Network VirusWall is a reliable security device that delivers a full set of capabilities including:
Network VirusWall scans every packet passing through it in real-time, takes the initiative to mitigate imminent threats and outbreaks, sends logs to Control Manager, and sends an alert message through the Control Manager Event Center.
To deploy a Network VirusWall device:
Ensure that a Control Manager server is available in the targeted network.
Perform a pre-configuration procedure to configure device and network settings. When you connect Network VirusWall to your network, the device automatically registers to the Control Manager server.
Refer to the Network VirusWall documentation for detailed deployment information.
Central administration from the Control Manager management console
Network VirusWall automatically registers with the Control Manager server after pre-configuration, allowing you to manage the device from the same Control Manager management console you use to manage other antivirus and content security installations.
The built-in firewall helps prevent attacks aimed at Network VirusWall. It prevents ICMP packets from reaching the device. However, this setting is configurable. Use the Pre-configuration console to enable or disable ICMP requests from other computers. Refer to the Network VirusWall Administrator's Guide for instructions.
Manual or scheduled component updates
Network VirusWall can obtain network virus patterns, network scan engines, outbreak rule files, and program files from the Trend Micro ActiveUpdate server or a specified update source manually or automatically.
If an outbreak occurs, Network VirusWall isolates the infected part of the network, helping prevent the spread of infection.
Outbreak Prevention Policy support
Network VirusWall receives Outbreak Prevention commands from the Control Manager server. Network VirusWall can block the following:
IP addresses– a single destination IP address or a range of addresses
Protocols– TCP, UDP, or ICMP protocols
Ports– a single destination port or a range of ports
Instant Message channels– AOL�, ICQ�, MSN� Messenger, and Yahoo!� Messenger
File transfers– file names or extensions transferred through FTP, HTTP, and Windows network file sharing protocols
Network VirusWall monitors network traffic for suspicious activity that may signal an attack or virus infection, sends logs to Control Manager, and sends an alert message through the Control Manager Event Center.
Network VirusWall Policy Enforcement
Configure policy enforcement to block, pass, or redirect HTTP traffic from clients based on the following criteria:
Outdated pattern file and scan engine versions for Trend Micro antivirus products
Identifiable third-party antivirus installation
Windows clients with no antivirus installation
Unidentifiable antivirus installations or unsupported operating system
Trend Micro Vulnerability Assessment (VA) detects and identifies vulnerable clients.
View summary tables of clients that are infected and clients that violate Network VirusWall Policy Enforcement.
Trend Micro Vulnerability Assessment (VA) support
Vulnerability Assessment (VA) is a Control Manager service that identifies vulnerable clients on the network. Network VirusWall can query VA to find out which clients are vulnerable to attacks or virus infections and block or pass traffic from the clients.
Trend Micro Damage Cleanup Services (DCS) support
Damage Cleanup Services (DCS) is a Control Manager service that repairs damaged systems and eliminates threats that may remain on the network. If an outbreak occurs, Network VirusWall can request DCS to clean up any infected machines.
Virtual Local Area Network (VLAN) support
Using the Preconfiguration console, create and edit Virtual Local Area Network (VLAN) tags that conform to the existing VLAN rules on your network.
Simple Network Management Protocol (SNMP) v2 support
Configure Simple Network Management Protocol (SNMP) notification settings to have Network VirusWall send traps to a network management station. In addition, configure SNMP agent settings, which add security to SNMP communications.
Network VirusWall 2500 is the high-capacity, gigabit-capable device in the Network VirusWall product line. This model provides the following new features:
The five (5) user-definable Copper LAN ports plus one (1) fiber card offer high-performance gigabit connectivity. This allows a Network VirusWall device to support up to four (4) virtual LANs (VLANs).
The gigabit platform has both copper and fiber-optic interface connectivity that allows full-duplex operation in 1000Mbps mode. This high bandwidth helps protect network continuity through failopen, failover, and port and device redundancies.
The new hardware design helps Network VirusWall to:
Achieve high availability
Support one million concurrent sessions and 4096 concurrent clients during policy enforcement
Network VirusWall 2500 achieves high availability (HA) using the following solutions:
Redundant ports
Redundant devices
Fault tolerance solutions
Configurable interface speed and duplex mode
Use the Preconfiguration console to set the interface speed and duplex mode.
In addition, Network VirusWall 2500 provides the following enhancements from Network VirusWall 1200:
Ability to import and export the Network VirusWall configuration file through the Preconfiguration console (useful for backup purposes)
Capability to allow ICMP request from other computers for device troubleshooting
Send a ping request to the Network VirusWall device to determine whether it is still up and running.
Support for additional identifiable Trend Micro products
Network VirusWall can now identify Trend Micro Internet Security installations.
Additional device and system options
Use the Control Manager management console to specify whether to display Windows popup messages when Network VirusWall blocks a client's access attempts.
In addition, use the management console to easily locate a Network VirusWall Enforcer 2500 device for troubleshooting or maintenance by turning on the UID.
See the list of Network VirusWall 2500 documentation for additional references.