Tactical Advice

PC Protection

Trend Micro antimalware suite reduces risk with pattern file management and web reputation services.
This story appears in the September 2010 issue of BizTech Magazine.

Companies seeking greater flexibility in the protection of endpoints should consider the Trend Micro Enterprise Security for Endpoints Advanced software suite, which secures PCs, Macs, Linux boxes and smartphones by guarding against malware.

End-User Advantages

Like most manufacturers of anti-malware programs, Trend Micro compares a file’s binary contents with various patterns that are signatures of malware. But scanning against all of those patterns can slow performance.

Trend Micro has introduced two new features to offload a portion of that processing from endpoints and move it to the data center. The first, called File Reputation, pushes some of that intensive scanning back to a server. My workstation did a quick analysis of a test file, sending key parts back to a server to determine whether the file was infected.

The second feature, Smart Query Filter, serves as a whitelist by allowing a workstation to determine whether a file is infected before it even talks to the server.

I tested the product on Microsoft Windows XP, Windows 7, Windows 2003 and Windows 2008, but Trend Micro also works with Mac OS, popular Linux distributions and Novell NetWare.

Why It Works for IT

Enterprise Security for Endpoints Advanced integrates with Microsoft Windows Active Directory, allowing administrators to craft policies for different Organizational Units (which could represent different types of servers or workstations).

The endpoint security product also offers web protection. Every time a user accesses a new website, the software checks the URL against a list of suspect websites; if it finds a match, the user is prevented from accessing that site. To test this feature, I disabled the phishing filter in Internet Explorer and navigated to the Microsoft Contoso phishing test site, which Trend Micro blocked. I even went so far as to test some of the phishing attack e-mails in my junk e-mail bin, and it caught every one.

The product also comes with role-based administration, which allows IT to delegate some operations to Tier-1 or help-desk support. System administration is granular almost to a fault — just about every element in the graphical user interface can be controlled.

There’s also a plug-in architecture that allows users to add functionality to the endpoints from a central console. For example, say a new zero-day exploit has recently come out that is triggered by a website whose URL is more than 1,000 characters in length. You can simply instruct the clients to reject any URL over 1,000 characters until the pattern file comes out that protects against that particular exploit, all from the central console.


Enterprise Security for Endpoints Advanced includes a mobile client that comes with standard malware protection and a firewall, but it doesn’t yet support the Apple iPhone.

1.5 seconds  Frequency at which unique new malware patterns surface

SOURCE: Trend Micro

Also, the Active Directory policy integration considers only computer objects in Active Directory, not users. Hence, you can’t deploy a policy based on the user who has logged onto the system, only on the system itself. However, this issue likely affects only users who are in a shared computer environment.

You may also find that the software does not work properly on Novell Open Enterprise Server platforms. Trend Micro’s support staff has worked through these issues and can assist you.

Dr. Jeffrey Sheen is the lead enterprise analyst for Grange Mutual Insurance of Columbus, Ohio.
Sign up for our e-newsletter


Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....


The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...


Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.