Trend Micro InterScan Web Security

2018: Fragments of the Trend Micro code are copied in SiliVaccine

The Check Point Software Technologies company announced on May 7, 2018 identification of the facts of copying of fragments of a program code of solutions of Trend Micro company during the research of the North Korean antivirus software SiliVaccine.

Specialists of Check Point received a rare sample of the antivirus software SiliVaccine from the journalist to whom they sent it by e-mail. After the detailed expert analysis of SiliVaccine researchers of Check Point found out that the whole pieces of a program code of SiliVaccine completely copy solutions on cyber security of Trend Micro. Moreover, all coincidence is well disguised by founders of SiliVaccine, noted in the company.

Specialists of Check Point carried out the further analysis of files and found out that the program blocks all known signatures of malware, except one, the unknown so far.

Besides, the research showed that JAKU malware disappeared in an antivirus of SiliVaccine. The JAKU file is signed with certificates of a certain company Ningbo Gaoxinqu zhidian Electric Power Technology Co., Ltd, the same company whose certificates were used for signing of files of the known APT attack of Dark Hotel.

Check Point notified Trend Micro company on the find. As experts of Trend Micro specified, having got acquainted with SiliVaccine code samples, in this antivirus software the module which is based on already outdated version (10-year) of once widespread solution Trend Micro scan engine which, in turn, was applied in a number of own products of the company is used.

Trend Micro could not assume a possible source of leak of the code as the company never did business in North Korea. Nevertheless, in the company consider similar use of the code of its development violating conditions of the license and illegal, however do not intend to submit a claim on SiliVaccine developers.

2011: InterScan Web Security 5.5

The Trend Micro company submitted in August, 2011 the new version of the solution InterScan Web Security 5.5 for protection of corporate network of the threats connected with use of web applications and web browsing at the level of the gateway of Internet access. Representing the powerful gateway which protects the corporate channel of access in the Internet, the InterScan Web Security 5.5 system provides deeper control over the growing use of cloud applicaions, including Internet pagers, file exchange networks, video and audio-applications and also web mail.

The web gateway Trend Micro InterScan Web Security 5.5 offers corporate customers excellent protection against Internet threats together with reducing costs of security due to consolidation of servers in a data processing center. Such consolidation became possible at the expense of a possibility of start of a system on "naked iron" and also on hypervisors VMware and Microsoft Hyper-V. Together with InterScan Web Security 5.5 it is possible to implement the separate module Advanced Reporting and Management (the expanded reporting and management) which provides the centralized traffic observation in networks, detailing of chronology of reports and also management of politicians.

Unlike many other solutions for protection of corporate network at the level of the web gateway, Trend Micro InterScan Web Security 5.5 offers detailed control of applications with complete fixing of all traffic of all applications on all ports: many competing solutions apply politicians of restrictions only to those protocols and ports for which can act as the proxy server. In particular, detection and tracking more than 420 standard internet protocols and also thousands of popular Internet-applications is supported.

For the best protection against the newest and deeply disguised web threats Trend Micro InterScan Web Security 5.5 offers profound inspection of HTTP packets with a possibility of filtering on any signs. Ready set the politician of filtering allows administrators to set some standard restrictions quickly: permission or prohibition on the publication given by users on social networks, permission to sending certain types of investments through public services of web mail and also the list of browsers (and versions) which can be used for an Internet access. In addition administrators can collect standard traffic from certain applications to create own filters for application of any necessary policy.

Except standard actions of the Permit, Block, Trace and Warn type, the filtering mechanism to the addresses URL supports several additional functions now. In particular, limits of time allow administrators to set limit general operating time with the external websites in working and time off. It is also possible to set restrictions on the permitted addresses or categories of the websites in a certain time of day, and still if necessary it is possible to issue temporary permissions to full access to some users if it is necessary. One more function under the name Password Override allows administrators to appoint certain users who can once bypass the set blocking on access to some website, having just entered the special password in the browser.