logging in or signing up Hassell EDITED Sharck Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 113 Category: Product Traini.. License: All Rights Reserved Like it (1) Dislike it (0) Added: June 16, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Shopping for Antispyware Solutions: Shopping for Antispyware Solutions Jonathan Hassell jhassell@gmail.com About Jon: About Jon Books RADIUS, O’Reilly and Associates, October 2002 Hardening Windows®, Apress, March 2004 (2nd edition forthcoming 11/2005) Learning Windows Server™ 2003, O’Reilly and Associates, December 2004 (2nd edition forthcoming 1/2006) Using Windows Small Business Server 2003, Apress, April 2005 Articles SearchSecurity.com SecurityFocus PC Pro; Windows® andamp; .NET Magazine Network TechNet Magazine Agenda: Agenda Does your company need an antispyware solution? If so, why? Are current AV systems effective in fighting spyware? How is the marketplace changing due to AV vendors introducing spyware scanning? Does freeware have a place in the suite of detection technologies? How do the various antispyware products stack up against each other? What are the pros and cons of acquiring a spyware product as Microsoft begins to bake antispyware technology into its offerings? OneDo You Need a Solution?: One Do You Need a Solution? And why or why not? The scope of the problem: The scope of the problem More than 80% of corporate PCs are infected with spyware 300,000 unique URLs distributing spyware/adware content Quadrupled since start of 2005 Webroot Software’s Spyware Report Strained IT resources What are we defending against? : What are we defending against? Varying descriptions and definitions WhatIs.com: 'any technology that aids in gathering information about a person or an organization without their knowledge.' Doxdesk.com: 'program that gets installed on your computer which you never asked for, and which does something you probably don’t want it to, for someone else’s profit.' Other parasites Cookies? Keyloggers? Misbehaving applications? TwoWhat about current antivirus systems?: Two What about current antivirus systems? Are they effective in fighting spyware? AV vs. Spyware: AV vs. Spyware AV doesn’t work for this How does fighting spyware differ from fighting other malware such as viruses and worms? Nature of spyware Methods of infestation Where does AV fit in an antispyware strategy? Two separate issues Integrated solutions (as you’ll see later) not up to challenge as yet Is it best to buy spyware bundled with AV or as a separate product? Specific AV challenges: Specific AV challenges Mass signature update Depending on vendors Corrupted downloads? Detecting Trojans Their inherent nature and method of spreading makes detection difficult Spotting malware (spyware, adware, etc.) Adware needs your system to work properly Can be disguised more easily since destructive capability is typically limited ThreeThe AntiX Marketplace: Three The AntiX Marketplace Traditional AV market players now introducing and revising antispyware offerings Products: Products Aluria Software - Spyware Eliminator Blue Coat Systems - ProxySG/ProxyAV Citadel Security Software – Hercules Computer Associates - eTrust PestPatrol Anti-Spyware Corporate Edition EMCO Software Ltd. - EMCO Network Malware Cleaner Finjan - Vital Security Appliance Series NG-5000 and NG-8000 Finjan - Vital Security for Clients Finjan - Internet 1Box FutureSoft Inc. - DynaComm i:scan SpySubtract Enterprise Edition InterMute Inc. - SpySubtract Enterprise Edition LANDesk - LANDesk Security Suite McAfee - Anti-Spyware Enterprise Edition Module Omniquad - Antispy Enterprise Shavlik - Shavlik NetChk Spyware Sunbelt Software - CounterSpy Enterprise SurfControl plc - Workstation PolicySheild Symantec - Symantec AntiVirus Corporate Edition Symantec - Symantec Client Security Tenebril Inc. - SpyCatcher Enterprise Trend Micro Inc. - OfficeScan Corporate Edition Websense - Web Security Suite - Lockdown Edition Webroot Software - Spy Sweeper Enterprise Characteristics in current antiX offerings: Characteristics in current antiX offerings Active Directory support Reporting features Agent-based detection, with simple deployment Real-time protection Licensing Per user Subscription for updates FourIs there such a thing as a free lunch?: Four Is there such a thing as a free lunch? Does freeware have a place in your suite of detection and prevention technologies? Absolutely!: Absolutely! Some examples of freeware: Some examples of freeware SpywareBlaster http://www.javacoolsoftware.com/sbdownload.html Free for personal and educational use, inexpensive otherwise CWShredder http://www.spywareinfo.com/~merijn/downloads.html Kills Coolwatch Kill2Me Kills other common, popular spyware http://www.majorgeeks.com/download4166.html With limitations and exceptions, of course…: With limitations and exceptions, of course… Very little, or even no, support Centralized management? Vetting of the tools Robustness Ease of use FiveHow The Products Stack Up: Five How The Products Stack Up Similarities and Differences Selling points: Selling points Anti-malware solutions use active protection Don’t just look at files on a disk (signature-based guarding) Profile running programs and their activities Options will include integrated suite Bad idea for now Automatic hardening of host system Prevention of infestation in the first place What to look for, part II: What to look for, part II Solid manufacturer Frequent updates Robust updates Constant evaluation and competitiveness Dog-eat-dog Annual revisions Responding to new types of threats Centralized management Absolutely critical Elimination of sneakernet Reduces per-client support cost Products: Products Aluria Software - Spyware Eliminator Blue Coat Systems - ProxySG/ProxyAV Citadel Security Software – Hercules Computer Associates - eTrust PestPatrol Anti-Spyware Corporate Edition EMCO Software Ltd. - EMCO Network Malware Cleaner Finjan - Vital Security Appliance Series NG-5000 and NG-8000 Finjan - Vital Security for Clients Finjan - Internet 1Box FutureSoft Inc. - DynaComm i:scan SpySubtract Enterprise Edition InterMute Inc. - SpySubtract Enterprise Edition LANDesk - LANDesk Security Suite McAfee - Anti-Spyware Enterprise Edition Module Omniquad - Antispy Enterprise Shavlik - Shavlik NetChk Spyware Sunbelt Software - CounterSpy Enterprise SurfControl plc - Workstation PolicySheild Symantec - Symantec AntiVirus Corporate Edition Symantec - Symantec Client Security Tenebril Inc. - SpyCatcher Enterprise Trend Micro Inc. - OfficeScan Corporate Edition Websense - Web Security Suite - Lockdown Edition Webroot Software - Spy Sweeper Enterprise SixWhat about Microsoft?: Six What about Microsoft? The pros and cons of acquiring a spyware product as Microsoft begins to bake antispyware technology into its offerings What about Microsoft?: What about Microsoft? MS Antispyware Acquired from Giant Client-only offering No enterprise features MS OneCare Consumer-based Other disaster recovery tools Antivirus currently offered Subscription based Enterprise efforts? 2006—Separate products Windows Vista Longhorn Server You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Hassell EDITED Sharck Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 113 Category: Product Traini.. License: All Rights Reserved Like it (1) Dislike it (0) Added: June 16, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Shopping for Antispyware Solutions: Shopping for Antispyware Solutions Jonathan Hassell jhassell@gmail.com About Jon: About Jon Books RADIUS, O’Reilly and Associates, October 2002 Hardening Windows®, Apress, March 2004 (2nd edition forthcoming 11/2005) Learning Windows Server™ 2003, O’Reilly and Associates, December 2004 (2nd edition forthcoming 1/2006) Using Windows Small Business Server 2003, Apress, April 2005 Articles SearchSecurity.com SecurityFocus PC Pro; Windows® andamp; .NET Magazine Network TechNet Magazine Agenda: Agenda Does your company need an antispyware solution? If so, why? Are current AV systems effective in fighting spyware? How is the marketplace changing due to AV vendors introducing spyware scanning? Does freeware have a place in the suite of detection technologies? How do the various antispyware products stack up against each other? What are the pros and cons of acquiring a spyware product as Microsoft begins to bake antispyware technology into its offerings? OneDo You Need a Solution?: One Do You Need a Solution? And why or why not? The scope of the problem: The scope of the problem More than 80% of corporate PCs are infected with spyware 300,000 unique URLs distributing spyware/adware content Quadrupled since start of 2005 Webroot Software’s Spyware Report Strained IT resources What are we defending against? : What are we defending against? Varying descriptions and definitions WhatIs.com: 'any technology that aids in gathering information about a person or an organization without their knowledge.' Doxdesk.com: 'program that gets installed on your computer which you never asked for, and which does something you probably don’t want it to, for someone else’s profit.' Other parasites Cookies? Keyloggers? Misbehaving applications? TwoWhat about current antivirus systems?: Two What about current antivirus systems? Are they effective in fighting spyware? AV vs. Spyware: AV vs. Spyware AV doesn’t work for this How does fighting spyware differ from fighting other malware such as viruses and worms? Nature of spyware Methods of infestation Where does AV fit in an