Spyware/Malware Enterprise appliance
Results 1 to 8 of 8

Thread: Spyware/Malware Enterprise appliance

  1. #1
    Junior Member
    Join Date
    Jul 2004
    Posts
    3

    Spyware/Malware Enterprise appliance

    Does anyone have any experience or know of any Enterprise (5000+ user) Spyware/malware Appliances (not software based)? Thanks in advance.
    Macdawg

  2. #2
    Senior Member
    Join Date
    May 2002
    Posts
    256
    Define what an "appliance" is?
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  3. #3
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,209
    As far as I know, they don't have any such appliances available. And, if they do, I wouldn't really recommend getting one. At this point, I think it's still too difficult to develop good heuristics to determine what is spyware/ad-ware and what isn't. In addition, many such programs piggy-back on other programs. The best solution I would give you would be to disable users from being able to install anything on the computers. That would eliminate the threat (unless you have power users or admins who are installing that sort of software). If you're really serious, the best bet I would have would be to check Symantec. I don't know about appliances, but their Symantec AntiVirus CE 9 can detect spyware/adware, so I would assume they probably have some enterprise applications which may suit your needs. Any particular reason you want an appliance instead of a software-based solution?

    For some of Symantec's products, look here: http://enterprisesecurity.symantec.c...roductlink.cfm

    Define what an "appliance" is?
    An appliance is typically a network-attached device which performs a specific function. Some examples are the Google Search Appliance, various AntiVirus and Anti-Spam appliances, etc. They eliminate the need to support software across multiple machines or operating systems. Hope that answers your question

    AJ


  4. #4
    Junior Member
    Join Date
    Jul 2004
    Posts
    3
    Thanks, I'll run with your idea to check Symantec. I was told to find an appliance and I haven't found one yet. I did get another suggestion to try Trend Micro Interscan Web Security Suite and run it on a Blue Coat Proxy box.

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Mac~

    Sounds like you are looking for some sort of server (appliance = hardware?)

    You will need software to run on it, either if you have it at the perimeter, or as an internal auditor/policeman/whatever.

    What you seem to be thinking of is a router/firewall? which can be a physical device or dedicated box.

    Could you give us an idea of your system/network design concept?

    Cheers

  6. #6
    Junior Member
    Join Date
    Aug 2004
    Posts
    1

    Lightbulb

    Both Spysweeper and Pestpatrol have enterprise level products. The Spysweeper product isn't too bad.

    Symantec 9.0 is a piece of crap as its regards to spyware/adware. It only detects it and displays an annoying pop up box for everything it finds. It doesn't remove anything.

    Take a look at iPrism by St. Bernard if you are interested in appliances. They have a pretty good web filtering appliance.

  7. #7
    Junior Member
    Join Date
    Jul 2004
    Posts
    3
    We have an Enterprise (and several other) firewalls in place. We also have an IDS, Spam filter and virus filter. What we are starting to look at is something that will catch spyware from coming in through http, FTP and Telnet. Rather than just getting a software product, we wanted to look at a heavy duty piece of hardware (an Appliance) that will act as a sort of a proxy device that can handle a lot of traffic without causing a bottleneck.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    OK Mac~, I think that I am almost up to speed.

    Would I be correct in thinking that you are looking for some sort of high speed router that will filter out this sort of malware?

    At this point I am thinking that you might have to look at a webserver with appropriate software? I do not know of, or have even heard of a hardware solution.

    AFAIK the best way to deal with this sort of malware is to use heuristics and a sandbox, but that is sure as hell going to slow things down.

    Are you sure that this is what you are really aiming for.............maybe your internet policies need looking at?

    just a thought

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •