Endpoint Security

Endpoint Security
By
Eng. Ahmed Hashem El Fiky
Network Security Engineer
Malware Analyst

Agenda
• Endpoint Categories.
• Endpoint Categories Features.
• Endpoint Categories Vendors.
• TrendMicro OfficeScan.
• Why TrendMicro OfficeScan?
• What are System Requirements?
• Device Location in your Business
• Initial Installation and configuration
• Add Features
• Testing

Endpoint Categories
• Endpoint Antivirus .
• Endpoint Security.
(Endpoint Detection & Response (EDR) Software or Endpoint Management Software)

Endpoint Antivirus Features
• Anti-Malware.
• Protection Against Browser Exploits.
• Anti-Virus.
• Anti-Trojan.
• Anti-Spyware.
• Anti-Worm.
• Anti-Rootkit.
• Virtualization Support
• Anti-Phishing.
• Secure Network.
• Email Protection
• Automatic Virus Updates.
• Automatic Program Updates.
• Heuristic Scanner.
• Remote Management.
Reference1: https://www.techradar.com/news/best-business-antivirus-8-top-paid-security-tools-for-small-businesses
Reference2: https://antivirus.bunifu.co.ke/important-features-to-look-for-in-an-antivirus/

Endpoint Antivirus Top Vendors 2018
• Avast Business Antivirus Pro
• Symantec Endpoint Protection 14
• Bitdefender GravityZone Business Security
• Avira Antivirus for Endpoint
• Kaspersky Endpoint Security Cloud 4.0
• Webroot SecureAnywhere Business Endpoint Protection
• F-Secure Client Security Standard
• Sophos Endpoint Protection Advanced
Reference: https://www.techradar.com/news/best-business-antivirus-8-top-paid-security-tools-for-small-businesses

Endpoint Security Features
• Firewall
• Antivirus solution
• Internet Security
• Encryption
• Device Firewalls
• Mobile Device Management
• Mobile Security Solutions
• Intrusion Detection Techniques
• Application Controls.
Reference: https://blog.comodo.com/endpoint-security/ten-best-features-of-effective-endpoint-security/

Endpoint Security Top Vendors 2018
• Carbon Black
• CrowdStrike
• FireEye
• Kaspersky Lab
• Symantec
• Trend Micro
Reference: https://solutionsreview.com/endpoint-security/endpoint-security-vendors-to-watch-2018/

Summary
Reference: http://www.asteknetsol.com/difference-between-endpoint-security-and-antivirus/

Why TrendMicro OfficeScan (EndPoint Security)?
• Protection Points
• Physical endpoints
• Virtualized endpoints (add-on)
• Windows PCs and Servers
• Mac computers
• Point of Sale (POS) and ATM endpoints
Reference: https://www.trendmicro.com/en_us/business/products/user-protection/sps/endpoint/officescan.html

Cont..
• Threat Protection
• High-fidelity machine learning (pre-execution and runtime)
• Behavioral analysis (against scripts, injection, ransomware, memory and browser attacks)
• File reputation
• Variant protection
• Census check
• Web reputation
• Exploit prevention (host firewall, exploit protection)
• Command and control (C&C) blocking
• Data loss prevention (DLP module)
• Device control
• Good file check
• Sandbox and breach detection integration

Cont..
• Also You can have it all
• Advanced malware and ransomware protection
• Connected threat defense
• Centralized visibility and control
• Mobile security integration
• Available on- premises or as a service

Cont..
• Maximum XGen™ security

Cont..
• Reduce user impact and management costs.
• you to deploy and manage OfficeScan from our cloud-based service and offers
feature parity with the on-premises option.
• Lightweight and optimized security uses the right detection technique at the right
time to ensure minimal impact on devices and networks.
• Comprehensive central view of endpoint status lets you quickly get visibility to
security risks.
• Automatic sharing of threat intelligence across security layers enables protection
from emerging threats across the whole organization.
• Enable off-premises compliance and protection with the Edge relay that enables
employees to work outside the corporate network and still connect to OfficeScan
without a VPN.
• Customizable dashboards to fit different administration responsibilities.
• 24x7 support means that if a problem arises, Trend Micro is there to resolve it
quickly.

Cont..
• Proven Security Partner
• Over 25 years of security innovation.
• Protects over 155 million endpoints.
• Trusted by 45 of the top 50 global corporations.
• Trend Micro placed Highest and Furthest in the Leaders quadrant for its
Ability to Execute and Completeness of Vision in the 2017 Gartner Magic
Quadrant for Endpoint Protection Platforms.

Cont..
• Customize your endpoint protection
• Data Loss Prevention (DLP) Module
• Security for Mac Module
• Virtual Desktop Infrastructure (VDI) Module
• Endpoint Encryption Option
• Vulnerability Protection Option
• Endpoint Application Control Option
• Endpoint Sensor Option
• Trend Micro™ Control Manager™ Module

TrendMicro OfficeScan System Requirements
• Server Requirements.
• OfficeScan Target Server
• OfficeScan Edge Relay Server
• Agent Requirements.

