Webroot SecureAnywhere BusinessWebroot® Intelligence NetworkReal-Time Protection From Every Malware InfectionMalware is at such high levels (more than 60 million Recent global research by Webroot* revealed that 83unique samples per year) that protecting an endpoint with percent of enterprises were infected with some form oftraditional antivirus software has become futile. More than malware in the past 12 months, and other independent100,000 new types of malware are now released every surveys show similar and even higher infection levels.day, and antivirus vendors are racing to add new protectionfeatures to try to keep their protection levels up. A new malware protection approach is desperately needed. The Webroot Intelligence Network (WIN) is the keyBut new features need even more CPU and RAM resources, component of a revolutionary approach to next-generationwhich reduces performance and usability to even more malware protection. When WIN is combined withunacceptable levels. The torrent of new malware is also Webroot’s ultra-efficient endpoint agent—Webrootforcing antivirus vendors to continually update their SecureAnywhere™ – Endpoint Protection—the resultingsignature/protection files, with more than 5MB of updates solution ensures that both known and unknown infectionsper day being commonplace. are removed before they do harm.The underlying problem is that even with all these “advances,”not all new malware exploits are detected, and machinesare becoming infected. Simply put, protection using traditionalmalware detection techniques is no longer adequate.So many unknown infections are being distributed by cyber-criminals that everyone is at risk. How the Webroot Intelligence Network (WIN) Works* Research in January 2011 by Research Now—IT decision-makers in firms 100 to 5,000 seats in the USA, UK, and Australia
Webroot Intelligence NetworkThe Webroot Intelligence Network (WIN) The Good, The Bad, And The UnknownThe Webroot Intelligence Network integrates billions of WIN uses the Internet to connect with Webrootpieces of information from multiple sources—including data SecureAnywhere – Endpoint Protection through afrom customers, test laboratories, and intelligence shared secure firewall connection. It identifies and learns aboutbetween security vendors—to create the world’s largest everything installed on a user’s endpoint, and thenmalware detection net. classifies the files as Good, Bad, or Unknown. During the short “learning” phase, Webroot inventoriesWIN incorporates Webroot’s patented fourth-generation everything on the user’s machine, while automaticallyPhileas® malicious code identification system, as well as stopping bad activities and removing malware.ENZO, our threat-processing system for categorizingevery software file with intimate knowledge of more From the point when Webroot SecureAnywhere – Endpointthan 125 million executables, including their behavioral Protection is installed, all suspicious processes are closelycharacteristics. WIN also uses systems that let us instantly monitored, analyzed, and resolved in real time through WIN.categorize files and their interactions with other files. It Its vast intelligence net keeps Webroot users safe from bothuses our Webroot IP Reputation Service to track every known and completely new and unknown infections. Evenmalicious IP address on the Internet and provide accurate when Webroot SecureAnywhere – Endpoint Protection iscontent classification, threat reputation, and threat vector not connected to the Internet, it is able to function, detectdata. These systems, along with another 50+ terabytes malware, and take the appropriate steps to stop infections.of threat data, ensure that the Webroot IntelligenceNetwork is always up to date and ready to detect any No approach to stopping and protecting machines fromnew malware infections. infection is perfect, however, and false positive mistakes are possible. Webroot SecureAnywhere – Endpoint Protection and WIN minimize these inaccuracies, even allowing a change to be reversed should files be incorrectly categorized. Webroot Customer Data Feeds External Threat Data Feeds Remote Laptop Users (client app<1MB) Known File REAL-TIME Hash Database Admin Console FILE DATA (browser) Behaviors Other Database Threat Databases Corporate Workstations (client app<1MB) Webroot Intelligence Network How Webroot SecureAnywhere Works
Webroot Intelligence NetworkProtection From Infection,Not Protection Through DetectionBy combining the hugely powerful cloud interrogation With its advanced heuristics and behavior-basedof WIN with a completely new endpoint, Webroot interception analyzing all files and potential threats in realSecureAnywhere – Endpoint Protection is able to stop time, WIN ensures that every user’s window of vulnerability—infections without requiring lots of signature updates. the time between when a threat emerges and when usersWIN harnesses the collective community of Webroot are protected —is minimized. And most important, it is thiscustomers to continuously refine file categorizations, high level of protection against “unknown” malware thateven for low-level and unique malware that normally makes Webroot SecureAnywhere – Endpoint Protection andremains undetected by traditional AV methods. WIN so powerful when compared with every other solution.This capability ensures that all Webroot endpoints arealways protected against malware, including viruses,worms, Trojans, spyware, adware, bots, rootkits, andunique zero-day threats.How is WIN different from other “cloud” antivirus solutions?Other vendors have invested in threat intelligence networks, but 3. WIN allows ultrafast scan times—a PC scan will typically take lessthey are used as bolt-on supplements to their traditional antivirus than one minute, so it never noticeably interrupts users or unacceptablysolutions. None of these systems delivers or offers the breadth of slows down their PC.in-depth capabilities offered by WIN. WIN is purpose architected 4. WIN promotes low PC resource usage. Webroot SecureAnywhere –to be an integral part of the Webroot SecureAnywhere – Endpoint Endpoint Protection needs only 5MB of RAM; even when scanning,Protection solution. it uses less than 50 percent of the CPU’s resources.When comparing Webroot with competitors’ solutions, the 5. WIN also allows Webroot SecureAnywhere – Endpoint Protection to bedifferences and advantages of Webroot’s revolutionary new completely update free, with only ultra-low data exchanges betweenapproach to infection protection quickly become clear: them needed. All the updating happens in the “cloud,” resulting in WIN network traffic of only about 120KB per day—significantly less than1. WIN allows Webroot SecureAnywhere – Endpoint Protection to have a bandwidth usage by other antivirus solutions. footprint that is less than 1MB in size—the world’s smallest endpoint WIN with Webroot SecureAnywhere – Endpoint Protection is a security solution. In comparison, the nearest traditional or “cloud” brand-new way of protecting PCs from malware. It eliminates antivirus solution installation file is more than 128MB, and antivirus traditional signature-based detection and fully exploits the solutions can easily use 750MB of hard disk space when fully installed. benefits of cloud computing and a central intelligence net. Its2. Because of its exceptionally small installation size, Webroot unique approach to preventing malware infection provides SecureAnywhere – Endpoint Protection installs in seconds. And enterprises with not only the best security protection available, it doesn’t require traditional AV software solutions to be uninstalled but also improvements to PC performance and greatly reduced beforehand, since it doesn’t conflict with their detection processes. management overheads.