Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Communications
  3. Marketing

Technical Paper Spyware: an annoying and dangerous can

advertisement 
Spyware: An Annoying and Dangerous Problem You Can Eradicate
To access the full document, please complete all the fields below and click 'Read
Document'. By completing this form once you will have access to all similar documents
without needing to register again.
Technical Paper
First Name:
www.securecomputing.com
Last Name:
Spyware: an annoying and dangerous
problem you can eradicate
Email Address:
Secure Computing® has been solving
Job Title:the most difficult network and
Businessapplication
Phone: security challenges for
over 20 years. We help our customers
create trusted environments both
Company:
inside and outside their organizations.
Address 1:
Address 2:
City:
State/Province:
Zip/Postal Code:
Country:
# of Employees:
Department:
Industry:
Read Document
Threat analysts will tell you that all corporations
Abstract:your
Protecting
organization from the Spyware threat
of any size are subject to industrial espionage. Today, the
biggest spy threat isn't an employee who may be leaking
secrets to the competition--it's not a person at all. It's a little
piece of active software that finds its way into your network
The Spyware threat .......................................................................................................................2
or home computer, gathers information, and sends it back to
a covert host. It's called Spyware--and given the right
Introduction ..........................................................................................................................2
circumstances, virtually every piece of information, every
Where does Spyware come from? .........................................................................................2
file, every bit of proprietary data on your network, is at risk.
-- Select One -Specific types of Spyware threats...........................................................................................2
In this paper you will learn how to identify the different
types of Spyware and how to eradicate it from your network
Is Adware the same as Spyware? ...........................................................................................3
through a unique prevention management approach.
UNITED STATES
Damage Spyware can do once it’s on your network ..............................................................3
-- Select # of employees -Hints to identifying Spyware..................................................................................................4
-- Select your department -Spyware can threaten efforts for regulatory compliance ........................................................4
-- Select your industry -Combating Spyware through a Unified Threat Management approach ........................................4
Prevention management .......................................................................................................5
Cancel
SmartFilter and Spyware ...............................................................................................................5
Specific anti-spyware protection ............................................................................................5
Industry-leading Internet coverage and accuracy sets SmartFilter
apart from other competitors ................................................................................................5
Real-time updates and protection..........................................................................................6
Secure Computing Corporation
SmartReporter—always on the alert for spyware transmissions .............................................6
Corporate Headquarters
4810 Harwood Road
San Jose, CA 95124 USA
Tel +1.800.379.4944
Tel +1.408.979.6100
Fax +1.408.979.6501
Every SmartFilter feature and advantage—at one price .........................................................6
European Headquarters
East Wing, Piper House
Hatch Lane
Windsor SL4 3QP UK
Tel +44.1753.410900
Fax +44.1753.410901
Sidewinder G2 Security Appliance and Spyware ...........................................................................6
Sidewinder G2 anti-virus and anti-spyware protections .........................................................6
Sidewinder G2 and Content Protection .................................................................................7
Security Reporter and Spyware ..............................................................................................7
Summary recommendations for prevention of Spyware................................................................7
Asia/Pac Headquarters
1604-5 MLC Tower
248 Queen’s East Road
Wan Chai Hong Kong
Tel +852.2520.2422
Fax +852.2587.1333
Japan Headquarters
Level 15 JT Bldg.
2-2-1 Toranoman Minato-Ku
Tokyo 105-0001 Japan
Tel +81.3.5114.8224
Fax +81.3.5114.8226
The information
you are entering on this page and other information about your use of the attached
document (described in the User Agreement and the Privacy Policy) will be stored in a file on your
© August 2005 Secure Computing Corporation. All Rights Reserved.
SpywareTT-TP-Aug05vF.
Secure Computing,
SafeWord, Sidewinder,
SmartFilter,
computer and
transmitted
to Bitpipe
over
theTypeInternet. Bitpipe may provide this information to the
Enforcement, SofToken, SecureSupport, SecureOS, MobilePass, G2 Firewall, Bess,
Sidewinder G2, enterprise strong, PremierAccess, and Strikeback are trademarks of
owners of Secure
theComputing
document.
