| Brand |
Trend Micro |
| Product Type |
Server Security |
| Version |
Deep Security 11.1 |
| License Quantity |
Minimum 5 quantity |
| Distribution Media |
Medialess |
| Language Supported |
English International |
| OS Compatibility |
OS: Windows Server 2016, Windows Server 2012 (64-bit), Windows Server 2012 R2 (64-bit), Windows Server 2008 (64-bit), Windows Server 2008 R2 (64-bit), Windows 2003 Server SP2 (64-bit), Windows 2003 Server R2 (64-bit), Red Hat Linux 5/6 (64-bit) Database: Oracle 11g, Oracle 11g Express, Oracle 10g, Oracle 10g Express, Microsoft SQL Server 2014, Microsoft SQL Server 2014 Express, Microsoft SQL Server 2012, Microsoft SQL Server 2012 Express, Microsoft SQL Server 2008, Microsoft SQL Server 2008 Express, Microsoft SQL Server 2008 R2, Microsoft SQL Server 2008 R2 Express" |
| System Requirements |
Deep Security Manager Memory: 8GB, which includes: 4GB heap memory 1.5GB JVM overhead 2GB operating system overhead Disk Space: 1.5GB (5GB recommended) Web Browser: Firefox 24+, Internet Explorer 9.x, Internet Explorer 10.x, Internet Explorer 11.x, Chrome 33+, Safari 6+. (Cookies enabled) Monitor: 1024 x 768 resolution at 256 colors or higher Deep Security Agent Memory With Anti-Malware protection: 512MB Without Anti-Malware protection: 128MB Disk Space With Anti-Malware protection: 1GB Without Anti-Malware protection: 500MB With Relay functionality enabled: 8GB Deep Security Virtual Appliance Memory: 4GB (Memory requirements can vary depending on the number of VMs being protected) Disk Space: 20GB VMware Environment NSX Environment: VMware vCenter 5.5, with ESXi 5.5 vShield Environment: VMware vCenter 5.0, 5.1, or 5.5, with ESXi 5.0, 5.1, or 5.5 Additional VMware Utilities: NSX Environment: VMware Tools 9.4, VMware vCenter Server Appliance 5.5, VMware NSX Manager 6.1 vShield Environment: VMware Tools, VMware vShield Manager 5.0, 5.1, or 5.5, VMware vShield Endpoint Security 5.0, 5.1, or 5.5 (ESXi5 patch ESXi500-201109001 or later for vShield Endpoint Driver) ESXi Requirements for the Deep Security Virtual Appliance In addition to the ESXi standard system requirements, the following specifications must be met: CPU: 64-bit, Intel-VT or AMD-V present and enabled in BIOS Supported vSwitches: NSX: vSphere Distributed Switch (vDS) vShield: vSphere Standard Switch (vSS) or third party vSwitch (Cisco Nexus 1000v) |
| Feature 01 |
Trend Micro Deep Security is a complete security solution for Datacenter. It includes the below Modules 1-Anti Malware 2-Host based intrusion prevention system 3-Hosted Firewall 4-File integrity monitoring 5-Application Control 6-Log Inspection 7-Web Reputation |
| Feature 02 |
Protection from data breaches and business disruptions: Deep Security—available as software, Amazon Web Services (AWS) or Microsoft® Azure™ Marketplace offerings, or as-a-service—is designed to protect your data center and cloud workloads from data breaches and business disruptions. Deep Security helps you achieve compliance by closing gaps in protection effciently and economically across hybrid cloud environments. |
| Feature 03 |
Multiple security controls managed from a single dashboard: Deep Security features integrated modules including anti-malware, predictive machine learning, web reputation, frewall, intrusion prevention, integrity monitoring, application control, and log inspection to ensure server, application, and data security across physical, virtual, and cloud environments. Deep Security can be deployed as a single, multifunction agent across all environments and simplifes security operations with a single management dashboard for all capabilities. You can use Trend Micro Control Manager as your dashboard, or a third-party system such as VMware vRealize Operations, Splunk, HP ArcSight, or IBM QRadar |
| Feature 04 |
Seamless integration extends policies across cloud environments: Deep Security seamlessly integrates with cloud platforms including AWS, Azure, and VMware® workloads enabling you to extend data center security policies to cloud-based workloads. With a wide range of capabilities optimized across environments, Deep Security empowers enterprises and service providers to offer a differentiated and secure multi-tenant cloud environment to their users |
| Feature 05 |
Virtual desktop security: Preserve performance and consolidation ratios with comprehensive security built specifcally to maximize protection for VDI environments |
| Feature 06 |
Virtual patching: Shield vulnerabilities before they can be exploited, eliminating the operational pains of emergency patching, frequent patch cycles, and costly system downtime |
| Feature 07 |
Virtualization security: Deep Security protects virtual desktops and servers against zero-day malware, including ransomware, and network-based attacks while minimizing operational impact from resource ineffciencies and emergency patching |
| Feature 08 |
Cloud security Deep Security enables service providers and modern data center managers to offer a secure multi-tenant cloud environment with security policies that can be extended to cloud workloads and managed centrally with consistent, context-aware policies |
| Feature 09 |
Integrated server security Deep Security consolidates all server security functions into one comprehensive, integrated, and flexible platform that optimizes protection across physical, virtual, cloud, and container environments |
| Feature 10 |
