 |
Page 8 of 8
« Previous Page
The reporting system in TMAS provides the core metrics an administrator would want, but you cannot save or customize any of
the reports. For instance, I was not able to specify a date range or domain to view inside a specific report.
Trend Micro Anti-Spyware for Small and Medium Business is a step in the right direction, but the passive real-time protection
and mediocre reporting make it less attractive for larger installations. The clean-cut user interface makes configuration
and deployment a breeze, and the cleaning engine is up there with the best.
Webroot Spy Sweeper Enterprise 2.5
With the recent release of Spy Sweeper Enterprise 2.5, Webroot has put together a solid yet still easy-to-manage anti-spyware
solution. Spy Sweeper scales well, has good real-time protection, and is easy to use and maintain. It does, however, suffer
from some of the same problems plaguing other solutions, namely lackluster reporting. Overall, however, it proved to be a
well-rounded solution to enterprise anti-spyware security needs.
Spy Sweeper Enterprise does not include anti-virus protection but ran fine alongside my Norton AntiVirus installation and
the Windows XP firewall. Installation of the management console on my Windows 2000 Server was as easy as it comes. Client
deployment was a little rougher than most other products. Even though Spy Sweeper identified all of my domains and clients,
I was not able to push-deploy the agent to an uninstalled client. I believe it was a user name and rights issue, but unfortunately,
as of this writing, I was not able to confirm this with Webroot support. Installation via file share using the Spy Sweeper
MSI package worked flawlessly.
Defining a policy for Spy Sweeper means deciding which drives and folders to scan, whether to perform additional sweeps of
memory and the Registry, and if the agent should pop up or stay hidden during a scan. Each of these items has a check box
to enable the end-user to modify the settings, which is nice for power users, but it should be left off (default state) for
normal clients.
Real-time protection comes in the way of Smart Shields. These various shields protect the Windows system, Internet Explorer,
and Startup locations. A Spy Installation Shield uses known spyware definitions to block processes from running. It also allows
administrators to define custom lists of applications they don’t want running on a client; for instance, instant messaging
or a p-to-p client . I tested this by adding sol.exe to the custom list, and after letting the policy update, when I tried
to launch Solitaire, Spy Sweeper didn’t even let it begin to load. To the end-user, it simply didn’t look like it even tried
to launch. This process only works on explicit file names and not CRC (cyclic redundancy check) or MD5 hashes, so it is possible
for someone to circumvent this protection if he or she really wanted to.
Real-time protection was better than average, but even Spy Sweeper didn’t stop all of the spyware attacks. It did, however,
scan and clean all of the pests that left traces behind, proving to have the best remediation of all apps tested.
The Enterprise Admin Console is at times very intuitive; other times, it’s completely disorganized. As with F-Secure, occasionally
I found myself jumping between groups of tasks to manage similar functions. Also, the console is currently Java-based and
feels a bit sluggish as a result. Future releases are scheduled to have a Web-based UI to help speed admin chores.
Reporting is good, but there is room for improvement. Admins can choose from predefined templates and create reports based
on workstation and group and also filter on date. Graphical reporting is new to Spy Sweeper Enterprise, but customization
and reuse of reports is not available.
Overall, Spy Sweeper Enterprise provides all of the necessary parts to the anti-spyware solution. It has excellent real-time
protection and remediation and a full slate of options that allows for flexible yet powerful protection. Once the reporting
gets up to speed, it will be hard not to choose Spy Sweeper as your enterprise anti-spyware tool.
It’s All About the People
In the end, a network’s security is only as good as the people who use it. Tools like these will help ease administrator’s
jobs some by providing reporting and logging of user activity and the programs they try to run. All the tools in the world,
however, will not prevent a user from copying files to a PC or installing an unapproved application. The enterprise must establish
an acceptable use policy for the network and enforce it.
Spyware attacks are only going to continue to gain in frequency and cleverness. Unlike viruses, spyware and adware have a
financial goal driving them, and you can bet those spyware writers are doing everything they can to access your network. Make
sure you make their job even harder.