Bitpipe
and
the document
owner may use the data to track your use of the
Corporation, registered
in the U.S. Patent
and Trademark
Office and in
G2 Enterprise Manager, Application Defenses, RemoteAccess, On-Box,
document,other
tocountries.
contact
and tobetween
provide
youand networks
with additional information about products and services
Power-It-On!,
Sentian, and you
Securing connections
people, applications,
are trademarks of Secure Computing Corporation. All other trademarks used herein belong
to their respective
that you might
findowners.
of interest. In consideration of your access to the attached document you agree to
such storage and uses as more fully described in the Bitpipe X-Stream User Agreement.
The Spyware threat
Introduction
Threat analysts will tell you that all corporations of
any size are subject to industrial espionage. Today,
the biggest spy threat isn’t an employee who may be
www.securecomputing.com
to the competition—it’s not a person
To access this document,leaking
pleasesecrets
return
to page 1 to complete the
at all. It’s a little piece of active software that finds its
form.
way into your network or home computer, gathers
information, and sends it back to a covert host. It’s
called Spyware—and given the right circumstances,
By completing this form virtually
once, you
will have access to all similar
every piece of information, every file, every
documents without needing
registerdata
again.
bit ofto
proprietary
on your network, is at risk.
Spyware presents a daily threat to organizations
and can result in a variety of impacts ranging
from drains on computer resources and affecting
productivity—including a significant increase in
help desk calls—to stealing proprietary company
information from computers or opening networks
to malicious attacks. It’s not always obvious that
Spyware is present, making Spyware a particularly
insidious type of invasion.
According to IDC, Spyware is the fourth-greatest
threat to a company’s enterprise network security,
and 67 percent of all computers have some form of
Spyware on it. Osterman Research showed another
unfortunate result of Spyware—44 percent of all
home users use email and the Web less today than
they did a year ago, due to the threats of spam,
Spyware, and other related problems.
There are both legal and illegal forms of spyware.
Spyware is an executable program that is covertly
installed (with or without the user’s permission) and
monitors a person or organization with or without
their consent, broadcasting the information back to
an outside party controlling the program.
IDC, Worldwide Spyware 2004-2008
Forecast and Analysis, November 2004
Where does Spyware come from?
Spyware often comes into your computer network
in the same way as a Trojan, hidden in a piece of
seemingly innocuous freeware or shareware, or even
as a piece of active code on a Web page. In the latter
case, the user doesn’t even have to actively download
anything—the Spyware can launch automatically,
simply when a given Web page is viewed.
Spyware usually comes into the network
unannounced, or disguised as something else. Often,
it may take the form of a component of a freeware or
shareware program, or it may enter into the network
via a peer-to-peer file swapping system. It may also
come in via e-mail as an executable attachment.
Technical paper
Another common way for Spyware to enter your
network is via a Spyware-carrying Web site. In this
technique, a user visits a Web site, and the Spyware
automatically downloads onto the user’s PC. There
may or may not be a dialog box that informs the
user of the action, and even if there is, clicking on
“no” is not a guarantee that the Spyware won’t
download anyway. In the worst cases, the Spyware
downloads automatically without any warning or
announcement—the user does not have to take
any action at all other than going to the offending
Web site.
Some Spyware is more upfront in that it asks the user
to authorize a license, in exchange for some piece
of personally useful and free software, which then
authorizes the download of Spyware. Of course,
the agreement will not call it “Spyware,” it will be
worded in comfortable marketing terms. In this way,
Spyware enters into the network through a user’s
approval. Once the door is opened, it’s hard to close
it. Agreeing to a single piece of software may lead to
the point where the PC is so full of Spyware that it
becomes virtually useless and must be cleansed, or
worse, re-formatted completely.
Specific types of Spyware threats
Spyware is often used to monitor user activity, and
transmit information back to someone else. In its most
common and semi-legitimate form, Spyware is used
to record information about your buying and Web
surfing habits for the purpose of delivering advertising
to your desktop or email inbox. It surreptitiously
gathers information about the user, and sends that
data back to a host, which then uses the Spyware
connection to serve pop-up ads, or deliver spam
email. In addition to the Spyware host operator using
that information for their own benefit, they may also
sell it to third parties.
Spyware’s actions vary a great deal, and in some
cases they may be legal (although objectionable
and personally invasive); in others the actions taken
are distinctly criminal in nature. In these cases,
Spyware may result in serious computer and/or
network performance issues, lost productivity, stolen
trade secrets, or identity theft. They may implant
a keystroke grabber (recorder) onto a user’s PC
to record keystrokes and steal passwords, e-mail
addresses, and credit card numbers.
And as a side effect to all this, Spyware consumes
bandwidth and uses system resources, and may
frequently lead to system instability or crashes.
Spyware: an annoying and dangerous problem you can eradicate
2
Types of Spyware threats
• Password and information stealers– steal
passwords and other sensitive personal
information.
www.securecomputing.com
• Keyloggers– monitor keystrokes with the intention
of stealing information such as passwords.
Banking
Trojans–
entered
To access this document,•please
return
to monitor
page 1information
to complete
the
into banking applications and banking Web forms.
form.
• Backdoor Trojans– can contain any of the above
functionality, including the ability to allow hackers
By
form once,
you will
have
access
all similar
unrestricted
remote
access
to a to
computer
system
documents
without
needing
to
register
again.
when
it
is
online.
Relying on passwords
Two-factor
authentication
to
completing
this
combat Spyware
to protect applications,
networks, and accounts
leaves users vulnerable
to password-stealing
spyware and keylogging
attacks. Two-factor
authentication
provides protection
because it requires
1) something only
the user knows
(a PIN), and
2) something only the
user has—a one-time
passcode generated
by a handheld token.
Every time users
access their network
applications and
accounts, their PIN
and passcode give
them access one
time, and then the
passcode is thrown
away. It’s useless if a
spyware or keylogging
program steals a used
passcode because it
can’t be used again.
Secure Computing
offers SafeWord®
software and tokens,
used daily by thousands
of organizations
and millions of end
users worldwide.
Providing unparalleled
security, flexibility, and
deployment options,
SafeWord protects users,
and SafeWord tokens
are the most robust and
durable on the market.
www.safeword.com
“Spyware threatens
security and is
illegitimate. Adware
compromises
productivity and is
an irritant. Sophos
(integrated within
Sidewinder G2
Application Defenses)
protects 100%
against Spyware.”
Richard Jacobs,
Chief Technology
Officer, Sophos
Technical paper
• Botnet worms– a network of backdoor Trojans,
configured remotely to work together to carry out
any of the above functionality, which may also be
used to create zombie networks from which spam
can be sent out.
• Browser hijackers– modify browser settings with
the intention of redirecting users to automatic
download sites and/or reduce browser security
settings.
• Dialers– dial a premium rate phone line, normally
with the intent of gaining access to pornographic
material.
• Downloaders– install other, potentially malicious
programs without the user’s knowledge.
An example of Spyware is Troj/Progent-A, which is a
password stealer and keylogger. Once installed, the
software starts reporting the next time the computer
is online. This kind of Spyware can also steal financial
data, spreadsheets, personnel records, bank account
numbers, passwords, or any other information typed
into the affected computer. A damaged reputation,
the loss of money or competitive advantage, and an
increased risk of litigation can all result from
data theft.
Is Adware the same as Spyware?
Adware is a subset of Spyware with a definite
distinction. Adware delivers specific advertising,
such as pop-ups on user’s computers which can be
annoying when undesired. While Adware may distract
users and interfere with productivity and efficiency, it
may be also functional or serve a purpose in certain
contexts. And most importantly, it’s generally not
malicious or illegal. In contrast, malicious Spyware is
never welcome or beneficial, but rather is something
that needs to be wiped out from all networks to the
highest degree possible.
Adware steps into the Spyware realm when it tracks
browser activity and reports such activity back to
some unknown recipient. In this way, the advertisers
correlate surfing behavior into demographics in much
the same way they do for television and radio.
