Choosing The Right Enterprise Antispyware Solution

1,229 views

Published on

Forrester: Choosing The Right Enterprise Antispyware Solution.
Natalie Lambert
Analyst
Forrester Research

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,229
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
34
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Logo Slide
  • Choosing The Right Enterprise Antispyware Solution

    1. 2. January 31, 2006. Call in at 10:55 pm Eastern Time Natalie Lambert Analyst Forrester Research Teleconference Choosing The Right Enterprise Antispyware Solution
    2. 3. Theme Enterprises need specific antispyware tools customized to their needs — consumer tools will not cut it
    3. 4. Agenda <ul><li>Spyware climbs the IT security threat ladder </li></ul><ul><li>Standalone antispyware versus an integrated suite approach </li></ul><ul><li>What are the criteria for evaluating enterprise antispyware solutions? </li></ul><ul><li>How do the vendors stack up? </li></ul>
    4. 5. Definition: Spyware <ul><li>Software that monitors a user's actions without his explicit consent </li></ul>
    5. 6. Spyware climbs the IT security threat ladder
    6. 7. Recent spyware incidents <ul><li>Industrial espionage in Israel </li></ul><ul><ul><li>Vector: Trojan horse delivered through external device and email </li></ul></ul><ul><li>Bank account fraud in Japan </li></ul><ul><ul><li>Vector: Spyware-infected email </li></ul></ul><ul><li>Customer information abuse in the United States </li></ul><ul><ul><li>Vector: Keylogger </li></ul></ul>
    7. 8. Spyware remains No. 4 on the list of IT security threats Base: 149 technology decision-makers at North American SMBs and Enterprises (multiple response accepted) Percentage of firms that rated the following as one of the top threats to their organizations Note: Preliminary data
    8. 9. Antispyware tools will be purchased by more than 50% of companies this year Base: 149 technology decision-makers at North American SMBs and Enterprises (multiple response accepted) Of the following list of security technologies, please check those that your company is likely to purchase or implement this year (include upgrades to existing implementations)? Note: Only the top six are listed Note: Preliminary data
    9. 10. Standalone antispyware versus an integrated suite approach
    10. 11. Increase in adoption of client security suites For client security, does your organization use a client security suite (for example a single product that includes antivirus, antispyware, and personal firewall all in one) or best-of-breed products (for example CA's antivirus, Webroot's antispyware, and Check Point's personal firewall)? Base: 94 technology decision-makers at North American SMBs and Enterprises Note: Preliminary data
    11. 12. Standalone antispyware <ul><li>Benefits: More customizable products and more granular control over scanning </li></ul><ul><li>Best for: Companies that have AV protection from a vendor that does not provide antispyware </li></ul><ul><li>Vendors: Aluria Software, CA, Micro, Sunbelt Software, Tenebril, Trend, and Webroot Software </li></ul>
    12. 13. Client security suite antispyware <ul><li>Benefits: An integrated tool set, less administrative overhead cost compared with multiple point products </li></ul><ul><li>Best for: Companies that have AV protection from a vendor that provides antispyware </li></ul><ul><li>Vendors: CA, Check Point, McAfee, Panda Software, Sophos, Symantec, and Trend Micro </li></ul>
    13. 14. What are the criteria for evaluating enterprise antispyware solutions?
    14. 15. Current offering and strategy Current offering Strategy
    15. 16. Market presence Market Presence
    16. 17. How do the vendors stack up?
    17. 18. Forrester Wave ™ : Enterprise Antispyware, Q1 '06
    18. 19. Scorecard highlights
    19. 20. McAfee Anti-Spyware Enterprise <ul><li>General </li></ul><ul><ul><li>Offered as both part of a suite and a standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Managed using McAfee's ePolicy Orchestrator </li></ul></ul><ul><ul><li>Highly scalable (250,000 nodes per management console) </li></ul></ul><ul><ul><li>Signature and behavioral detection — protection against unknown spyware </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>No remote administration </li></ul></ul>
    20. 21. Trend Micro Anti-Spyware Enterprise Edition <ul><li>General </li></ul><ul><ul><li>This product is currently offered as a point product, but it will be integrated into OfficeScan in 2006 </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Highly scalable (using Trend Micro Control Manager the product supports an unlimited number of nodes) </li></ul></ul><ul><ul><li>Supports remote administration through a Web-based management console </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul>