Computer Associates eTrust PestPatrol Anti-Spyware Corporate Edition r5
Computer Associates, ca.com
|
| Good 7.6 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
 |
| Management |
7 |
20% |
|
| Reporting |
6 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
7 |
10% |
|
|
|
Cost:
For 100 users, $39.95 per user
Platforms:
Compatible with Windows 98 and later
Bottom Line:
Computer Associate’s eTrust PestPatrol provides very good detection and removal of installed spyware. Its administrative UI
is easy to install, maintain, and use, but its reporting is very limited. Real-time detection and prevention of initial spyware
installation is very weak: It allows spyware to install but prevents the processes from running.
|
|
About our Reviews and Scoring Methodology
|
|
Eset NOD32 2.5 Antivirus System
Eset, eset.com
|
| Good 7.2 |
|
| criteria |
score |
weight |
| Effectiveness |
7 |
50% |
|
| Management |
7 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
7 |
10% |
|
| Value |
7 |
10% |
|
|
|
Cost:
$2,060 for 100 enterprise users
Platforms:
Windows 95 and later, Linux OS Linux (Kernel 2.2.x, 2.4.x and 2.6.x, glibc 2.2.5 or higher); Novell NetWare 4.x and later
Bottom Line:
NOD32 Antivirus System has the potential to be a major anti-spyware player with a few enhancements, such as smoother, more
streamlined installation. Policies are flexible but building them is a chore. Reporting is very strong, allowing for many
different views into workstation histories. Detection and prevention is merely average: A small group of spyware slipped through.
|
|
About our Reviews and Scoring Methodology
|
|
F-Secure Anti-Virus Client Security 6
F-Secure, f-secure.com
|
| Excellent 9.3 |
|
| criteria |
score |
weight |
| Effectiveness |
10 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
For 100 users, $29.75 per user
Platforms:
Server: Windows 2000/XP/2003; client: Windows 2000/XP, F-Secure Policy Manager Console
Bottom Line:
F-Secure has rolled anti-virus, anti-spyware, and personal firewall protection into a single package. It has the best real-time
protection of any products in this roundup, stopping all attempts. On previously infected systems, detection and removal were
also first rate. Reporting is excellent, but it suffers from some organizational issues in the administrative UI.
|
|
About our Reviews and Scoring Methodology
|
|
LANDesk Security Suite 8.6
LANDesk, landesk.com
|
| Excellent 8.7 |
|
| criteria |
score |
weight |
| Effectiveness |
9 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
10 |
10% |
|
| Setup |
8 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $5,900 for the first year, $2,900 each year after
Platforms:
Server: Windows 2000/2003 Server; client: Windows 95 and later, Mac OS 9.22 and later, HP-UX, IBM AIX 5.1, NetWare 6.0, 6.5,
Red Hat Linux 7.3, 8.0, 9.0, Solaris 8, Suse Linux 9.
Bottom Line:
LANDesk Security Suite scales to any size and complements the already strong LANDesk product family. It has very good detection
and remediation, and its real-time protection is above average, although an IE toolbar did slip through. Reporting is top
notch but administrative overhead is considerable.
|
|
About our Reviews and Scoring Methodology
|
|
McAfee VirusScan Enterprise 8.0 with Anti-Spyware Enterprise Module 8.0
McAfee, mcafee.com
|
| Very Good 8.2 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
10 |
10% |
|
| Setup |
8 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $16 per user with 1-year support
Platforms:
Server: Windows NT 4 Server, Windows 2000/2003 Server; client: Windows NT 4, Windows 2000/2003/XP
Bottom Line:
The addition of Anti-Spyware Enterprise Module to VirusScan Enterprise provides a very scalable platform for protecting your
network from spyware and viruses. Reporting capabilities are excellent, but real-time protection is only average. Administration
is more difficult than that of most of the other products.
|
|
About our Reviews and Scoring Methodology
|
|
Sunbelt CounterSpy Enterprise 1.5
Sunbelt Software, sunbelt-software.com
|
| Very Good 8.5 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
For 100 users, $17.95 per user
Platforms:
Server: Windows 2000 and later; client: NT4 SP6a, Windows 98SE and later
Bottom Line:
CounterSpy Enterprise was one of the easiest products to install and maintain. Its real-time protection allows spyware to
install before terminating it, but its on-demand detection and remediation is very good. Reporting is good, but not as strong
as that of some others in this roundup.
