DATASHEET

Trend Micro™

DEEP SECURITY™
Complete security for container, cloud, and virtualized data center environments

Virtualization has already transformed the data center and now organizations are Key Business Issues
moving their workloads to the cloud and container architectures. There are many Automated protection
advantages of hybrid cloud computing, however it also comes with new risks and Automate security using a rich set of
threats. Your organization must ensure you meet compliance requirements and have RESTful APIs and cloud templates to
security across all of your workloads, whether physical, virtual, cloud, or containerized. remove manual security processes and
reduce operational costs.
Trend Micro™ Deep Security™ provides comprehensive security in a single solution that
is purpose-built for virtual, cloud, and container environments. Deep Security allows for Unified security
consistent security, regardless of the workload. It also provides a rich set of application Deploy and consolidate security across
programming interfaces (APIs), so security can be automated and won’t impact your your physical, virtual, multi-cloud, and
containerized environments with a
teams.
single agent and platform.
BE POWERFUL BUILD SECURE Security for the CI/CD pipeline
Protect against vulnerabilities, malware, and Smart security controls that ensure you meet API-first, developer-friendly tools to
unauthorized change with the broadest range security and compliance requirements from help you ensure that security controls
of security capabilities the first build are baked into DevOps processes.
GET STREAMLINED SHIP FAST Accelerate compliance
Consistent protection and visibility, optimized Security that is connected through automation Demonstrate compliance with a number
for every part of your hybrid cloud and integration in your continuous integration/ of regulatory requirements including
continuous deployment (CI/CD) pipeline GDPR, PCI DSS, HIPAA, NIST, FedRAMP,
GO AUTOMATED
and more.
Connected security that can be integrated into RUN ANYWHERE
Dev and Ops processes to ensure adoption Security that is optimized for the place that
best suits your application

TRUSTED HYBRID CLOUD SECURITY

Full Life Cycle Container Security

Deep Security delivers advanced runtime protection for containers. Layered security defends against attacks on the host, the
container platform (Docker®), the orchestrator (Kubernetes®), the containers themselves, and even the containerized applications.
Designed with a rich set of APIs, Deep Security allows IT Security to protect containers with automated processes for critical security
controls. DevOps can leverage security as code by baking security into the CI/CD pipeline, reducing the friction that comes with
applying security in rapidly changing and evolving infrastructures. With Trend Micro™ Deep Security™ Smart Check’s build pipeline
image scanning, Deep Security provides full protection across the container life cycle.

Automated Cloud Security

Deep Security works seamlessly to secure dynamic workloads in the cloud, with automated discovery of workloads across cloud
providers including AWS, Microsoft® Azure®, Google Cloud™, and more. Deep Security’s single management console enables unified
visibility over all of your workloads and automated protection across a multi-cloud environment with consistent, context-aware policies.
RESTful APIs allow for integrated security with your existing toolset for automated security deployment, policy management, health
checks, compliance reporting, and more.

Virtualization and Data Center Security

Deep Security brings advanced protection to physical and virtual servers, enabling easy deployment and management
of security across multiple environments through automatic policy management and in the case of VMware®,
hypervisor-integrated agentless security. Deep Security protects virtual desktops and servers against
zero-day malware, including ransomware, cryptocurrency mining attacks, and network-based attacks
while minimizing operational impact from resource inefficiencies and emergency patching.

Page 1 of 5 • DATASHEET • DEEP SECURITY

 KEY ADVANTAGES

Advanced Threat Protection Unified Security for the Hybrid Cloud

•• Protect your critical servers and applications with advanced security •• Cloud and data center connectors automatically discover workloads
controls, including an intrusion prevention system (IPS), integrity running in your hybrid cloud environments for full visibility and
monitoring, machine learning, application control, and more. automated policy management.
•• Detect and block threats in real time with minimal performance •• Eliminate the cost of deploying multiple point solutions and achieve
impact. consistent security across physical, virtualized, cloud, and container
environments with a lightweight, single agent and management
•• Detect and block unauthorized software execution with multi-
console.
platform application control.

•• Shield known and unknown vulnerabilities in web, enterprise •• Ensure security at multiple layers of your container environments,
including protection for the host, the container platform (Docker) and
applications, and operating systems through an IPS.
orchestrator (Kubernetes), the containers themselves, as well as the
•• Advanced threat detection and remediation of suspicious objects containerized applications.
through sandbox analysis.
••Secure your container host with the same advanced host-based
•• Send alerts and trigger proactive prevention upon the detection of controls applied across your physical, virtual machine (VM), and
suspicious or malicious activity. cloud workloads

•• Secure end of support systems with virtual patches delivered via an ••Monitor for changes and attacks on Docker and Kubernetes
IPS, ensuring legacy systems stay protected from existing and future objects with integrity monitoring and log inspection capabilities
threats.
••Protect runtime containers through container vulnerability
•• Track website credibility and protect users from infected sites with shielding (via IPS), real-time malware protection, and east-west
web reputation threat intelligence from Trend Micro’s global domain- container traffic inspection
reputation database.
•• Enforce security early in the pipeline using Deep Security Smart
•• Identify and block botnet and targeted attack command and control Check’s advanced build-time and registry scanning, complementing
(C&C) communications. Deep Security’s runtime capabilities for protection across the
container life cycle.
•• Secure against the latest threats using threat intelligence from the
Trend Micro™ Smart Protection Network™, powered by Trend Micro’s •• Leverage Trend Micro’s tight integration with leading cloud vendors
market-leading threat research. such as AWS, Azure, and Google Cloud for unified visibility and
protection across your multi-cloud environment.

•• Enable service providers to offer customers a secure public cloud,

Support and Empower Incident Response Teams isolated from other tenants via a multi-tenant architecture.

•• Support incident response with server endpoint detection and •• Extend the benefits of microsegmentation in the software-defined
response (EDR) capabilities, including monitoring for indicators data center and leverage Deep Security’s integration with VMware to
of attack and blocking of suspicious applications and processes. automatically detect and apply context-based policies.

•• Integrate Deep Security with your security information and event

management (SIEM) to analyze telemetry data for advanced
threat hunting, indicators of compromise (IOC) sweeping, and
security orchestration, automation and response (SOAR) tools
for remediation and orchestration.

••When resources or time is limited, benefit from Trend

Micro’s Managed Detection and Response (MDR) service,
providing these capabilities as a managed service

Page 2 of 5 • DATASHEET • DEEP SECURITY

 Automate and Streamline Security Achieve Cost-effective Compliance
•• Automate security deployment, policy management, health •• Address major compliance requirements for the General Data
checks, and compliance reporting with Deep Security REST APIs. Protection Regulation (GDPR), Payment Card Industry Data
Security Standard (PCI DSS), Health Insurance Portability and
•• Reduce management costs by automating repetitive and resource- Accountability Act (HIPAA), and more with one integrated and
intensive security tasks, reducing false-positive security alerts, and cost-effective solution.
enabling a workflow for security incident response.
•• Provide detailed audit reports that document prevented attacks
•• Significantly reduce the complexity of managing file-integrity and compliance policy status.
monitoring with cloud-based event whitelisting and trusted events.
•• Reduce the preparation time and effort required to support audits.
•• Match security to your policy needs so fewer resources need to be
dedicated to specific security controls. •• Support internal compliance initiatives to increase visibility of
internal network activity.
•• Simplify administration with centralized management across Trend
Micro security products. Centralized reporting of multiple security •• Help consolidate tools for meeting compliance requirements with
controls reduces the challenge of creating reports for individual enhanced file integrity monitoring capabilities.
products.
•• Leverage proven technology certified to Common Criteria EAL 2
•• Connect security with your existing security and DevOps tools with and FIPS 140-2 validated.
integration for leading SIEM, security management, orchestration,
monitoring, pipeline, and IT service management tools. •• Enforce compliance across the development pipeline with Deep
Security Smart Check’s build-time and registry scanning for policy
compliance.

