- Ryan Guzal
SpyCatcher Enterprise 3.2
Price: Starts at $199
Tenebril says its SpyCatcher Enterprise 3.2 has the centralized management that enterprises need for the war on spyware, but Spy-Catcher isn't quite the killer app sought after by security managers in this space.
The problem with most antispyware applications is they are client-only. Tenebril took its antispyware app and added its Remote Management Console (RMC), which enables security managers to administer their client-side antispyware applications. Unfortunately, RMC falls short in its ability to effectively maintain or even query its clients.
SpyCatcher's RMC does an adequate job of reporting the status of clients and whether spyware's been detected, but it doesn't have the ability to do on-demand scans or updates, or real-time reporting. All updates and scans are done on predefined schedules, and reporting is based on historical data.
The term "remote" is also a misnomer. SpyCatcher doesn't have what many would consider remote administration or access. There's no Web interface or remote access mechanism. The closest you can get to remote access is Telneting into a box that RMC is installed on. Otherwise, security managers must sit at the physical console.
All data collected by the RMC is exportable to CSV, SQL or plaintext. It can be automatically saved to a specific location on the network or sent via e-mail to security managers and admins. Between scans and updates, though, you'll have to rely on your IDS to catch suspicious network activity indicative of spyware.
RMC does give security managers centralized control over clients' browser settings, such as locking home pages and browser configurations.
All this boils down to SpyCatcher Enterprise being a glorified client monitor that logs data about processes, software versions, infections, scans and updates. Tenebril has left out the foundation of immediate information delivery that would provide security managers with real value. Until SpyCatcher has these capabilities, it's nowhere near ready for prime time.
About the Author:
Ryan Guzal is a contributor to Information Security magazine.