View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
November 14, 2005

Trend Micro plans UTM for high throughput

Trend Micro Inc is developing a unified threat management offering for high-throughput enterprise environments, to be launched in the first quarter of 2006, according to CEO Eva Chen.

By CBR Staff Writer

The Cupertino, California-based ISV is one of the Big 3 in anti-virus software and, claims Chen, has just overtaken McAfee Inc specifically in the enterprise AV market, which is led by Symantec Corp.

This summer it beefed up both its anti-spam and anti-spyware offerings through acquisition: in June it bought Kelkea for its IP reputation services and behavioral analysis and in May it acquired Intermute for anti-spyware, with an API to facilitate its bundling with existing Trend products.

As a result, a UTM offering is clearly in the pipeline, though without the firewall/VPN or IDS/IPS technologies that other multi-function perimeter security devices offer.

The rationale here is dictated by marketing policy rather than technology: Trend has an alliance with Cisco to deliver on its devices the security functionality the networking giant doesn’t want to develop itself.

Cisco has its firewall/VPN and IDS/IPS, so Trend won’t go there, in order not to compete head-on with its go-to-market partner. By contrast, both Symantec and McAfee compete with Cisco in firewall/VPN and IDS/IPS.

At the moment, Cisco is offering Trend’s flagship AV technology, having just announced an extension with a pre-emptive capability to block suspect requests prior to a signature being produced. Adding anti-spam and anti-spyware from Trend would clearly be a logical addition, though Chen said Trend would also look at delivering UTM as a Trend-branded appliance.

Trend is not the first security vendor to seek to address the performance hit that comes from turning on all the functions on the current generation of UTM devices. Taiwanese networking vendor D-Link is readying a U box for launch at the end f the first quarter of 2006 using dedicated silicon to offload some of the processing that full-blown UTM implies.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Chen would not be drawn on whether Trend is looking at such hardware-accelerated inspection, but she did acknowledge that current UTM, which generally entails multiple software functionality bundled onto industry-standard servers, is challenged in terms of performance.

Several infosec vendors like ISS and McAfee have unveiled plans for carrier-class products to handle throughputs of 100Mbps, enabling network operators to offer clean WAN services and internet access to enterprise customers.

In that scenario, however, Chen is sceptical of the appliance approach, arguing that it might be OK if all you’re doing is inspecting packets [i.e. at Level 2], but if you want to do full-stack inspection [i.e. L2-L7], the best way is to integrate with existing network infrastructure, not least because there’s no one place in such networks that you can capture everything. In other words, in such environments, Trend will go in on Cisco kit.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.