DEEP SECURITY DETECTION & PROTECTION CAPABILITIES

Network security tools detect and stop network attacks and shield vulnerable applications and servers
•• Host-Based Intrusion Prevention: •• Firewall:
Detects and blocks network-based exploits of known vulnerabilities Host-based firewall protects endpoints on the network using
in popular applications and operating systems using IPS rules. stateful inspection.

•• Web Reputation: •• Vulnerability Scanning:

Blocks known-bad URLs and websites. Performs a scan for known network-based vulnerabilities in the
operating system and applications.

System security tools lockdown systems and detect suspicious activity

•• Application Control: •• File Integrity Monitoring:

Blocks any executables and scripts that aren’t identified as known- Monitors files, libraries and services, and etc. for changes.
good applications or DLLs from installing/executing. To monitor a secure configuration, a baseline is created that
represents the secure configuration. When changes from this
•• Log Inspection: desired state are detected, details are logged and alerts can be
Identifies and alerts unplanned changes, intrusions, or advanced issued to stakeholders.
malware attacks; including ransomware as it is happening on your
systems.

Malware prevention stops malware and targeted attacks

•• Anti-Malware: •• Machine Learning:

i. File Reputation: Blocks known-bad files using our anti- Analyzes unknown files and zero-day threats using machine
malware signatures. learning algorithms to determine if the file is malicious.

ii. Variant Protection: Looks for obfuscated, polymorphic, or •• Sandbox Analysis:

variants of malware by using fragments of previously seen Suspicious objects can be sent to the Trend Micro™ Deep
malware and detection algorithms. Discovery™ network sandbox for detonation and extensive analysis
to determine if it is malicious. A confirmation and rapid response
•• Behavioral Analysis:
update is then provided back to Deep Security for the appropriate
Examines an unknown item as it loads, and looks for suspicious response.
behavior in the operating system, applications, and scripts—and
how they interact to block them.

Page 3 of 5 • DATASHEET • DEEP SECURITY

 BUILT FOR SECURITY IN THE CLOUD The Deep Security Scanner is a module
Deep Security is optimized for leading cloud providers’ infrastructures, including support of the that integrates with and protects SAP
most common operating systems: systems by integrating with the
SAP NetWeaver® virus scan interface.

CERTIFICATION FOR CLOUD

SERVICE PROVIDERS (CSPs)
Trend Micro’s CSP partner program is
Compatibility with configuration, event, and orchestration tools: a global validation program designed
for CSPs to prove interoperability with
industry-leading cloud security solutions
from Trend Micro.

ARCHITECTURE “Having a security partner

like Trend Micro, that keeps
Deep Security Agent up with modern technologies
Enforces the environment’s security policy (application control, anti-malware, IPS, firewall, integrity and advances threats in real
monitoring, and log inspection) via a small software component deployed on the server or VM being time, gives me confidence
protected (can be automatically deployed with leading operational management tools like Chef,
Puppet®, Ansible, and AWS OpsWorks).
that my workloads can be
protected at any time—even
Deep Security Manager as architectures shift”
Jason Cradit
Powerful, centralized management console: Role-based administration and multi-level policy Senior Director of Technology, TRC
inheritance allows for granular control. Task-automating features such as recommendation scan
and event tagging and event-based tasks simplify ongoing security administration. Multi-tenant
architecture enables isolation of individual tenant policies and delegation of security management to
tenant administrators.

