Tag Archives: Trend Micro

XGen badge (HES) is the latest Trend Micro solution to wear the xGen badge. We take a brief look at the machine learning benefits behind the brand.

For both MSPs and resellers, Trend Micro’s Hosted Email Security (HES) has always been a compelling sell, delivering powerful, serverless email protection for customers with limited IT resources.

But whereas the rest of Trend’s Worry-Free Business Security Services solutions have already been plugged into the Predictive Machine Learning technology that is one of the features of the newly minted xGen brand, HES (perhaps because it’s also available as a standalone solution, outside of Worry-Free) hadn’t been – until now.

Here are some of the benefits that ‘xGenned’ HES now delivers to end-users.

Zero-day and unknown threats detected

With the threat landscape evolving at bewildering speed, checking chunks of code against databases of the known ‘usual suspects’ is only fractionally effective.

Instead, security solutions now need to detect hitherto unknown and unidentified threats, too, as we described in a previous post recently - and this is exactly what the Predictive Machine Learning in HES now enables it to do.

Predictive Machine Learning uses advanced file feature analysis to ascertain both the probability that a threat exists in a file, and the probable file type – and, of course, because it is learning from each example, it gets better as it goes.

Dangerous files and processes neutralised

Once the machine learning process has identified an unknown or zero-day threat, it can then take action to keep end-users protected.

If the threat is file-based, for example, the solution will quarantine the files in question, to stop the threat from spreading across users’ networks.

HES shares its newfound machine learning capabilities not only with Trend’s Worry-Free Business Security Services solutions but also with OfficeScan, so this more detailed explanation of the latter’s Predictive Machine Learning features, and how they work, is worth a read.

No more multiple login hell

Bringing HES into the xGen fold appears to have prompted some other helpful alignments with existing Trend solutions, too (although, in truth, these don’t have much to do with machine learning!)

There’s a lot less cumbersome clickery involved, for a start. For example, you can now jump directly from HES into the management console of the Cloud App Security solution, whereas before you’d have had to go from the Customer Licensing Portal (CLP) to HES, then back to CLP in order to reach Cloud App Security.

This is important for two reasons: firstly, to stop you losing the will to live. And secondly, because it’s a significant improvement to the overall email security workflow (Cloud App Security is needed to provide Exchange Online mail store scans as well as inspection of internal email traffic - so an easy hook-up to it is a must).

In short, HES is going through the same operator-friendly evolution as many other Trend solutions - getting rid of fiddly separate passwords for each service.

Ultimately, this helps partners work more efficiently and thus cut down on admin overheads, but also it makes for smoother service delivery.

HES: an xGen latecomer poised to deliver

It’s worth noting that HES has also recently benefited from an overhauled interface, improved data insights, enhanced Time-of-Click web protection, and other additional refinements, as explored in this post - so it certainly hasn’t been standing still.

But it has moved at a different speed to the rest of the xGen stable, and it’s good news for security resellers and MSPs alike that they can now tell their customers the gap is being closed!

Upgrade Trend Micro Worry-FreeIf you don’t manage your Trend Micro Worry-Free Business Security upgrades properly, your customers could be at risk from ransomware! We explain what to do.

If you sell Trend Micro’s Worry-Free Business Security Standard or Advanced editions, you’ll know that both come with a convenient management console that enables you to easily watch over and control the security services you deliver.

But if you don’t act on the information and alerts you receive, and keep your solution up to date, it could mean that your end-user customers are at greater risk from threats like ransomware!

There are just three things you need to do to keep your customers protected:

1. Upgrade manually after renewals

Renewals of Trend Micro’s Worry-Free for Business Standard or Advanced editions do not automatically upgrade to the latest version, so you need to manually manage this process yourself.

Happily, it’s an easy thing to do. There’s a link to Trend Micro’s Download Center at the top of every console homepage. Click to upgrade your renewed Worry-Free Business Security edition to the latest version (see images below).

Alternatively, you can go to the Help tab, click on Support, and then click on the Download Center icon at the bottom of the page (see image below).

No uninstall or reinstall is required, the upgrade will automatically be picked up from the server by all the connected security agents, and your customers will stay protected.

What’s not to like?

