This article can also be found in the Premium Editorial Download "Information Security magazine: Does security make the grade in Windows Server 2008?."
Download it now to read this article plus other related content.
Webroot Antispyware Corporate Edition with AntiVirus
Price: Starts at $28.26 per seat
Recognizing the growing challenge of managing multiple point solutions to combat the convergence of spyware and malware, Webroot has integrated the Sophos antivirus engine with the centrally managed version of its spyware product to produce Webroot AntiSpyware Corpo- rate Edition with AntiVirus to provide continuous protection from online threats.
Installation was straightforward, requiring installation of a MS SQL Server database prior to the Webroot Server. Clients can be installed on endpoints through the administration console, an MSI file for third-party delivery, log-on script or Active Directory Group Policies.
The intuitively designed administration console provides easy access to the excellent status dashboard, offering quick displays on top threats and infections, client administration and system settings for enabling Smart Shields on clients, Sweeps (scans), detection options (quarantine, delete), notification (alerts, errors and updates via email), updates and reports.
Updates, Sweeps and polling can be set up to run at different times among client groups to reduce impact on the network.
We set up white lists for commonly flagged items such as legitimate ActiveX controls, rootkit applications, browser toolbars and startup applications.
We were able to assign what was scanned and how often. We could also control how much a memory or file scan could affect CPU usage. This is very useful for slower, older machines.
Reaction options include simple logging, quarantining then deleting after two, seven, 30 or 365 days, or deleting right away. Spyware is broken down into five categories (adware, cookies, system monitors, Trojans and informational), each with policy options.
Webroot's extensive array of report templates includes threat blocking, quarantining and cleaning, and trends; you can customize information based on workstation, groups and type of threat.
Behavioral analysis is off by default to improve speed. Without this feature, Webroot failed to detect approximately 20 percent of the threats, especially polymorphic spyware, adware and rootkits. Once it was enabled, detection rose to nearly 100 percent.
Testing methodology: Webroot AntiSpyware Corporate Edition with AntiVirus was deployed in a Microsoft-based environment with a variety of Microsoft endpoint operating systems (Vista, XP, 2000) on the network, including remote machines to simulate mobile users.
This was first published in February 2008