Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Antispyware: Webroot Software's Spy Sweeper Enterprise

Webroot Software's Spy Sweeper Enterprise

This article can also be found in the Premium Editorial Download: Information Security magazine: How security pros can benefit from information sharing:
Spy Sweeper
Webroot Software
Price: Starts at $39.95


Spy Sweeper

If spyware was only a desktop problem on home PCs, vendors wouldn't be rushing to get enterprise-grade products to market. Webroot has expanded on its respected workstation product with Spy Sweeper Enterprise, complete with client-server technology that gives security managers the ability to install, update and monitor distributed scanners from a central console.

Spy Sweeper is a good first effort with some strong management features, but it lacks a Web-based console and strong reporting capabilities.

Spy Sweeper can be distributed in minutes through login scripts or Active Directory group policies. The management console can be configured to poll Webroot's update server for malware updates.

The versatility of Spy Sweeper's admin console is impressive, enabling security managers to organize clients into logical groups for flexibility and multiple configurations. Policies can be applied globally, by group or individually. For example, the users in the management group may have a policy that dictates their workstations are scanned at 6 p.m., while the operations group is scanned at 1 a.m.

Spy Sweeper configurations are also controlled through Active Shields, which are simply configuration locks that prevent malware from doing such things as hijacking a browser or resetting the home page.

Spy Sweeper's scanning schedule is equally flexible and offers on-demand scans, a feature that comes in handy when a keystroke logger suddenly shows up on the network.

Nevertheless, Spy Sweeper falls short in a couple of areas. There's no Web-based management console, which should be standard for any enterprise-caliber product. Webroot says it will include this in an upcoming version.

Also, its proprietary database and reporting features are weak. The reports are locked on the management console and there's no auto-generating option. As a result, security managers must sit at the console and read the information off the screen. Reports can't be saved to a file or exported, and can only be printed at the console. The only other sources of information are e-mail alerts about spyware infections.

Exec Summary
up Easy, centralized client distribution
up Highly flexible group and policy options
up Detailed spyware activity information
down No Web-based console
down Weak reporting features, database

That said, the console provides a wealth of information: workstation-by-workstation data and history, infection trends, and enterprise collection and quarantine data. Spy Sweeper reports infected nodes by IP and MAC address, as well as information regarding the offending malware.

Webroot Software is recognized as a leader in the consumer spyware market. With the Spy Sweeper Enterprise release, weak reporting and lack of a Web-based console notwithstanding, it's making a statement as a contender in the enterprise antispyware market.

--Ryan Guzal

This was last published in January 2005

Dig Deeper on Malware, virus, Trojan and spyware protection and removal



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.