antispyware strategy? Two separate issues Integrated solutions (as you’ll see later) not up to challenge as yet Is it best to buy spyware bundled with AV or as a separate product? Specific AV challenges: Specific AV challenges Mass signature update Depending on vendors Corrupted downloads? Detecting Trojans Their inherent nature and method of spreading makes detection difficult Spotting malware (spyware, adware, etc.) Adware needs your system to work properly Can be disguised more easily since destructive capability is typically limited ThreeThe AntiX Marketplace: Three The AntiX Marketplace Traditional AV market players now introducing and revising antispyware offerings Products: Products Aluria Software - Spyware Eliminator Blue Coat Systems - ProxySG/ProxyAV Citadel Security Software – Hercules Computer Associates - eTrust PestPatrol Anti-Spyware Corporate Edition EMCO Software Ltd. - EMCO Network Malware Cleaner Finjan - Vital Security Appliance Series NG-5000 and NG-8000 Finjan - Vital Security for Clients Finjan - Internet 1Box FutureSoft Inc. - DynaComm i:scan SpySubtract Enterprise Edition InterMute Inc. - SpySubtract Enterprise Edition LANDesk - LANDesk Security Suite McAfee - Anti-Spyware Enterprise Edition Module Omniquad - Antispy Enterprise Shavlik - Shavlik NetChk Spyware Sunbelt Software - CounterSpy Enterprise SurfControl plc - Workstation PolicySheild Symantec - Symantec AntiVirus Corporate Edition Symantec - Symantec Client Security Tenebril Inc. - SpyCatcher Enterprise Trend Micro Inc. - OfficeScan Corporate Edition Websense - Web Security Suite - Lockdown Edition Webroot Software - Spy Sweeper Enterprise Characteristics in current antiX offerings: Characteristics in current antiX offerings Active Directory support Reporting features Agent-based detection, with simple deployment Real-time protection Licensing Per user Subscription for updates FourIs there such a thing as a free lunch?: Four Is there such a thing as a free lunch? Does freeware have a place in your suite of detection and prevention technologies? Absolutely!: Absolutely! Some examples of freeware: Some examples of freeware SpywareBlaster http://www.javacoolsoftware.com/sbdownload.html Free for personal and educational use, inexpensive otherwise CWShredder http://www.spywareinfo.com/~merijn/downloads.html Kills Coolwatch Kill2Me Kills other common, popular spyware http://www.majorgeeks.com/download4166.html With limitations and exceptions, of course…: With limitations and exceptions, of course… Very little, or even no, support Centralized management? Vetting of the tools Robustness Ease of use FiveHow The Products Stack Up: Five How The Products Stack Up Similarities and Differences Selling points: Selling points Anti-malware solutions use active protection Don’t just look at files on a disk (signature-based guarding) Profile running programs and their activities Options will include integrated suite Bad idea for now Automatic hardening of host system Prevention of infestation in the first place What to look for, part II: What to look for, part II Solid manufacturer Frequent updates Robust updates Constant evaluation and competitiveness Dog-eat-dog Annual revisions Responding to new types of threats Centralized management Absolutely critical Elimination of sneakernet Reduces per-client support cost Products: Products Aluria Software - Spyware Eliminator Blue Coat Systems - ProxySG/ProxyAV Citadel Security Software – Hercules Computer Associates - eTrust PestPatrol Anti-Spyware Corporate Edition EMCO Software Ltd. - EMCO Network Malware Cleaner Finjan - Vital Security Appliance Series NG-5000 and NG-8000 Finjan - Vital Security for Clients Finjan - Internet 1Box FutureSoft Inc. - DynaComm i:scan SpySubtract Enterprise Edition InterMute Inc. - SpySubtract Enterprise Edition LANDesk - LANDesk Security Suite McAfee - Anti-Spyware Enterprise Edition Module Omniquad - Antispy Enterprise Shavlik - Shavlik NetChk Spyware Sunbelt Software - CounterSpy Enterprise SurfControl plc - Workstation PolicySheild Symantec - Symantec AntiVirus Corporate Edition Symantec - Symantec Client Security Tenebril Inc. - SpyCatcher Enterprise Trend Micro Inc. - OfficeScan Corporate Edition Websense - Web Security Suite - Lockdown Edition Webroot Software - Spy Sweeper Enterprise SixWhat about Microsoft?: Six What about Microsoft? The pros and cons of acquiring a spyware product as Microsoft begins to bake antispyware technology into its offerings What about Microsoft?: What about Microsoft? MS Antispyware Acquired from Giant Client-only offering No enterprise features MS OneCare Consumer-based Other disaster recovery tools Antivirus currently offered Subscription based Enterprise efforts? 2006—Separate products Windows Vista Longhorn Server