Security's rising star, Webroot, plans to offer Web and malware filtering as a service to SMBs, the first vendor of any size to offer such a capability in subscription form.

The software-as-a-service (SaaS) model, which extends the e-mail filtering service already offered by the company, will appeal to smaller and midsized outfits for whom keeping out Web threats with conventional security appliances is now proving increasingly onerous.

Expected to go live in the U.S. in June, the unnamed service will mean business running web traffic through Webroot data centers where it will be filtered for suspicious URLs, web-borne downloads such as Trojans, and vulnerability malware trying to exploit known software holes.

When run with the company's e-mail filtering service, the idea is that the bulk of an SMB's traffic security problems will have been taken care of. Although it can in principle replace desktop anti-malware, the company still recommends users run desktop software as a second line of defense and to intercept threats when using third-party pipes while roaming.

"The advantage of the service model is that you have unlimited computing power and you can do much more. You also have greater visibility [on threats] because you have all the traffic. You can see patterns of outbreak very quickly that you will never see on the desktop," said Webroot's CTO Gerhard Eschelbeck.

He said that the system would be able to stop filtering bypass hacks such as proxy Web sites, even if they were previously unknown. That is the worry - that cleverer users attempt to bypass filtering services by opening encrypted tunnels to proxy sites.

According to Eschelbeck, the trick with stopping users visiting such sites was to detect the URL obfuscation scheme being used from the five in common use today. And if they come up with a new one?

"We can update the service every day so if we see a new one [obfuscation] happening in the wild, we just update our service. That is not going to be possible on a client or the desktop," he said.

Further details of the service are still unconfirmed but it is likely that subscribing companies would have some control over the parameters applied to their filtering through a Web front-end. This would allow requirements to be set on the basis of user or time of day, for instance.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology

View more SECURITY whitepapers

Webcasts

• The Secure Web Gateway. Mission Critical For Business - Webcast
• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports