Choosing The Right Enterprise Antispyware Solution
-
Upload
mark-feldman -
Category
Technology
-
view
1.961 -
download
2
description
Transcript of Choosing The Right Enterprise Antispyware Solution
TeleconferenceChoosing The Right Enterprise Antispyware SolutionNatalie Lambert
Analyst
Forrester Research
January 31, 2006. Call in at 10:55 pm Eastern Time
3Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Theme
Enterprises need specific antispyware tools
customized to their needs — consumer tools will not cut it
4Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Agenda
• Spyware climbs the IT security threat ladder
• Standalone antispyware versus an integrated suite approach
• What are the criteria for evaluating enterprise antispyware solutions?
• How do the vendors stack up?
5Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Definition: Spyware
► Software that monitors a user's actions without his explicit consent
6Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Spyware climbs the IT security threat ladder
7Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Recent spyware incidents
• Industrial espionage in Israel
» Vector: Trojan horse delivered through external device and email
• Bank account fraud in Japan
» Vector: Spyware-infected email
• Customer information abuse in the United States
» Vector: Keylogger
8Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Spyware remains No. 4 on the list of IT security threats
73%
66%
57%
55%
46%
41%
39%
28%
55%
Viruses and worms
Employees acting in unauthorized ways
Failure to comply with regulations
Spyware
Outside hackers
Internal hackers
Identity theft
Spam
Poor operational efficiency
Base: 149 technology decision-makers at North American SMBs and Enterprises(multiple response accepted)
Percentage of firms that rated the following as one of the top threats to their organizations
Note: Preliminary data
9Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Antispyware tools will be purchased by more than 50% of companies this year
45%
46%
49%
53%
55%
53%
Personal firewall
Strong authentication systems
Email security gateway
Client antivirus
Antispyware tools
Network firewall
Base: 149 technology decision-makers at North American SMBs and Enterprises(multiple response accepted)
Of the following list of security technologies, please check those that your company is likely to purchase or implement this year (include upgrades to existing implementations)?
Note: Only the top six are listedNote: Preliminary data
10Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Standalone antispyware versus an integrated suite
approach
11Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Increase in adoption of client security suites
8%
3%
24%
65%
4%
9%
30%
57%
Don't know
Don't use clientsecurity
Client securitysuite
Best-of-breed
20062005
For client security, does your organization use a client security suite (for example a single product that includes antivirus, antispyware, and personal firewall all in one) or best-of-breed products (for
example CA's antivirus, Webroot's antispyware, and Check Point's personal firewall)?
Base: 94 technology decision-makers at North American SMBs and Enterprises
Note: Preliminary data
12Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Standalone antispyware
• Benefits: More customizable products and more granular control over scanning
• Best for: Companies that have AV protection from a vendor that does not provide antispyware
• Vendors: Aluria Software, CA, Micro, Sunbelt Software, Tenebril, Trend, and Webroot Software
13Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Client security suite antispyware
• Benefits: An integrated tool set, less administrative overhead cost compared with multiple point products
• Best for: Companies that have AV protection from a vendor that provides antispyware
• Vendors: CA, Check Point, McAfee, Panda Software, Sophos, Symantec, and Trend Micro
14Entire contents © 2006 Forrester Research, Inc. All rights reserved.
What are the criteria for evaluating enterprise
antispyware solutions?
15Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Current offering and strategy
Current offering
Strategy
16Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Market presence
Market Presence
17Entire contents © 2006 Forrester Research, Inc. All rights reserved.
How do the vendors stack up?
18Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Forrester Wave™: Enterprise Antispyware, Q1 '06
19Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Scorecard highlights
20Entire contents © 2006 Forrester Research, Inc. All rights reserved.