|
|
About our Reviews and Scoring Methodology
|
|
SurfControl Enterprise Protection Suite - Enterprise Threat Shield
SurfControl, surfcontrol.com
|
| Very Good 8.3 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $1,530 for a perpetual, one-time purchase. Annual subscription to the Threat Shield databases, $1,874
Platforms:
Server: Windows Server 2000/2003; client: Windows 98/ME and later
Bottom Line:
SurfControl Enterprise Threat Shield is straightforward to install, and administration isn’t overly complex. Real-time protection
proved better than average. It relies, however, on being connected to a management server, so disconnected users lose some
protection. It has a very small memory footprint, even during an on-demand scan. Its reporting engine is very capable.
|
|
About our Reviews and Scoring Methodology
|
|
Tenebril SpyCatcher 4.0 Beta
Tenebril, tenebril.com
|
| Beta |
|
Cost:
For 100 users, $26.40 per user.
Platforms:
Server: Windows 2000/XP/20003; client: Windows 2000/XP/2003
Bottom Line:
SpyCatcher is an easy-to-deploy-and-administer anti-spyware solution with great detection and remediation. Real-time protection
doesn’t block spyware installations but does stop any process from launching. Reporting is good, but it lacks customization.
|
|
About our Reviews and Scoring Methodology
|
|
Trend Micro Anti-Spyware for Small and Medium Business 3.0
Trend Micro, trendmicro.com
|
| Very Good 8.1 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $17.85 per user
Platforms:
Server: Windows XP/2000/20003; client: Windows XP/2000/2003
Bottom Line:
Anti-Spyware for Small and Medium Business likely will be one of the best anti-spyware products available, once it matures
a little more. Real-time protection allows spyware to install before clamping down on it. On-demand scans and cleans work
well and remove any traces of spyware from a PC. Reporting could be made a little stronger if there were customization options.
|
|
About our Reviews and Scoring Methodology
|
|
Webroot Spy Sweeper Enterprise 2.5
Webroot, webroot.com
|
| Excellent 8.8 |
|
| criteria |
score |
weight |
| Effectiveness |
9 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 clients, $25.97 per client
Platforms:
Server: Windows NT 4.0 and later; client: Windows 98SE and later
Bottom Line:
Spy Sweeper is one of the best all-around anti-spyware tools. It offers good real-time protection and excellent detection
and remediation. Spy Sweeper is flexible enough that administrators can easily create policies based on specific needs. Reporting
would be better if it allowed for customizable reports.
|
|
About our Reviews and Scoring Methodology
|
|
|
|
Keith Schultz is president of NetData Consulting Services.
|
|
|
|
- Special Advertising Partners -
|
|
|
|
|
WHITE PAPERS
|
|
|
|
|
|
Technology White Papers by Topic |
|
Technology White Papers E-mail Alert |
|
|
|
Find out when the latest white paper is available:
|
|
|
|
|
|
|
INFOWORLD MARKETPLACE
|
|
|
|
|
|
» BUY A LINK NOW
|
|
|
|
|
|
| FIND PRODUCTS AND COMPANIES |
|
|
What's the 411 on GOOG-411?
Just as Google has become synonymous with "performing a Web search," 411 is understood to mean "information" -- as in "what's the 411?" I was thus surprised to discover, from a billboard, no less, that the king of search is taking on the ...
Apple HTML source reveals 'iPhone Extreme'
"This one's a stretch..." reports AppleInsider.
Um, yeah. Reporting on HTML code sightings of product names could be called a stretch, but iPhone Extreme has a ring to it.
Now, that sounds like the product Apple should have released first, rather ...
Open Sources 
Product Management
When I joined MySQL four years ago, there was quite a lot of debate about product management. We didn't actually have ...
Zero Day
Botnet herders tending smaller flocks
New research backs up the theory that botnet operators are keeping their networks smaller in a continued effort to keep ...
|
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...