Feature

Antispyware: Webroot Software's Spy Sweeper Enterprise

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."

Download it now to read this article plus other related content.

Spy Sweeper
Webroot Software
Price: Starts at $39.95

@exb

    Requires Free Membership to View

Spy Sweeper
@exe

If spyware was only a desktop problem on home PCs, vendors wouldn't be rushing to get enterprise-grade products to market. Webroot has expanded on its respected workstation product with Spy Sweeper Enterprise, complete with client-server technology that gives security managers the ability to install, update and monitor distributed scanners from a central console.

Spy Sweeper is a good first effort with some strong management features, but it lacks a Web-based console and strong reporting capabilities.

Spy Sweeper can be distributed in minutes through login scripts or Active Directory group policies. The management console can be configured to poll Webroot's update server for malware updates.

The versatility of Spy Sweeper's admin console is impressive, enabling security managers to organize clients into logical groups for flexibility and multiple configurations. Policies can be applied globally, by group or individually. For example, the users in the management group may have a policy that dictates their workstations are scanned at 6 p.m., while the operations group is scanned at 1 a.m.

Spy Sweeper configurations are also controlled through Active Shields, which are simply configuration locks that prevent malware from doing such things as hijacking a browser or resetting the home page.

Spy Sweeper's scanning schedule is equally flexible and offers on-demand scans, a feature that comes in handy when a keystroke logger suddenly shows up on the network.

Nevertheless, Spy Sweeper falls short in a couple of areas. There's no Web-based management console, which should be standard for any enterprise-caliber product. Webroot says it will include this in an upcoming version.

Also, its proprietary database and reporting features are weak. The reports are locked on the management console and there's no auto-generating option. As a result, security managers must sit at the console and read the information off the screen. Reports can't be saved to a file or exported, and can only be printed at the console. The only other sources of information are e-mail alerts about spyware infections.

Exec Summary
Easy, centralized client distribution
Highly flexible group and policy options
Detailed spyware activity information
No Web-based console
Weak reporting features, database

That said, the console provides a wealth of information: workstation-by-workstation data and history, infection trends, and enterprise collection and quarantine data. Spy Sweeper reports infected nodes by IP and MAC address, as well as information regarding the offending malware.

Webroot Software is recognized as a leader in the consumer spyware market. With the Spy Sweeper Enterprise release, weak reporting and lack of a Web-based console notwithstanding, it's making a statement as a contender in the enterprise antispyware market.

--Ryan Guzal

This was first published in January 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: