Trend Micro Smart Protection Complete
Smart Protection Complete starts at £39/year for 500+ users. Smart Protection for Endpoints, which excludes Gateway, Office365 cloud app security and mail/collaboration server components, starts at £20/year in similar volume.
Strengths: Significant entry into the anti-ransomware market for its completeness, ease of deployment and overall ecosystem. We especially like the encrypted file rollback feature.
Weaknesses: None that we saw.
Verdict: This is absolutely a world-class anti-ransomware product in a world-class ecosystem. Using the associated products, you can build out a solid security framework in your enterprise. For its completeness and solid competence, we make this our Best Buy this month.
This is a combination product in that it covers all three phases of a ransomware attack. It can recognise ransomware in a phishing email and, should ransomware enter the system, it prevents it from detonating successfully. If it should be able to bypass protection, the tool stops it rapidly and rolls back any damaged files that the ransomware was able to encrypt.
To begin our testing, we selected the Client environment with the following applications already installed: Vulnerability Protection, Control Manager, File Server WIN2012-DC, OfficeScan, Endpoint Application, and Credit Card details text file with sample test data.
In this attack scenario, it is assumed that first phase (pre-infection) defences have been breached, with second and third phases of the ransomware lifecycle in play. The infection began on our target (virtual) endpoint machine containing a folder with 10 sample files. Within the next three to five seconds, Trend Micro OfficeScan XG agent stopped the encryption attack-in-progress, automatically restored the first files affected by the attack, and immediately displayed a "Threats/Violations Found" alert screen.
Evidence of unauthorised encryption event can be further examined using the drill-down feature of the alert screen, along with other verification indicators available in OfficeScan dashboards and reporting options. Trend Micro Smart Protection Complete with OfficeScan XG agent is clean and straightforward, dashboards are very intuitive and easy to navigate. Agent Management is point-and-click through the components mentioned above. There is a provision for whitelisting any authorised encryption that might be used legitimately in the enterprise.
As part of the Smart Protection Complete offering, Trend Micro also includes "Connected Threat Defence" ecosystem, which provides an advanced way of protecting against targeted and ransomware attacks by extending interoperability across different protection nodes. Whenever a suspicious file (like ransomware) is detected at the endpoints, network, web or email, that file is sent to and detonated in the sandbox and if is determined to be malicious.
Connected Threat Defense is capable of generating a rapid response signature on the fly, without the need for sending samples to TrendLabs, and deploys the protection for all endpoints, mail servers and gateways automatically.
7/24 support is standard, including both email and phone support, and there are extra cost assistance offerings for special circumstances. The website is what you would expect of a company such as TrendMicro. It is complete, has access both to the support portal and to additional resources, such as knowledgebase and FAQ.
Overall, this is a very complete system. Even so, it integrates, as one would expect, with other TrendMicro tools to provide a complete TrendMicro ecosystem. The document library on the web portal is one of the most complete we've seen and the documentation is solid and easy to use. We perused some documentation for products other than the one we are reviewing and found style and substance to be consistent. Having known TrendMicro products almost since their inception and having known personally the founders and the current CEO, this is no surprise to us. The company has always been meticulous in development, support and documentation of its products. This is just another solid example.
(Judy Traub contributed to this review)