; − − − − − Server Protect for Windows/NetWare OfficeScan (Windows); Server Protect for Linux; Server Protect for NetApp; Server Protect for EMC Celerra; InterScan Massaging Security Suite; InterScan Antivirus for SendMail; ScanMail for MS Exchange ScanMail for Lotus Domino IM Security for Microsoft Office Live Communications Server − Spam Prevention Solution Fact 10: Integrated and effective protection in one product for workstations Kaspersky Anti-Virus for Windows Workstations Trend Micro OfficeScan Client/Server Edition 1. File antivirus; 2. Mail antivirus; 3. Protection against spyware and adware; 4.Protection against network attacks (IDS); 5. Firewall; 5. Cisco NAC support 7. 8. 9. 10. 11. 12. Installation on infected computers and treatment of active infection Proactive protection (behavior blocker) with system recovery Detection of rootkits (known and unknown); Web antivirus (on-the-fly scanning of Internet traffic) Protection from spam and phishing Protection from unwanted advertising, including popup windows and banners ? Fact 11: Solutions for filtering all types of traffic at the gateway level Traffic types SMTP Kaspersky Lab products − − − − HTTP/FTP − − − − Trend Micro products Kaspersky Mail Gateway; KAV for CheckPoint Firewall; KAV for Linux Mail Server (Sendmail, Qmail, Exim, Postfix) Kaspersky Anti-Spam − − − − InterScan Massaging Security Suite; InterScan VirusWall; InterScan Antivirus for SendMail Spam Prevention Solution KAV for Proxy Server; KAV for MS ISA Server 2000 Standart/Enterprise Edition; KAV for MS ISA Server 2004 Standart/ Enterprise Edition; KAV for CheckPoint Firewall − − InterScan Web Security Suite; InterScan Web Protect for MS ISA (ISA Server 2004 St/Ent Edition); InterScan VirusWall; − Fact 12: A fully-functional security administration tool is needed Trend Micro Control Manager Kaspersky Administration Kit STANDARD ENTERPRISE Multi-level administration structure (administration group and server hierarchy) Yes No Two tiers only Management of subordinate administration servers Yes No Yes Product administration Yes Yes Yes Generation of reports on administered products Yes No Yes MMC, SSL, Windows authorization HTTPS HTTPS Updates (Pull/Push) Yes Yes Yes Support for Wake-on-LAN/Shut Down Yes No No Different access levels for different administrators Yes No No Features Control panel Outbreak Prevention Services Damage Cleanup Services Vulnerability Assessment Short new threat response time addresses the issue Optional, for an additional charge Optional, for an additional charge Yes (workstation functions without additional services or utilities) For an additional charge For an additional charge Search for unprotected computers For an additional charge For an additional charge Special policies for mobile users Yes No No Price Free Free Premium Fact 13: Trend Micro Outbreak Management Services Trend Micro offers its users additional software solutions (Outbreak Management Services), using the currently trendy word “services” in the title and declaring it proactive: Vulnerability Assessment Service (VAS): detection of vulnerabilities and isolation of vulnerable devices from the rest of the network Outbreak Prevention Service (OPS): in the event of an outbreak Trend Micro will release special policies (e.g. to close specific ports) in order to stop the outbreak before the relevant updates are available Damage Cleanup Service (DCS): cleanup after an infection Fact 13: Trend Micro Outbreak Management Services These solutions: Were developed due to an inability to release signatures for new malicious programs within a short time of their appearance Trend Micro is forced to take additional measures for the protection of users before the signatures are released and to help mitigate the consequences of infection Are essentially not proactive (in spite of Trend Micro declarations), because they require constant updating like classical signature-based methods Require additional subscription for an additional charge comparable to the cost of the antivirus solution itself Fact 13: Trend Micro Outbreak Management Services Kaspersky Lab customers do not require such additional tools to supplement their antivirus solutions: VirusLab rapidly responds to new threats and ensures a high level of malicious software detection (confirmed by AV-Test.org, AV-comparatives.org, VB100% etc.) After detecting and removing a malicious object Kaspersky Lab solutions are able to roll back all malicious changes made to the system (records in system files and the registry, modified data, etc.) The system is restored even after modifications made by unknown malicious processes detected by the Proactive Defense module Unique technologies for self-defense and treatment of active infections (Advanced Disinfection) successfully mitigate outbreak consequences even on infected machines Kaspersky Anti-Virus for Windows Servers are able to block access of infected workstations to the file server Fact 14: Cost of solutions Kaspersky Lab products are cheaper than Trend Micro products Renewal of a Trend Micro product license costs 30% of the base price, while the figure for Kaspersky Lab is 70%. At first glance, this makes Trend Micro products a better buy, BUT: Trend Micro solutions are cheaper only in the long-term perspective Kaspersky Lab solutions include support provided by the company, while users of Trend Micro products can count only on support by local partners Direct support by Trend Micro is a premium service and its cost often exceeds the cost of the solution supported. What do you need these facts for? To make the right choice!