Network VirusWall Enforcer
Control access to your network with Trend Micro Network VirusWall Enforcer. This plug-n-protect, agentless network access control (NAC) appliance controls network access by ensuring devices—managed or unmanaged, local or remote—comply with corporate security policies—before they can access the network. Extend secure network access to remote and mobile employees, contractors, partners and customers without excessive administrative costs.
- VirusWall Enforcer Datasheet 0.12MB
Plug-and-protect security policy enforcement
Trend Micro Network VirusWall Enforcer controls access to the corporate network to ensure that all devices - managed or unmanaged, local or remote - comply with corporate security policies before they connect. It prevents threats from entering the network by scanning devices for the most up-to-date security software and critical Microsoft patches.
As an agent-less solution, it has minimal impact on client devices and requires no end user intervention. Non-compliant devices are immediately quarantined and sent through automatic remediation. As soon as a device is cleaned and meets the security requirements, it is allowed access to the network.
Network VirusWall Enforcer also filters network traffic to detect and block network worms and BOTs-with zero false positives. The easy-to-manage appliance isolates infected areas from the rest of the network so threats cannot spread.
Reliable access control. No need for a pre-installed agent.
Network VirusWall Enforcer does not require an agent to be pre-installed on a device. This plug-n-protect NAC appliance provides the tools you need, when you need them - including the following:
- Remote Port Scan - It can check any device that connects to the network-managed or unmanaged-by performing a network port scan remotely. This ensures everyone-even partners, contractors, and visitors-can connect to your network using a secure, virus-free device.
- Temporary Dynamic Scan - A temporary dynamic agent can be installed on any device through the Web browser in order to collect more details on the security profile of the device - including information about hundreds of versions of antivirus software and recent MicrosoftTM vulnerabilities. Plus, as a unique feature, it can check registry parameters, enabling administrators to set more precise security policies. The entire scan process is fully automated and does not require end user intervention.
- On-Demand Security - If a device does not have any security software installed, the appliance can be configured to automatically install an on-demand security agent on the device for temporary real-time protection while the user remains connected to the corporate network. - If a device does not have any security software installed, the appliance can be configured to automatically install an on-demand security agent on the device for temporary real-time protection while the user remains connected to the corporate network.
Security Policy Enforcement
IT administrators can define granular security policies to filter network traffic and block specific file transfers, file type extensions, instant message channels, a range of addresses or an individual IP/MAC address, and TCP/UDP ports and protocols. In addition, Network VirusWall Enforcer can automatically check for the latest signatures from different vendors so policies always remain current.
Flexible Quarantine and Automatic Remediation
When a device violates security policy, Network VirusWall Enforcer quarantines it to a pre-defined virtual local area network (VLAN) for automatic remediation. For local or remote machines, automatic remediation removes malicious remnants and spyware, repairs system modifications and registry, terminates virus processes and threads in system memory, and restores damaged files. As soon as a device meets security policy requirements, network access is allowed.
Network Worm Prevention
Network VirusWall Enforcer filters network traffic to stop worms and BOTs. With the use of vulnerability signatures, it can also block variants of a threat. In the rare case a new worm does invade, infected network segments are isolated so the threat cannot spread.
Ease of Management
As a true plug-and-protect appliance, Network VirusWall Enforcer offers flexible management options whether the deployment is standalone or complex. Standalone appliance deployments can be managed from a built-in Web console while complex deployments of several Network VirusWall Enforcer appliances can be managed using Trend Micro Control ManagerTM, a single central console.
Network VirusWall Enforcer Flexible Deployment Options
Network VirusWall Enforcer appliances offer flexible deployment options for single or multiple network segments, remote VPN users, unmanaged users, or mission-critical applications.
- Local users: Protects up to four segments from the network as well as from each other
- Remote users: Protects the network from VPN users at home or branch office
- Unmanaged users: Protects the network from unmanaged devices of non-employees
- Mission-critical applications: Protects mission-critical server farms