Worry-Free Console
(Click to enlarge)
Worry-Free Console
(Click to enlarge)
Worry-Free Console
Upgrading Worry-Free Business Security after renewal is easy! (Click to enlarge)

2. Get notified by RSS as well

If you’re not on v.7 or upwards, you won’t get console notifications, so you need another way of receiving them.

And even if you are on v.7 or upwards, there’s certainly no harm in having a backup notification channel to be doubly sure the message hits home.

This is why the Download Center website supports RSS. You can set up upgrade notifications and reminders from that site straight into your RSS feed (see image below), and then go into the console to act on them.

Trend Micro software download RSS Feed
You can subscribe to the Download Center website’s RSS feeds to get upgrade and service pack notifications – whether the notification feature is also available in your version of the console or not. (Click to enlarge)

3. Act on those notifications!

As we’ve shown above, the console – even in pre-v.7 guise - contains the necessary links for you to download upgrades or service packs, and you can also find these links in the Download Center, whose icon is at the bottom of the console page (see image above).

So it’s a cinch to stay ahead of the game – but you do have to make sure you download the upgrades and packs promptly from the links.

That way, your customers will continue to be fully protected.

Keep Worry-Free worry-free!

Pay heed to your console, reminders and notifications and your Worry-Free Business Security solutions will totally live up to their name (more so, in fact, if you upgrade to the cloud-based Services edition that significantly simplifies life for both you and your end-users!)

But miss an upgrade or a service pack, and fast-moving, destructive threats like ransomware are, in all probability, already one step ahead of you and your customers alike.

And that will prove very worrisome indeed.

Zero day exploitsIn the wake of a Windows 10 zero day exploit that had Microsoft all a-flutter, we explore these insidious threats - and how to combat them.

In the last blog in this series, we looked into ransomware, what it is, and how you can stop it. In this blog, we put another cyber-threat under the microscope – the zero day exploit.

We’ve looked into what the zero day exploit is and how it ticks – and we’ve “zeroed” in (sorry!) on some things businesses and their security partners need to consider in order to confront the danger head-on.

Zero day exploits: what are they?

Perhaps no other threat is guaranteed to drive software vendors’ marketing departments into public fits of bluster and defensiveness quite like the zero day exploit (see Microsoft’s recent performance in this piece in Ars Technica, for example!)

This is because zero day exploits are all about urgency and panic. Typically, they attack newly released software through vulnerabilities even its designers often don’t yet know exist (although legacy software can also sometimes be a target).

They are so called, as Wikipedia explains, because the hapless software vendor has “zero days” to fix the problem, or communicate helpfully about it, before it goes public – since the hackers themselves have usually already publicised it for them!

Zero day exploits love targeting browsers and office applications like Word and others (because we all use them) and they also hijack the common SMTP email protocol to find their way into these vulnerable applications in the first place.

But what makes zero day exploits so dangerous is that they tend to evade typical security software defences.

Why? Because many of the latter rely on triggers like malware signatures and known URL blacklists – intelligence that accumulates over time. And by definition, a zero day exploit has none of this history behind it!

What damage can zero day exploits do?

Here’s just a short list of zero day threats and the havoc they can potentially wreak, curated from various sources covering the last year or two:

  • Suspected North Korean State threat actors were observed exploiting a vulnerability in a word processing application
  • A targeted attack unveiled vulnerabilities in Microsoft Office and Windows, hidden within a Microsoft Word document
  • Adobe and Windows zero day exploits were made use of by Russia’s APT28 gang in a highly-targeted hack
  • Vulnerabilities in Microsoft font drivers were found to allow remote code execution, potentially rendering businesses open to ransomware, data theft, etc.

And, at the time of writing, a memory corruption bug affecting several Windows operating systems was declared capable, in this advisory, of remotely causing a denial of service (DDoS) attack!

Zero day – how do you defeat an enemy you can’t see?

But what defence is possible if security software can’t even recognise a zero day exploit when it’s sitting on top of one?

One effective response to this is to choose security solutions that don’t go hunting for known malware signatures, but instead zoom in on the structural behaviour of the applications that are likely to be targeted by zero day exploits.

