Trend Micro: Smart Protection Complete
Written by Peter Stephenson, Technology Editor, SC Magazine
Being Trend Micro – a well-known anti-malware vendor – one would expect the Smart Protection Complete suite to be an enhanced anti-malware product. And one would be wrong. While it does have a strong anti-malware component, it also features port and device controls, endpoint encryption and DLP. If you add the integration of the gateway level you can add web, email, instant messaging and SharePoint protection, including social engineering protection for emails. The gateway can be on-premises or in the cloud.
Not to be left out, the product also covers mobile devices and includes mobile device management. All of this is managed through the Trend Micro Control Manager. Policies are set by administrators and then deployed to endpoints, gateways and servers. The Smart Protection Complete suite is a superset of the Smart Protection for Endpoints Suite, which does not include gateway, instant messaging and collaboration capabilities. We reviewed the Smart Protection Complete suite.
Overall, the suite covers employee leaks, malware, vulnerability exploits, advanced malware, such as APTs, and targeted attacks where a single individual or identifiable group is targeted explicitly. The Trend approach is reminiscent of the old principle of defense-in-depth. It is decidedly data flow-based and begins at the gateway. Once a threat makes it through the gateway – if it does – it must contend with reputation checking for web, email and file, as well as application whitelisting. Its next challenge is passing vulnerability shielding, a sort of virtual patching, behavior monitoring (something Trend Micro pioneered), social engineering protecting, memory inspection and C&C blocking – if it should try to call home. If all else fails there still is traditional DLP and device control. Investigation of the breach also is part of the Complete suite, as is encryption.
Complete suite also includes the Trend Mobile Suite. Based on policy, this covers such things as email and web, and provides DLP, file encryption, separation of business and personal data and mobile app control.
The offering can work on-prem or in the cloud. When the organization is ready to move to the cloud, no new licensing is require. This also is true if the organization wants to use a hybrid approach of data center and cloud. Installation is by a deployment tool kit and selective installation is available any time, so admins can change deployment parameters without starting over.
Finally, the use of Trend’s Smart Filter ensures a small definition size for better performance and it means that at all times that not only prevalent and zero day threats are protected but when a more rare, potentially older threat comes up, the Smart Filter detects it and adds the full signature for the rare threat as well. Pricing is reasonable and website and documentation are what you’d expect from an experienced leader.