How we did it

Using client systems connected to the Internet, we collected both spyware and the Web page source code of sites that distribute the software. Any vendor wishing to contribute individual spyware instances or Web site examples was free to submit them to us for inclusion in the tests. The collected spyware material was then moved to an isolated, quarantined network, not connected to the Internet. Treating the separate network as the Internet let us emulate malware URLs and IP addresses. We used a total of 68 spyware instances in our tests. Some of the 68 were well-known, common spyware, and some were new or less-frequently encountered instances. Accordingly, we deemed a spyware-thwarting success rate of 90% to be outstanding.

Client machines started off in a "pristine state" for each test. For client/server-based tools, we attempted to infect the clients with spyware and used the client/server anti-spyware products to either find and remove or block the spyware. Our tests determined how much of the spyware was removed, whether any residue remained and how the product updated itself to recognize new spyware. For gateway-based anti-spyware products, we inserted each gateway product linearly between the Internet and the clients, and we measured the gateway's ability to keep spyware from reaching the clients and servers.

Our test network consisted of 10 clients running a variety of operating systems, including Windows NT, 98, 2000, ME, XP, Red Hat Linux and Macintosh OS X. The network included three Web servers (Microsoft Internet Information Server, Netscape Enterprise Server and Apache), two e-mail servers (Exchange and Sendmail), two file servers (Windows 2000 Advanced Server and Netware) and three database servers (Oracle 8i, Sybase Adaptive Server and Microsoft SQL Server). An Agilent Advisor protocol analyzer eavesdropped on the network traffic to show overall utilization and the detailed content of messages.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Using client systems connected to the Internet, we collected both spyware and the Web page source code of sites that distribute the software. Any vendor wishing to contribute individual spyware instances or Web site examples was free to submit them to us for inclusion in the tests. The collected spyware material was then moved to an isolated, quarantined network, not connected to the Internet. Treating the separate network as the Internet let us emulate malware URLs and IP addresses. We used a total of 68 spyware instances in our tests. Some of the 68 were well-known, common spyware, and some were new or less-frequently encountered instances. Accordingly, we deemed a spyware-thwarting success rate of 90% to be outstanding.

Client machines started off in a "pristine state" for each test. For client/server-based tools, we attempted to infect the clients with spyware and used the client/server anti-spyware products to either find and remove or block the spyware. Our tests determined how much of the spyware was removed, whether any residue remained and how the product updated itself to recognize new spyware. For gateway-based anti-spyware products, we inserted each gateway product linearly between the Internet and the clients, and we measured the gateway's ability to keep spyware from reaching the clients and servers.

Our test network consisted of 10 clients running a variety of operating systems, including Windows NT, 98, 2000, ME, XP, Red Hat Linux and Macintosh OS X. The network included three Web servers (Microsoft Internet Information Server, Netscape Enterprise Server and Apache), two e-mail servers (Exchange and Sendmail), two file servers (Windows 2000 Advanced Server and Netware) and three database servers (Oracle 8i, Sybase Adaptive Server and Microsoft SQL Server). An Agilent Advisor protocol analyzer eavesdropped on the network traffic to show overall utilization and the detailed content of messages.

Back to Clear Choice Test: McAfee, Tech Assist top anti-spyware test

Read more about security in Network World's Security section.