Unexpected behaviours in those applications can indicate that they are being asked to do something they shouldn’t – and in tests, this approach has led to security vendor Bitdefender being able to block all Flash player exploits, including zero day, encountered in the space of a year.

It follows that the more extensive the analysis of these applications and the data they generate, the more effective a security solution is likely to be in recognising the signs that a zero day exploit is at work.

Enter Trend Micro, which has woven together an extraordinary mesh of vulnerability intelligence sources that include behavioural, statistical, heuristic and protocol analyses, all drawing on a constantly updated and monitored worldwide threat intelligence network.

Backed up by artificial intelligence (AI) and machine-learning techniques that extend through multiple different security layers, analyses of the entire possible zero day attack surface can be interlinked.

In other words, a more holistic understanding of which of the business’s applications are being asked to do what, and whether this is likely to constitute risky behaviour, is formed.

It’s less about putting a name and face to the exploit itself, and more about spotting changes across the business’s often very complex IT environments that aren’t explicable in any healthy way!

Anti-zero day solutions – what the industry says

An enlightening read for those investigating this area is industry analyst Gartner’s recent Magic Quadrant for endpoint security (which you can download here, and in which Trend Micro, incidentally, is positioned highest and furthest amongst the contenders).

It hits on many of the points we’ve mentioned above – application and process analysis, behaviour monitoring, machine learning, browser and office software vulnerabilities, memory manipulation – to paint a pretty comprehensive picture of what the industry is doing to address the fundamental difficulty of stopping a threat that is, initially at least, invisible.

Meanwhile, keep your eyes peeled for our next topic in this blog series – viruses!

Trend Micro HESTrend Micro HES has long been an attractive cloud solution for users who want email security without on-site hassle. Read how it just got better!

We see a lot of email security solutions, but it’s fair to say that Trend Micro’s Hosted Email Security (HES) has recently upped its game to deliver a user experience that’s slicker, protection that’s broader and more agile, and service management that’s easier (and therefore ultimately more profitable!)

Here’s how Trend has taken HES to the next level.

New in Trend Micro HES, (1): Smoother interface, better data insights

Trend has now extended the successful interface designs found elsewhere in its stable of solutions to HES too, meaning that if you can “drive” other Trend solutions (like Worry-Free or OfficeScan), you can now just as easily drive HES.

For both end-users and service providers, this potentially means smoother workflows, easier internal adoption, lower training and implementation costs, and, overall, sharper ROI.

Trend Micro HES Dashboard
Trend has brought HES into line with its standard interface design and given its threat analysis tools a shot in the arm.

An improved dashboard in the solution now also makes it easier for end-users and service providers to glean more information about the threats they face, thanks to advanced analysis details and top advanced threat charts.

New in Trend Micro HES, (2): Sandboxing now comes for free!

Sandboxing – the ability, in the context of the SMTP protocol, to take mail offline and rigorously test it for threats before it reaches the recipient – is a potent tool in the security partner’s armoury.

But, typically, it’s also very costly – and it’s here that Trend has broken the mould. HES now includes free-of-charge access to new sandboxing solutions including Advanced Threat Scan Engine and Social Engineering Attack Protection.

Tick a box, get sandboxing for free – Trend’s Christmas present to service providers seeking to add value to their customers’ accounts!

Advanced Threat Scan Engine uses combined pattern-based and heuristic scanning to not only combat known email threats, but identify characteristics and behaviours that can suggest new ones (making it particularly effective against stealth threats like ransomware and zero-day exploits).

Social Engineering Attack Protection (now built into the AntiSpam Engine) is part of Trend’s recently much-vaunted machine learning stable, which includes the XGEN solutions.

It detects suspicious behaviour in multiple parts of each email transmission, including the email header, subject line, email body, attachments, and the SMTP protocol information.

Suspect messages are returned to Hosted Email Security for further action or policy enforcement, ensuring the attack does not reach its target.

These services are easy to activate too, by simply ticking a policy check box – convenient for end-users and service providers alike.

New in Trend Micro HES, (3): Protection against spoofing

Spoofed email identities are the gateway to unwitting activation of all manner of threats, from phishing, to whaling, to dangerous attachment payloads, and more.

HES now supports DKIM (Domain Keys Identified Mail) signatures in both incoming and outgoing messages. These authenticate the domain name associated with a message to detect any mismatches, which in turn protects users against receiving messages that have been tampered with – for instance, to spoof the sender name.

Protection against spoofing
Spoof email? That’s so passé!

New in Trend Micro HES, (4): Marketing-friendly segregated email

Trend has consistently led the field in anti-spam protection, but the reality is that what is often defined as marketing spam can in fact be a source of new opportunities or competitor intelligence for some departments in your customers’ businesses.

For this reason, HES now offers email segregation, which enables certain types of user or policy group within the end-user’s organisation to choose to receive marketing and promotional email (whilst still subjecting it, of course, to all the other new and existing HES security features).

Marketing-friendly segregated email
Yes, please market to me! Or just don’t, OK?

New in Trend Micro HES, (5): Time-of-Click Web Protection

Boosting Trend’s already significant arsenal of web reputation and security solutions, Time-of-Click protection automatically rewrites URLs contained in received emails.

This means that the default action when a user clicks on these links is not to take them straight to the site concerned, but to submit that underlying site to Trend for real-time prior security and reputation analysis.

Lucky Trend automatically rewrote this URL and checked it before the recipient got taken to the site…

The delay for the user in accessing a legitimate site is fractional, but the protection against accessing non-legitimate sites is comprehensive, since no access is granted until HES has confirmed that the site is not a source of threats or reputational damage.

More on what’s new in Trend Micro HES

There’s not the space here to cover off all the detail, but suffice it to say that Trend’s latest version of HES delivers additional benefits that could enable service providers to really differentiate their offering in both existing and new accounts.

Here’s a full list – and you know where to come if you want to discuss it!

Trend XP image

With the end of Microsoft support for Windows XP, companies are either looking for a new solution or way to patch Windows XP until they find one. So if you’re one of the companies trying to ‘stay safe’ and find a patch solution, what can you do?

  1. Switch browsers
    If you’re still using Internet Explorer with Windows XP, you’re more vulnerable to an attack. Windows XP only supports Internet Explorer 9, which is at least two versions out of date. Try using Google Chrome or Firefox, which have both been updated for Windows XP and you’ll get future updates.
  2. Install anti-virus
    Find an anti-virus solution that can reduce the impact of no longer being sent the Windows XP security updates from Microsoft.
  3. Rely on Microsoft Security Essentials
    Microsoft confirmed that XP updates will continue to be added to Security Essentials (the free security package) until July 2015. Although this isn’t something that MSPs should rely on as only decent internet security software can protect against being attacked.
  4. Instead of spending time on the points 1-3, cover any exploits with the Windows XP virtual patching application from Trend Micro – Enterprise Security for Endpoint Light (ESE).

Trend XP imageWith ESE, you can secure physical and virtual endpoints with protection against the latest threats, using anti-malware and cloud-based global threat intelligence. OfficeScan is a sub-component of ESE and protects against data loss and theft with the ability to secure file servers, PCs, laptops and virtualised desktops.

Additional protection is available with the Intrusion Defense Firewall (IDF) Module

Stop zero-day threats immediately with a network-level Host Intrusion Prevention System (HIPS) that enables virtual patching.

  • Shield vulnerabilities in client operating systems and -applications before patches are available
  • Deploy true zero-day protection from known and unknown threats
  • Protect your critical platforms, including Windows 8

Contact your Trend Micro specialist on 0118 9898 222 or visit our website for more information on how Trend Micro can protect your business.

Alongside the release of Worry-Free Business Security 9, Trend Micro will be implementing a minimal price increase to the renewal SKU’s for Worry-Free Business Security Standard and Advanced. Worry-Free Business Security New, Services, SafeSync, Consumer and Enterprise products will remain as they are.

The price increase comes into effect on 1st April 2014 and is Trend Micro’s first adjustment to pricing in almost 5 years. Unlike their competitors, Trend Micro offer a fixed pricelist policy so their partners are not impacted by monthly currency fluctuations or continual incremental increases. This makes quoting your customers Trend Micro a ‘worry free’ process!

Kirk Harris, Trend Micro Product Manager

As of the 8th March 2014, currently 3 days away Trend will be migrating all licenses registered on the OLR Portal (https://olr.trendmicro.com) to the newer and much shinier CLP Portal (https://clp.trendmicro.com) – The CLP previous had only been compatible with SAAS product and by far was the more simplistic way to register your new licenses, so all in all, I think a good decision. Good on you Trend Micro!

Okay, so what does this mean… Simply use the CLP Portal to register/login instead of the OLR Portal. Trend Micro will automatically migrate all the current license information, so no need to worry there.

Remember! Use the CLP Portal from the 8th of March onwards!

JAMES TOMLINSON, TREND MICRO SPECIALIST

We are offering a multi-year promotion for Standard and Advanced renewals on Worry-Free™ Business Security. Customers who renew for 3 years will receive a 10% discount, while those who renew for 2 years will benefit from a 5% discount.

The offer is valid for up to 100 seats and does not include additional seat sales.  Please contact your account manager Kirk Harris on 0118 989 8231 or email kirkharris@bluesolutions.co.uk for further details or visit the Blue Solutions website http://bit.ly/15Y2i3w

Terms & conditions apply.

  • Offer valid for orders placed between 1st October 2013 and 31st December 2014.
  • Offer only valid on 2 or 3 year renewals.
  • A 10% discount applies to every year on a 3 year renewal and a 5% discount for every year on a 2 year renewal.
  • Eligible Products: Worry-Free Business Security Standard and/or Advanced, license purchases only – up to 100 users.
  • Purchases of additional seats are excluded.
  • The Gov and NGO/NPO/EDU discount can be applied.
  • Offer valid on renewal purchases only.
  • Not to be used in conjunction with any other Trend Micro offer or promotion other than those stated above.

 

Are you moving into Managed Services? If your business provides IT support as a managed service you can bundle security software from Trend Micro as part of your service offering. All Trend Micro products are available including Worry Free. By Partnering with Trend Micro on their xSP programme you will have access to the following:Trend Micro xSP

  • Quarterly pay-as-you-go billing
  • Industry-unique self-provisioning licence portal (LMP)
  • Industry-unique web-based management console (WFRM)
  • Integrate with leading RMM and PSA tools (such as Autotask and ConnectWise)
  • State-of-the-art solutions that use the cloud, eliminating costly installation and setup work

For more information visit http://www1.bluesolutions.co.uk/vendors/trend-micro/msp-solutions.aspx

Apply online at https://www.rissp.com/Register.aspx

The Infographic (pictured right) is created by one of our vendor partners, Trend Micro. It suggests (putting it bluntly) that employees can take much of the blame for data protection breaches. 78 per cent of organisations have suffered from at least one data breach over the past two-years, but only 8 per cent cited external attacks as the main reason. Loss of laptops and other mobile devices is the biggest failing. It looks like us employees could be responsible!

BYOD

Bring Your Own Device (BYOD) is rather under rated on this Infographic. It only makes number 10 on the riskiest employee practices list. However, I think the risk could be much higher, especially in SMBs. Using the right software, large businesses, which have their own “fleets of IT” can control device access, website access, data encryption, applications, and in the event of device loss, remotely wipe data too. SMBs by contrast rarely provide staff with devices for work use, but still need to protect (but probably don’t) corporate data held or accessed (intentionally or by accident) using an employee’s own device.

Legislation will only increase

Personally, I don’t think individuals are all entirely to blame. They may lose the devices or cause the data breach, but SMB owners also need to take data protection more seriously. For one thing, legislation in this area will only increase. It is interesting that the research behind the infographic suggests only 43 per cent of organisations protect sensitive information with data protection technology. I should imagine in SMBs that figure is much lower.

Consultancy first, product sell second

The Infographic really highlights some sweeping trends, but for me the biggest point on data protection is that every company is different; every company operates with different levels of protection sophistication. The biggest opportunities for resellers right now – with support from consultancy-led distributors and vendors - is to sell consultancy services to end-user customers. Consultancy first, product sell second. Resellers should now be working with business owners to provide security audits, to really understand how their businesses operate and then to help them find the security holes. In many cases, owners simply don’t realise they have a security hole!