Deep Security Virtual Appliance

Transparently enforces security policies on VMware vSphere® VMs. For VMware NSX®
environments, this provides agentless anti-malware, web reputation, IPS, integrity monitoring, and
firewall protection. A combined mode can be used where the virtual appliance is used for agentless
Trend Micro ZDI disclosed
anti-malware and integrity monitoring and an agent for IPS, application control, firewall, web 1,449 vulnerabilities in 2018.
reputation, and log inspection. This powers unmatched
timelines for virtual patches.
Global Threat Intelligence

Deep Security integrates with the Smart Protection Network to deliver real-time protection
from emerging threats by continuously evaluating and correlating global threat and reputation
intelligence for websites, email sources, and files.

Page 4 of 5 • DATASHEET • DEEP SECURITY

 SYSTEM REQUIREMENTS (Software as a Service (SaaS), Manager,
Virtual Appliance, and Agents)
•• Deep Security is available as a service and all management components are hosted and
maintained by Trend Micro. POWERED BY XGEN™ SECURITY

•• Deep Security is also available as a software or a virtual appliance to run in your data center or Deep Security is part of the Trend Micro
cloud. System requirements are available at the following URL: Hybrid Cloud Security solution,
https://help.deepsecurity.trendmicro.com/11_3/on-premise/Get-Started/Install/system- powered by XGen.
requirements.html

SUPPORTED PLATFORMS (For Agent)

•• As Trend Micro is constantly supporting new operating systems and versions, please refer to the
following URL for the complete list including Microsoft® Windows®, Linux®, Solaris, AIX, and
Docker containers:
https://help.deepsecurity.trendmicro.com/11_3/on-premise/Manage-Components/
Software-Updates/compatibility.html

DEEP SECURITY AS A SERVICE (DSaaS)

DSaaS gives you the proven protection of Deep Security without all the work. As a service
deployment, we do the heavy lifting for you. We manage regular product and kernel updates, set
up and maintain the security database, and administer the Deep Security manager. Our cloud-
based security offering enables quick setup, and automates and simplifies security operations for
cloud instances.

Key Benefits
• Fast: Start securing workloads in minutes • 
Saves time: We manage and update the
product so you can focus on your business
• 
Cost-effective: Usage-based pricing
starting at $0.01/hour • 
Proven: Protects thousands of customers
and millions of servers globally
• 
Simple: Multiple security controls in a
single product • 
Flexible: Purchase and procure through
AWS Marketplace to protect multi-cloud
environments

Key certifications and alliances

•• AWS Advanced Technology Partner
Flexible pricing to meet cloud needs
•• AWS Container Competency Partner
DSaaS usage-based pricing: •• Common Criteria EAL 2+
•• FIPS 140-2 validated
MICROSOFT AZURE
AWS EC2 INSTANCE SIZE
VIRTUAL MACHINE
HOURLY PRICE (USD) •• ISO 27001
•• PCI DSS
Micro, small, medium 1 Core: A0, A1, D1 $0.01
•• HP Business Partnership
Large 2 cores: A2, D2, D11, G1 $0.03
•• Microsoft Application Development
4+ cores: A3-A11, D3-D4, D12-D14, Gold Partner
XLarge and above $0.06
G2-G5, D3, D4, D12-D14, G2-G5 •• Microsoft Certified Partnership
•• SAP Certified (NW-VSI 2.0 and HANA)
•• VCE Vblock Validated
•• Virtualization by VMware
•• VMware Cloud on AWS Partner
•• VMware Global Partner of the Year

Copyright © 2019 by Trend Micro Incorporated. All rights reserved. Trend Micro,
and the Trend Micro t-ball logo, Deep Security, Trend Micro Deep Security
Antivirus for VDI, Trend Micro Deep Security Virtual Patch, Trend Micro Control
Manager are trademarks or registered trademarks of Trend Micro Incorporated.
All other company and/or product names may be trademarks or registered
trademarks of their owners. Information contained in this document is subject to
change without notice. [DS16_Deep_Security_Datasheet_190409US]

Page 5 of 5 • DATASHEET • DEEP SECURITY