ARCHITECTURE Deep Security Virtual Appliance- Transparently enforces security policies on VMware vSphere virtual machines. For VMware NSX environments, this provides agentless anti-malware, web reputation, intrusion prevention, integrity monitoring, and frewall protection. Combined mode can be used where the virtual appliance is used for agentless anti-malware and integrity monitoring and an agent for intrusion prevention, application control, frewall, web reputation, and log inspection. Deep Security Agent- Enforces the data center’s security policy (application control, anti-malware,intrusion prevention, frewall, integrity monitoring, and log inspection) via a small software component deployed on the server or virtual machine being protected (can be automatically deployed with leading operational management tools like Chef, Puppet, and AWS OpsWorks). Deep Security Manager- Powerful, centralized management console: role-based administration and multi-level policy inheritance allows for granular control. Task-automating features such as Recommendation Scan and Event Tagging and event-based tasks simplify ongoing security administration. Multi-tenant architecture enables isolation of individual tenant policies and delegation of security management to tenant admins. Global Threat Intelligence- Deep Security integrates with the Smart Protection Network to deliver real-time protection from emerging threats by continuously evaluating and correlating global threat and reputation intelligence for websites, email sources, and fles. |
| Feature 11 |
Malware prevention with behavioral monitoring and predictive machine learning • Integrates VMware vShield Endpoint APIs to protect VMware virtual machines against viruses, spyware, Trojans, ransomware, and other malware • Delivers an anti-malware agent to extend protection to physical, virtual, and cloud servers, including AWS, Microsoft, and VMware environments • Includes improved performance through agentless VMware ESX-level caching and deduplication • Optimizes security operations to avoid antivirus storms commonly seen in full system scans and pattern updates from traditional security capabilities |
| Feature 12 |
Log inspection • Collects and analyzes operating system and application logs in over 100 log fle formats, identifying suspicious behavior, security events, and administrative events across your data center • Assists with compliance (PCI DSS section 10.6) to optimize the identifcation of important security events buried in multiple log entries • Forwards events to SIEM system or centralized logging server for correlation, reporting, and archiving |
| Feature 13 |
Intrusion prevention • Examines all incoming and outgoing traffc for protocol deviations, policy violations, or content that signals an attack • Automatically protects against known but unpatched vulnerabilities by virtually patching (shielding) them from a number of exploits, pushing protection to thousands of servers in minutes without a system reboot • Assists with compliance (PCI DSS section 6.6) to protect web applications and the data they process • Defends against SQL injection, cross-site scripting, and other web application vulnerabilities • Includes out-of-the-box vulnerability protection for all major operating systems and over 100 applications, such as database, web, email, and FTP servers • Provides increased visibility and control over applications accessing the network, including rule sets to block unwanted software from running at a system wide level |
| Feature 14 |
Bidirectional host-based frewall • Decreases the attack surface of physical, cloud, and virtual servers with fne-grained fltering, policies per network, and location awareness for all IP-based protocols and frame types • Centrally manages server frewall policy, including templates for common server types • Prevents denial-of-service attacks and detects reconnaissance scans • Provides logging of frewall events at the host,enabling compliance and audit reporting that is especially critical for public cloud deployments |
| Feature 15 |
Integrity monitoring • Monitors critical operating system and application fles, such as directories, registry keys, and values, to detect and report malicious and unexpected changes in real time • Uses Intel TPM/TXT technology to perform hypervisor integrity monitoring for any unauthorized changes to the hypervisor, thereby extending security and compliance to the hypervisor layer • Reduces administrative overhead with trusted event tagging that automatically replicates actions for similar events across the entire data center • Simplifes administration by greatly reducing the number of known good events through automatic cloud-based whitelisting from Trend Micro™ Certifed Safe Software Service |
| Feature 16 |
Multi-platform application control • Detects and blocks unauthorized software automatically on Windows and Linux servers • Scans a machine and determines which applications are currently on it • Locks down the system once the inventory is created, preventing new applications from running without being whitelisted • Integrates into a DevOps environment to support continuous changes to application stacks, while maintaining application control protection using APIs |
| Feature 17 |
DEPLOYMENT AND INTEGRATION • Agent software can be deployed easily through standard software distribution mechanisms such as Chef, Puppet, AWS OpsWorks, Microsoft System Center Confguration Manager (SCCM), Novell ZENworks, and Symantec Deployment Solution • Detailed, server-level security events are provided to a SIEM system, including HP ArcSight, Intellitactics, IBM QRadar, NetIQ, RSA Envision, Q1Labs, Loglogic, Splunk, Sumologic, and other systems through multiple integration options. • Directory integration with enterprise directories, including Microsoft Active Directory |
