1、Enterprise Segment惡意軟件的安全威脅和防護惡意軟件的安全威脅和防護Presented by Pan WongTrend MicroDate: 16 Nov 20052Enterprise SegmentAgenda1. Network Virus threat 2. Hottest threat Spyware!3. Mobile Security threat4. All time threat - Spam mails5. Summary6. Q 2- TrendLabs7Enterprise Segment336 daysNimda185 daysSlammerBusi
2、nesses Cant Keep Up AnymoreSource: Trend MicroWindow between vulnerability announcement and outbreak is shrinkingVulnerabilityAnnouncedMSBlaster.A26 daysVulnerabilityAnnouncedVulnerabilityAnnounced18 daysSasserVulnerabilityAnnouncedVulnerabilityAnnounced4 days!Zobot.A8Enterprise SegmentApplication v
3、s. Network Layer Virus ScanningApplication Layer ScanningNetwork Layer ScanningData transferred over the network is broken into “packets”.File/Application layer scanning (antivirus products) requires reassembly into a file a network virus can reside on a single “packet” and enter a destination undet
4、ectedNetwork layer scanning examines each “packet”, identifying network viruses Both application and network layer threats exist today Both application and network layer solutions are recommended for comprehensive protection9Enterprise SegmentTraditional Virus ScanningPhysicalNetworkApplicationFilePhysicalNetworkApplicationDiskDiskFileComputer 1Computer 2Network Virus packets bypass traditional scanning10Enterprise SegmentNetwork Virus ScanningPhysicalNetworkApplicationFilePhysicalNetworkApplicationDiskDiskFileHost 1 Host 2Network Virus packets are dropped at network layer
