Antispyware: Webroot Software's Spy Sweeper Enterprise

Webroot Software's Spy Sweeper Enterprise

This article can also be found in the Premium Editorial Download: Information Security magazine: How security pros can benefit from information sharing:
Spy Sweeper
Webroot Software
Price: Starts at $39.95

@exb

Spy Sweeper
@exe

If spyware was only a desktop problem on home PCs, vendors wouldn't be rushing to get enterprise-grade products to market. Webroot has expanded on its respected workstation product with Spy Sweeper Enterprise, complete with client-server technology that gives security managers the ability to install, update and monitor distributed scanners from a central console.

Spy Sweeper is a good first effort with some strong management features, but it lacks a Web-based console and strong reporting capabilities.

Spy Sweeper can be distributed in minutes through login scripts or Active Directory group policies. The management console can be configured to poll Webroot's update server for malware updates.

The versatility of Spy Sweeper's admin console is impressive, enabling security managers to organize clients into logical groups for flexibility and multiple configurations. Policies can be applied globally, by group or individually. For example, the users in the management group may have a policy that dictates their workstations are scanned at 6 p.m., while the operations group is scanned at 1 a.m.

Spy Sweeper configurations are also controlled through Active Shields, which are simply configuration locks that prevent malware from doing such things as hijacking a browser or resetting the home page.

Spy Sweeper's scanning schedule is equally flexible and offers on-demand scans, a feature that comes in handy when a keystroke logger suddenly shows up on the network.

Nevertheless, Spy Sweeper falls short in a couple of areas. There's no Web-based management console, which should be standard for any enterprise-caliber product. Webroot says it will include this in an upcoming version.

Also, its proprietary database and reporting features are weak. The reports are locked on the management console and there's no auto-generating option. As a result, security managers must sit at the console and read the information off the screen. Reports can't be saved to a file or exported, and can only be printed at the console. The only other sources of information are e-mail alerts about spyware infections.

Exec Summary
up Easy, centralized client distribution
up Highly flexible group and policy options
up Detailed spyware activity information
down No Web-based console
down Weak reporting features, database

That said, the console provides a wealth of information: workstation-by-workstation data and history, infection trends, and enterprise collection and quarantine data. Spy Sweeper reports infected nodes by IP and MAC address, as well as information regarding the offending malware.

Webroot Software is recognized as a leader in the consumer spyware market. With the Spy Sweeper Enterprise release, weak reporting and lack of a Web-based console notwithstanding, it's making a statement as a contender in the enterprise antispyware market.

--Ryan Guzal

This was first published in January 2005

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close