![Page 1: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/1.jpg)
Trend Micro Deployment
Kelvin HwangIT Services
University of Windsor
![Page 2: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/2.jpg)
Agenda Definition of Malware Malware Characteristics Malware Evolution Google’s Study Challenges in Educational Environment Solution - Web Reputation Service Test & Results Overall Experience Enough Protection? Questions ?
![Page 3: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/3.jpg)
Definition of Malware
A malicious software that is designed to specifically damage or disrupt a system, such as:
Virus Worm Trojan Horse Bot
![Page 4: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/4.jpg)
Malware Characteristics
![Page 5: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/5.jpg)
Malware Evolution Diskettes Network shares Email (e.g. LoveLetter email worm) Peer to Peer networks (P2P) The World Wide Web
Reasons:• Malicious file size is getting bigger• End users have more knowledge• Use of Mobile code
![Page 6: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/6.jpg)
Google’s StudyThe Ghost In The Browser – Analysis of Web-based Malware (Niels Provos, Dean McNamee, Panayiotis Mavrommatis, Ke Wang and Nagendra Modadugu Google, Inc.)Google closely analyzed 4.5 million web pages over the course of a year (March 2006 – March 2007) and found that approximately 10 %, or 450,000, had the capability of installing malware without users' knowledge.
![Page 7: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/7.jpg)
Challenges in Educational Environment
Academic Freedom. Campus community is sensitive to:• Blocking• Filtering• Logging
Local Administrator Rights
![Page 8: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/8.jpg)
Solution - Web Reputation Service
Prevention is always better than treatmentWeb Reputation works in real time to prevent both users and applications from accessing malicious or infiltrated websites Credit check for Web sites (Check before visit)Based on threats not categories
![Page 9: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/9.jpg)
Solution - Web Reputation Service (Continue)
Web site “reputation” score is assigned based on: Threat Types
1. "a Web threat" 2. "very likely to be a Web threat"3. "likely to be a Web threat"
![Page 10: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/10.jpg)
Solution - Web Reputation Service (Continue) Security Levels
1. High: Blocks URLs that are unrated, a Web threat, very likely to be a Web threat, or likely to be a Web threat
2. Medium: Blocks URLs that are unrated, a Web threat, or very likely to be a Web threat
![Page 11: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/11.jpg)
Solution - Web Reputation Service (Continue)
3. Medium-low: Blocks URLs that are aWeb threat or very likely to be a Webthreat
4. Low: Blocks only URLs that are a Web threat
![Page 12: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/12.jpg)
Test & Results
Monday – Friday, 9AM – 3PM October 2007
15,000 URLs Blocked 41% reduction in the number of infected machines 81% reduction in the number of detected malware. One unblock request
![Page 13: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/13.jpg)
Overall Experience Trend Micro deployment in 2002 (quarantined malware 300 - 400 daily) Add new protection without extra equipment:• Intrusion Defense Firewall Plugin• Trend Micro Security for Mac Plugin• Mobil Security Plugin• Virtual Desktop Support Plugin
![Page 14: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/14.jpg)
Overall Experience (Continue) Web Threat Protection (30,000 URLs blocked monthly) Device Control to handle autorun virus Helpdesk virus related calls:• 2001 – 12 % (Before Trend Micro)• 2009 – 0.4 % (Productivity increased)
Campus departments begin to use IT Services anti-virus solution
![Page 15: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/15.jpg)
Enough Protection? User Education• OS & application updates• Use anti-virus application & firewall• Use different web browser• Surfing carefully (Be careful with
popup, plug-ins, warnings, links.…)• Disable autorun
Security compliance monitoring
![Page 16: Trend Micro Deployment Kelvin Hwang IT Services University of Windsor](https://reader036.vdocument.in/reader036/viewer/2022083004/56649dba5503460f94aab0e5/html5/thumbnails/16.jpg)
Questions ?