McAfee Anti-Spyware Enterprise
• General
» Offered as both part of a suite and a standalone product
• Strengths
» Managed using McAfee's ePolicy Orchestrator
» Highly scalable (250,000 nodes per management console)
» Signature and behavioral detection — protection against unknown spyware
• Weaknesses
» No remote administration
21Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Trend Micro Anti-Spyware Enterprise Edition
• General
» This product is currently offered as a point product, but it will be integrated into OfficeScan in 2006
• Strengths
» Highly scalable (using Trend Micro Control Manager the product supports an unlimited number of nodes)
» Supports remote administration through a Web-based management console
• Weaknesses
» Does not offer protection against unknown spyware
22Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Symantec AntiVirus Corporate Edition 10.0
• General
» Only available to Symantec AV customers
• Strengths
» Fully integrated antivirus and antispyware solution — can easily upgrade to a Symantec Client Security (a full security suite)
» Highly scalable (176,000 nodes per management server)
» Detailed reporting functionality
• Weaknesses
» Does not offer protection against unknown spyware
» Management and reporting require two different consoles
23Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Webroot’s Spy Sweeper Enterprise
• General
» Standalone product
• Strengths
» Supports remote administration through a Web-based management console
» Phileas — an automated spyware crawler that proactively searches the Web for new spyware
» Advanced client functionality with ability to blacklistcustom-defined spyware and Web sites
• Weaknesses
» Does not offer protection against unknown spyware
» Does not support role-based administration
24Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Tenebril’s SpyCatcher Enterprise
• General
» Standalone product
• Strengths
» Supports remote administration through a Web-based management console
» Integration with Active Directory and LDAP
» Signature and behavioral detection — protection against unknown spyware
• Weaknesses
» Inability to update remote systems
» Lack of long term viability due to small revenue and customer base
25Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Sunbelt Software’s CounterSpy Enterprise
• General
» Standalone product
• Strengths
» Full range of reporting capabilities
» Integrated with Active Directory and Network Neighborhood
» Highly scalable (each server supports 1,500 nodes — the management console supports an unlimited number of servers)
• Weaknesses
» Inability to update remote systems
» Does not offer protection against unknown spyware
26Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Aluria Software’s Paladin
• General
» Standalone product
• Strengths
» Kernel-level protection that blocks spyware before installation
» Supports Web site blacklists
• Weaknesses
» Does not offer protection against unknown spyware
» Limited scalability (roughly 2,000 nodes per management console)
» Basic reporting — no custom or graphical reports
27Entire contents © 2006 Forrester Research, Inc. All rights reserved.
CA’s eTrust PestPatrol Anti-Spyware Corporate Edition r8
• General
» Offered as both part of a suite and a standalone product
• Strengths
» Highly scalable
» Strong management feature with full role-based access
» Remote administration through its Web-based console
» Supports multiple server platforms
• Weaknesses
» Does not offer protection against unknown spyware
» Does not support report customization
28Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Where does Microsoft fit in?
• Entered consumer market with GIANT acquisition in December 2004 — Windows AntiSpyware/Defender
• Will enter enterprise market in mid-2006 with Microsoft Client Protection — an integrated antivirus and antispyware solution
• Customers without antispyware cannot wait for Microsoft Client Protection
• Customer looking to replace their current solution will benefit from waiting a year to see what Microsoft can deliver
29Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Recommendations
• Adopt enterprise-scalable antispyware technologies now – don't wait!
• Look at your current infrastructure to determine which type of antispyware tool is best for you
• Put in place additional technologies and processes — antimalware tools alone will not stop the malicious code threat
30Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Selected bibliography
• January 6, 2006, Tech Choices “The Forrester Wave™: Enterprise Antispyware, Q1 2006”
» All accompanying Vendor Summaries
• June 22, 2005, Tech Choices “The Forrester Wave™: Client Security Suites, Q2 2005”
» All accompanying Scorecard Summaries
• February 10, 2005, Trends “Antispyware Adoption In 2005”
31Entire contents © 2006 Forrester Research, Inc. All rights reserved.
Natalie Lambert
www.forrester.com
Thank you