Revisiting Spyware
By Keith Shaw, NetworkWorld.com, 08/10/05
In the seven months since we last tested enterprise anti-spyware platforms, the market has seen an explosion of interest from vendors who want a piece of the anti-spyware detection and elimination pie.
Vendors with products in the anti-spam, anti-virus, Internet monitoring and even the desktop management space have jumped in with anti-spyware features or products. The companies that had stand-alone products in this field have also improved their products in recent months, adding enterprise features such as the ability to deploy agents across the company from a central server.
With such interest, we are currently conducting our second round of anti-spyware testing. Network World Lab Alliance member Barry Nance has taken on the task of testing enterprise-level anti-spyware products in order to find the best products, regardless of architecture (gateway, software or integration with other technologies) for finding, preventing and eliminating spyware from desktop systems.
Our methodology pushes these products to assess if they have the ability to:
- Correctly identify and remove spyware from client systems;
- Update its distributed to recognize new spyware;
- Allow a network administrator to centrally deploy agents to new clients (gateways / appliances exempt from this);
- Produce reports on infected systems, cleanup process, etc.
Several companies are offering systems/software that prevent spyware from installing, but we felt for our testing that the systems should not only identify spyware, but also remove it. Once a system is clean, companies can look at systems that aim to prevent spyware from installing.
Our testing process entails collecting spyware and the Web page source code of sites that distribute the software, which we will move to an isolated, quarantined network not connected to the Internet. Client machines will start in a pristine state after which we'll infect the clients and use the tested products to find and remove the spyware. We also plan on testing gateway-based anti-spyware products by placing them on the network between the Web servers and our client machines. We will also determine how much spyware was removed, whether anything remains and how the products update themselves to recognize new spyware.
We are testing 16 vendors who have agreed to our testbed/methodology, and the results of the article will be published in Network World in September.
9/12/05: The results are in! Read our Test here.
TrackBack
Back to Testing Notes
Comments
I imagine with 16 vendors that you have already earmarked LANDesk as a vendor. However, if this has been overlooked, then Security Suite 8.6 will be of real interest.
Please email me for details or visit www.landesk.com for more information.
NetworkD are the only global organisation to concentrate 100% on best practice in service management and are LANDesks #1 global partner.
Regards
Larry
Posted by: Larry Pelling on September 2, 2005 12:09 PM
Post a comment
