The Hillstone and Trend Micro Joint Solution

Similar documents
Fighting Advanced Threats

10 Things Every Web Application Firewall Should Provide Share this ebook

Introducing IBM s Advanced Threat Protection Platform

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Achieve Deeper Network Security

Cisco Advanced Malware Protection for Endpoints

OVERVIEW. Enterprise Security Solutions

Types of cyber-attacks. And how to prevent them

WildFire. Preparing for Modern Network Attacks

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

FROM PRODUCT TO PLATFORM

Next-Generation Firewalls: Critical to SMB Network Security

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Requirements When Considering a Next- Generation Firewall

Cisco Advanced Malware Protection for Endpoints

85% of business networks identified with bot infections 63% of business networks identified to have downloaded malware files 89% of business networks

Achieve Deeper Network Security and Application Control

Analyzing HTTP/HTTPS Traffic Logs

Hillstone Intelligent Next Generation Firewall

Content-ID. Content-ID URLS THREATS DATA

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

SANS Top 20 Critical Controls for Effective Cyber Defense

QRadar SIEM and Zscaler Nanolog Streaming Service

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Huawei Eudemon200E-N Next-Generation Firewall

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Carbon Black and Palo Alto Networks

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Modular Network Security. Tyler Carter, McAfee Network Security

SPEAR PHISHING AN ENTRY POINT FOR APTS

Complete Protection against Evolving DDoS Threats

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

McAfee Network Security Platform

ENABLING FAST RESPONSES THREAT MONITORING

Akamai to Incapsula Migration Guide

Breach Found. Did It Hurt?

Networking for Caribbean Development

How Do Threat Actors Move Deeper Into Your Network?

24/7 Visibility into Advanced Malware on Networks and Endpoints

Cisco RSA Announcement Update

Advantages of Managed Security Services

Next Generation IPS and Reputation Services

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager

Agenda , Palo Alto Networks. Confidential and Proprietary.

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Content Security: Protect Your Network with Five Must-Haves

SourceFireNext-Generation IPS

On-Premises DDoS Mitigation for the Enterprise

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

IBM Security IBM Corporation IBM Corporation

Devising a Server Protection Strategy with Trend Micro

Data Center security trends

PART D NETWORK SERVICES

Решения HP по информационной безопасности

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Devising a Server Protection Strategy with Trend Micro

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Unified Security, ATP and more

Secure Cloud-Ready Data Centers Juniper Networks

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

Security strategies to stay off the Børsen front page

Protect Your Business and Customers from Online Fraud

Cisco Advanced Malware Protection

The Custom Defense Against Targeted Attacks. A Trend Micro White Paper

First Line of Defense to Protect Critical Infrastructure

IBM Security Intrusion Prevention Solutions

Securing Your Business with DNS Servers That Protect Themselves

Security Intelligence Services.

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

The Symantec Approach to Defeating Advanced Threats

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

Next Generation Firewalls and Sandboxing

Trend Micro InterScan Web Security and Citrix NetScaler SDX Platform Overview

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

2015 Miercom Next Generation Firewall Solution Testing: Performance, Compliance and Advantages

Trend Micro Incorporated Research Paper Adding Android and Mac OS X Malware to the APT Toolbox

QRadar SIEM and FireEye MPS Integration

A Case for Managed Security

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

White Paper. Advantage FireEye. Debunking the Myth of Sandbox Security

The Critical Importance of Three Dimensional Protection (3DP) in an Intrusion Prevention System

Endpoint Security: Moving Beyond AV

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

IBM Endpoint Manager for Core Protection

A Modern Framework for Network Security in the Federal Government

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

The Evolution of the Enterprise And Enterprise Security

Transcription:

The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry leading Hillstone NGFW/iNGFW with Trend Micro s leading breach detection technology. The Advanced Threat Defense Platform provides automatic threat identification, threat warning, and threat blocking. It dramatically reduces threat response time by taking rapid remedial action following any security breach, thereby reducing human resource costs and significantly improving a timely response. The Advanced Threat Defense Platform provides high performance of NGFW features, industry-leading breach detection rates and zero false positives. With comprehensive attack protection, this platform detects and prevents known as well as unknown threats in real-time. Malware The main malware threats are Trojans and Viruses, pieces of software stealthily installed onto application servers, endpoints, and smart phones in your network, with the intent to steal critical user data or damage the IT system. An attacker implants new variants of malware that hide longer term in the network, awaiting an opportunity to attack. Botnet Once infected by a Botnet, enterprise endpoints are hijacked and subsequently controlled as the bot computer. Attackers often leverage these bot computers to launch a DoS/DDoS attack from your company s network onto one of your partners systems, not only resulting in stolen data or service failures, but also damaging your enterprise s reputation and trust with your partners.

C&C Attack A Command and Control (C&C) attack is a typical Botnet breach where the attackers control the internal host to stealthily communicate with external C&C servers. C&C messages are furtively hidden in normal traffic, or use a mediating agent to send messages. For example, some attacks use Web applications where the C&C messages are transmitted in the SSL tunnel a traditional security device is unable to detect these malicious messages inside the encrypted traffic. Advanced Persistent Threat (APT) Attack APT attackers intrude into the core enterprise network by evading security devices, then targeting intellectual property and customer information. They use unknown malware and zero-day vulnerabilities to infiltrate the network in steps. Once they obtain administrator credentials, they search the entire network for a target from where to steal user data or damage the IT system. Today s enterprise network infrastructure is changing fundamentally in response to the accelerating impact of virtualization and mobile technologies. These trends have expanded the boundaries of security defense. New types of APT attacks leverage the vulnerability of business systems and mobile devices, stealthily intruding into the system and causing serious risk to online services and critical user data. As cyber-attacks continue to evolve, APT attackers no longer use a single method, but adopt hybrid methods for network infiltration. Deficiencies of Existing Security Solutions Existing security solutions result in high rates of false positives and are ineffective at continuous monitoring and the identification of unknown threats. Traditional threat detection tools are based on signature matching, which allows only the detection of previously identified threats. In some defense systems, the firewall and breach detection devices are not integrated, so that when a threat is detected, a mitigation policy must be configured manually. This response is slow, consumes human resources and is unable to protect the system from the first strike of the threat. Advanced Threat Defense Platform: Accurate Unknown Threat Prevention To achieve accurate threat prevention of unknown threats, the integration of Hillstone s NGFW/iNGFW and Trend Micro s Deep Discovery Inspector (DDI) technologies offers a sophisticated Advanced Threat Defense Platform. DDI uses sandboxing technology to analyze dynamically, and accurately identify, unknown threats: the results of which are synchronized with the Hillstone NGFW/iNGFW. DDI enables the Hillstone NGFW/iNGFW to augment its defense capacity by automatically configuring the mitigation policy to block these unknown threats more accurately. The Hillstone NGFW/iNGFW provides security protection from the network to the application layer, complementing DDI s capabilities. The Advanced Threat Defense Platform, depicted in Figure 1, effectively prevents malware, Botnet, C&C and APT attacks from either Internet or Intranet sources, and provides security protection for enterprise core networks.

Figure 1: Advanced Threat Defense Platform Advanced Threat Defense Platform Features Figure 2 shows the primary features of the Advanced Defense Platform. These include: Threat Visibility: Trend Micro DDI inspects and analyzes more than 80 L2-L7 protocols to detect traffic threats in real-time, and clearly exposes suspicious behavior in servers and endpoints. Identification Accuracy: Trend Micro DDI is based on contextual analysis,multi-level correlation analysis and sandboxing. This enables it to expose infected hosts, identify threat types accurately, and issuing threat warnings. Real-time Blocking: The Hillstone NGFW/iNGFW automatically synchronizes analysis data, dynamically updates the global blacklist, and blocks attacks from threat sources in real-time. Comprehensive Protection: The Hillstone NGFW/iNGFW provides L2-L7 threat prevention to protect against DDoS attacks, SQL injection, XSS attacks, protocol vulnerability attacks, as well as offering IP blacklist, URL filter and web server protection. Figure 2: Features of the Advanced Threat Defense Platform

Advanced Threat Defense Platform Operation The Advanced Defense Platform offers the following operational characteristics: Integration: The Hillstone NGFW/iNGFW and DDI integrate by using a standard API which allows DDI to mirror the traffic of the NGFW/iNGFW. Threat Identification: DDI monitors and analyzes all data traffic, identifies suspicious communication and hidden attacks, and generates an IP/URL reputation of a threat. Data Synchronization: The Hillstone NGFW/iNGFW periodically synchronizes the IP/URL reputation information from DDI via a service API once it gets access permission from DDI. Threat Visibility: The Advanced Threat Defense Platform provides a web UI to configure the integrated solution, and to display graphic reports of threat types, threat source IP addresses, blocking logs and more. Threat Blocking: The Hillstone NGFW/iNGFW adds the IP/URL reputation information to the local IP blacklist and URL filters, allowing it to block in real-time attack packets from this threat source. Use Case The Advanced Threat Defense Platform enables protection for financial enterprises by deploying the platform at the Internet entry point to guard against social engineering APT (malware mail). The sandbox analyzes suspicious attachments and identifies malicious contents,communications and behaviors. The NGFW prevents unknown attacks in real-time, and guarantees the reliability and availability of the enterprise network. Governments and educational establishments are primary targets of APT and malware. Deploying the Advanced Threat Defense Platform in front of the service zone enables accurate identification of data stealing behavior, either from/on servers or from/on endpoint devices, and also prevents malware from accessing sensitive data. Simplified deployment management reduces operational costs. Summary The Hillstone and Trend Micro joint solution enables integration between the most innovative NGFW device and the most innovative deep breach detection device, combining the advantages of both. The Advanced Threat Defense Platform automatically blocks unknown threats upon first encounter, thereby protecting critical business systems and data, and guaranteeing business continuity for the enterprise. Hillstone Networks As a leading provider in network security, Hillstone Networks security products are widely used by carriers, government agencies, large enterprises and universities. With its innovative Intelligent Next-Generation Firewall, Hillstone Networks is recognized by the Gartner firewall report as a vendor providing continuous innovation efforts in the China market. In 2014, Hillstone Networks was positioned in the Gartner Magic Quadrant for Enterprise Network Firewalls due to its outstanding innovative capabilities and competitiveness, surpassing many other global vendors in terms of completeness of vision of network security technology.

Trend Micro As a global leader in IT security, Trend Micro offers innovative security solutions that deliver top-ranked client-server, network, virtualization and cloud-based protection. Trend Micro is recognized as the Top one vendor in global virtualization security market, the Top one vendor in global server security market, and the Top one vendor in global cloud security market. In the testing conducted by NSS labs, Trend Micro s DDI provides outstanding results of the highest detection rate and zero false positives, making it a leader compared to other tested vendors.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information