Minimum OfficeScan Target Server OS
• Windows HPC Server 2008 and HPC Server 2008 R2 (x64)
• Windows MultiPoint Server 2010 (x64) and 2012 (x64)
• Windows Server 2012 and 2012 R2 (x64) Editions
• Windows MultiPoint Server 2012 (x64) Editions
• Windows Storage Server 2012 (x64) Editions
• Windows Server 2016 (x64) Editions

Minimum OfficeScan Target Server Platform
Processor: 1.86 GHz Intel Core 2 Duo (2 CPU cores) or better
Memory:
1 GB minimum (2 GB recommended) with at least 500 MB
exclusively for OfficeScan (on Windows 2008 family)
2 GB minimum with at least 500 MB exclusively for
OfficeScan (on Windows 2010/2011/2012/2016 family)
Disk Space: 6.5 GB minimum, 7 GB minimum (using remote install)

Minimum OfficeScan Edge Relay Server Platform
Processor: 2 GHz Intel Core 2 Duo (2 CPU cores) or better
Memory: 4 GB minimum
Disk Space: 50 GB minimum
Operation System: Windows Server 2012 R2
Network Card: 1.2 network cards connect
1. One for intranet connection to OfficeScan Server
2. One for external connection to off-premises OfficeScan agents
2.1 network card configuration to use different ports for intranet and
internet connections
Database: 1.SQL Server 2008 R2 Express (or later)
2.SQL Server 2008 R2 (or later)

Minimum OfficeScan Agent OS
•Windows XP (SP3) (x86) Editions
•Windows XP (SP2) (x64) (Professional Edition)
•Windows 7 (with/without SP1) (x86/x64) Editions
•Windows 8 and 8.1 (x86/x64) Editions
•Windows 10 (32-bit and 64-bit)
•Windows 10 IoT Embedded
•Windows Server 2003 (SP2) and 2003 R2 (x86/x64) Editions
•Windows Compute Cluster Server 2003 (Active/Passive)
•Windows Storage Server 2003 (SP2), Storage Server 2003 R2 (SP2) (x86/x64) Editions
•Windows Server 2008 (SP2) (x86/x64) and 2008 R2 (SP1) (x64) Editions
•Windows Storage Server 2008 (SP2) (x86/x64) and Storage Server 2008 R2 (x64) Editions
•Windows HPC Server 2008 and HPC Server 2008 R2 (x86/x64) Editions

Minimum OfficeScan Agent OS Cont..
•Windows Server 2008/2008 R2 Failover Clusters (Active/Passive)
•Windows MultiPoint Server 2010 and 2011 (x64)
•Windows Server 2012 and 2012 R2 (x64) Editions
•Windows Storage Server 2012 and 2012 R2 (x64) Editions
•Windows MultiPoint Server 2012 (x64) Editions
•Windows Server 2012 Failover Clusters (x64)
•Windows Server 2016 (x64) Editions
•Windows XP Embedded Standard (SP1/SP2/SP3) (x86)
•Windows Embedded Standard 2009 (x86)
•Windows Embedded POSReady 2009 (x86), Embedded POSReady 7 (x86/x64)
•Windows 7 Embedded (x86/x64) (SP1)
•Windows 8 and 8.1 Embedded (x86/x64) Editions

Minimum OfficeScan Agent Platform
• Processor: 300 MHz Intel Pentium or equivalent (Windows XP, 2003, 7, 8, 8.1, 10 family)
• 1.0 GHz minimum (2.0 GHz recommended) Intel Pentium or equivalent (Windows Vista, Windows
Embedded POS, Windows 2008 (x86) family)
• 1.4 GHz minimum (2.0 GHz recommended) Intel Pentium or equivalent (Windows 2008 (x64),
Windows 2016 family)
• Memory: 256 MB minimum (512 MB recommended) with at least 100 MB exclusively for
OfficeScan (Windows XP, 2003, Windows Embedded POSready 2009 family)
• 512 MB minimum (2.0 GB recommended) with at least 100 MB exclusively for OfficeScan
(Windows 2008, 2010, 2011, 2012 family)
• 1.0 GB minimum (1.5 GB recommended) with at least 100 MB exclusively for OfficeScan (Windows
Vista family)
7 (x86), 8 (x86), 8.1 (x86), Windows Embedded POSReady 7 family)
7 (x64), 8 (x64), 8.1 (x64) family)
• Disk Space: 650 MB minimum

Location of the OfficeScan Target Server
• you can position a firewall between the OfficeScan server and its
agents.
• position both the server and all agents behind a single network
firewall.
• Note:
• If there is a firewall between the server and its agents, configure the firewall
to allow traffic between the agent and server listening ports.

Installation of OfficeScan Target Server
• Installing IIS web Server.
• https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-8/installing-iis-
8-on-windows-server-2012
• Installing OfficeScan XG.
• Download OfficeScan XG and Product patch from TrendMicro Download Center.
• Register Trial Key From TrendMicro.

Download OfficeScan XG
• http://downloadcenter.trendmicro.com/

Download OfficeScan XG Product

Download OfficeScan XG Product Patch
Reference: https://success.trendmicro.com/solution/1106091-types-of-fixes

Download OfficeScan XG Product Patch

Registration Key and Activation Codes
• During installation, specify the Activation Codes for the following services:
• Antivirus
• Damage Cleanup Services™ (optional)
• Web Reputation and Anti-spyware (optional)
• Use the Registration Key that came with the product to obtain Activation
Codes
http://olr.trendmicro.com
After registering the product, Trend Micro sends the Activation Codes.

TrendMicro OfficeScan Installation

TrendMicro OfficeScan Installation Cont..

• OfficeScan Agent Deployment:
• Conventional Scan Method
• agent stores all OfficeScan components on the agent endpoint and scans all files locally.
• Smart Scan Method
• agent first scans for security risks locally. If the agent cannot determine the risk of the file
during the scan, the agent connects to a Smart Protection Server.

• Install OfficeScan Product Patch XG.

TrendMicro OfficeScan Management
• Now we can access web console to manage.

TrendMicro OfficeScan Management Cont..

• Configure OfficeScan

• Create Package to install OfficeScan Agent.

• Share OfficeScan Agent to Installing.

TrendMicro OfficeScan Agent Installation

TrendMicro OfficeScan Agent Management

Endpoint Security

More Related Content

What's hot (20)

Similar to Endpoint Security (20)

More from Ahmed Hashem El Fiky (7)

Recently uploaded (20)

Endpoint Security