    21. 22. Symantec AntiVirus Corporate Edition 10.0 <ul><li>General </li></ul><ul><ul><li>Only available to Symantec AV customers </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Fully integrated antivirus and antispyware solution — can easily upgrade to a Symantec Client Security (a full security suite) </li></ul></ul><ul><ul><li>Highly scalable (176,000 nodes per management server) </li></ul></ul><ul><ul><li>Detailed reporting functionality </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul><ul><ul><li>Management and reporting require two different consoles </li></ul></ul>
    22. 23. Webroot’s Spy Sweeper Enterprise <ul><li>General </li></ul><ul><ul><li>Standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Supports remote administration through a Web-based management console </li></ul></ul><ul><ul><li>Phileas — an automated spyware crawler that proactively searches the Web for new spyware </li></ul></ul><ul><ul><li>Advanced client functionality with ability to blacklist custom-defined spyware and Web sites </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul><ul><ul><li>Does not support role-based administration </li></ul></ul>
    23. 24. Tenebril’s SpyCatcher Enterprise <ul><li>General </li></ul><ul><ul><li>Standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Supports remote administration through a Web-based management console </li></ul></ul><ul><ul><li>Integration with Active Directory and LDAP </li></ul></ul><ul><ul><li>Signature and behavioral detection — protection against unknown spyware </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Inability to update remote systems </li></ul></ul><ul><ul><li>Lack of long term viability due to small revenue and customer base </li></ul></ul>
    24. 25. Sunbelt Software’s CounterSpy Enterprise <ul><li>General </li></ul><ul><ul><li>Standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Full range of reporting capabilities </li></ul></ul><ul><ul><li>Integrated with Active Directory and Network Neighborhood </li></ul></ul><ul><ul><li>Highly scalable (each server supports 1,500 nodes — the management console supports an unlimited number of servers) </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Inability to update remote systems </li></ul></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul>
    25. 26. Aluria Software’s Paladin <ul><li>General </li></ul><ul><ul><li>Standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Kernel-level protection that blocks spyware before installation </li></ul></ul><ul><ul><li>Supports Web site blacklists </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul><ul><ul><li>Limited scalability (roughly 2,000 nodes per management console) </li></ul></ul><ul><ul><li>Basic reporting — no custom or graphical reports </li></ul></ul>
    26. 27. CA’s eTrust PestPatrol Anti-Spyware Corporate Edition r8 <ul><li>General </li></ul><ul><ul><li>Offered as both part of a suite and a standalone product </li></ul></ul><ul><li>Strengths </li></ul><ul><ul><li>Highly scalable </li></ul></ul><ul><ul><li>Strong management feature with full role-based access </li></ul></ul><ul><ul><li>Remote administration through its Web-based console </li></ul></ul><ul><ul><li>Supports multiple server platforms </li></ul></ul><ul><li>Weaknesses </li></ul><ul><ul><li>Does not offer protection against unknown spyware </li></ul></ul><ul><ul><li>Does not support report customization </li></ul></ul>
    27. 28. Where does Microsoft fit in? <ul><li>Entered consumer market with GIANT acquisition in December 2004 — Windows AntiSpyware/Defender </li></ul><ul><li>Will enter enterprise market in mid-2006 with Microsoft Client Protection — an integrated antivirus and antispyware solution </li></ul><ul><li>Customers without antispyware cannot wait for Microsoft Client Protection </li></ul><ul><li>Customer looking to replace their current solution will benefit from waiting a year to see what Microsoft can deliver </li></ul>
    28. 29. Recommendations <ul><li>Adopt enterprise-scalable antispyware technologies now – don't wait! </li></ul><ul><li>Look at your current infrastructure to determine which type of antispyware tool is best for you </li></ul><ul><li>Put in place additional technologies and processes — antimalware tools alone will not stop the malicious code threat </li></ul>
    29. 30. Selected bibliography <ul><li>January 6, 2006, Tech Choices “The Forrester Wave™: Enterprise Antispyware, Q1 2006” </li></ul><ul><ul><li>All accompanying Vendor Summaries </li></ul></ul><ul><li>June 22, 2005, Tech Choices “The Forrester Wave™: Client Security Suites, Q2 2005” </li></ul><ul><ul><li>All accompanying Scorecard Summaries </li></ul></ul><ul><li>February 10, 2005, Trends “Antispyware Adoption In 2005” </li></ul>
    30. 31. Thank you Natalie Lambert [email_address] www.forrester.com

    ×