Adware’s function is to deliver targeted advertising
to users. Spyware programs, including Adware, use
your system’s memory and resources, and consume
bandwidth by sending information back to the
Spyware host. Many companies wish to eliminate
both Adware and Spyware. A single piece of software
on a single PC may spread that Spyware throughout
the network, and may also allow other Spyware to
enter into the network. As a result, it is possible that
other legitimate applications may start to run slower,
and your system may become unstable and suffer
from crashes.
Although the consequences of Spyware may be as
minor as annoying advertising pop-ups, it has the
potential to do significant damage to the machine
and also to the entire network. Spyware has the ability
to capture virtually all online activity. From monitoring
all keystrokes, to email snooping, to scanning files on
the hard drive, to changing system or registry settings,
Spyware is a great personal and enterprise security
threat. Such activities can lead to identity theft, data
corruption, and even theft of company trade secrets.
From IDC, Worldwide Spyware 2004-2008
Forecast and Analysis, November 2004
Damage Spyware can do once it’s
on your network
Spyware can gather a wide variety of information
from your network—given the right circumstances,
virtually every piece of information, every file, every
bit of proprietary data on your network, is at risk.
Since it is an independent program, Spyware may be
able to:
• Gather information on the user’s Web
surfing patterns
• Gather e-mail addresses
• Implant a keystroke grabber to steal passwords or
credit card numbers
• Scan files on the hard drive, and send them to a
host computer outside the network
• Snoop other applications
• Install additional Spyware or other rogue programs
• Read cookies
• Change the Web browser’s default home page
• Change system and registry settings
• Disable some types of software applications,
including some security applications
• Take over peripherals, such as webcams
Besides the technological impact, Spyware will also
affect productivity by distracting employees with a
Spyware: an annoying and dangerous problem you can eradicate
3
www.securecomputing.com
constant barrage of pop-up ads and spam. Another
side effect of the existence of Spyware is increased
calls to the Help Desk, as more employees call to
complain about pop-ups, sluggish PCs, and other
Spyware-related issues. Depending on the studies you
read, somewhere between 20 and 33 percent of all
help desk calls are Spyware related.
To access this document, please return to page 1 to complete the
Hints to identifying Spyware
form.
It may not be immediately obvious that your system
contains Spyware. Here are a few things to look for.
By completing this form once, you will have access to all similar
• Your homepage setting has changed
documents without needing to register again.
• You notice extra toolbars or icons that you did
not install
• There are Web pages on your “Favorites” list that
you did not put there
• You notice more pop-up ads than usual, many of
which may not be related to sites you view
• Your system is slower than usual or takes longer
to boot
Spyware can threaten efforts for
regulatory compliance
The presence of Spyware can compromise sensitive
and protected confidential information—posing a
risk to your corporation in many ways. Not only will
confidential trade information be at risk; any private
customer data or financial data may also be at risk
of leaking out—and such a leak could cost millions.
Recent legislative initiatives, including SarbanesOxley, HIPAA, and Gramm-Leach-Bliley require
corporations to take strong measures to safeguard
financial information, and the private information of
customers. A single Spyware infestation can search
out your customer database and send back credit card
numbers to a Spyware host, putting your customers
at risk of identity theft, and putting you at risk of
being held liable for the loss. Clearly, any compliance
initiative with regard to these or other state or federal
regulatory initiatives are well advised to include an
effective and comprehensive anti-Spyware program.
If you do not have a Web usage policy in your
organization, or have not enforced it using Web
filtering or other solutions, it is very likely that Spyware
is already present in your organization’s network.
Combating Spyware through a Unified Threat
Management approach
Despite the significant threat, users are still largely
unaware of Spyware’s prevalence and inherent
danger. A recent survey showed that 55 percent of
consumers don’t even know what Spyware is, and
only 40 percent run an anti-Spyware program more
than once a month. The fact that broad awareness
of Spyware is not yet high is dangerous, and the
first and most important way to combat Spyware is
through education. Make sure your users understand
what it is, what the risks are, and are instructed in safe
computing methods. A well publicized usage policy
that is understood by all, and uniformly enforced, will
be a major first step in stopping this threat.
In addition to procedural and policy-related steps,
there are existing technological steps that can be
taken to reduce or eliminate the presence of Spyware.
The anti-Spyware market is growing rapidly, and has
become one of the most talked about topics in IT
this past year. Security vendors are starting to offer
separate anti-Spyware products, or incorporating
anti-Spyware features in their existing products.
But despite the growing presence of “anti-Spyware”
solutions that take the form of single-point products,
most of these are ineffective and unnecessary.
There are so many different types of Spyware in
existence today that a single point anti-Spyware
Technical paper
solution is likely inadequate. A combination of policy
and procedural steps, along with proper use of
existing integrated technology, will go a long way
to eradicating Spyware from your network. If you’re
a Secure Computing client, there’s no need to buy
additional solutions or pay for expensive add-ons. You
can take strong preventative and reactive measures
against Spyware using Secure Computing’s existing
security products.
Spyware lives at the application layer, so conventional
packet-layer firewalls won’t prevent its entry. On
the contrary, a more comprehensive, holistic,
multi-layered approach is necessary to combat this
unique threat. Secure Computing’s Unified Threat
Management (UTM) strategy counters the threat of
Spyware effectively, at the same time it addresses
other malware such as viruses, spam, Phishing, and
other attacks.
Battling Spyware requires a unified threat
management approach, including:
• Preventing Spyware from being installed
• Detecting existing Spyware when it attempts to
contact its home base
• Blocking Web sites that are known to, or are likely
to have Spyware
Spyware: an annoying and dangerous problem you can eradicate
4
Prevention management
Prevention management, combined with inbound
detection, and user education, are the three layers
to best practices for online threat management. User
education and a prudent Web access policy, such as
restricting use of programs such as freeware, P2P,
www.securecomputing.com
and IM programs, will help prevent Spyware from
To access this document,entering
pleaseinto
return
to page
complete
the
your system.
But1intoaddition
to a good
form. SmartFilter
security policy, technological solutions are a must in
categories
combating spyware. Secure Computing products
Alcohol
Anonymizers
have measures in place that both prevent and react
Anonymizing Utilities
By completing
this form to
once,
you will
have access
to all
Art/Culture/Heritage
the presence
of Spyware.
Of course,
thesimilar
primary
Auction
goal to
is the
prevention
of Spyware installations in the
documents
register
again.
Businesswithout needing
Chat
first place, and Secure Computing has taken proactive
Computing/Internet
steps for keeping Spyware at bay from every possible
Consumer Information
Criminal Skills
entry point.
Dating/Social
Drugs
Education/Reference
Entertainment/
Recreation/Hobbies
Extreme
Finance
For Kids
Forum/Bulletin Boards
Gambling
Gambling Related
Game/Cartoon Violence
Games
General News
Government/Military
Gruesome Content
Hacking
Hate Speech
Health
History
Humor
Instant Messaging
Internet Radio/TV
Job Search
Malicious Sites
Media Download
Messaging
Mobile Phone
Moderated
Non-Profit Orgs/
Advocacy Groups
Nudity
P2P/File Sharing
Personal Network
Storage
Personal Pages
Phishing
Politics/Opinion
Pornography
Portal Sites
Profanity
Provocative Attire
Religion and Ideology
Remote Access
Resource Sharing
School Cheating
Information
Search Engines
Sexual Materials
Shareware/Freeware
Shopping/
Merchandizing
Spam Email URLs
Sports
Spyware
Stock Trading
Streaming Media
Technical/Business
Forums
Text/Spoken Only
Tobacco
Travel
Usenet News
Violence
Visual Search Engine
Weapons
Web Ads
Web Mail
Web Phone
Technical paper
However, Spyware does get into the network
through a variety of out-of-band means. Users take
laptops home, connect to the internet through
unprotected channels, and then link back to the
corporate network. So along with prevention, it’s
also important to detect Spyware that has slipped in
and is currently operating. When Spyware is installed
in your computer, it sends information back to its
home base without you knowing it. Sidewinder G2®
Security Appliance can be configured to prevent
the download of executable files, often the form
that Spyware programs take. And SmartFilter® can
prevent users from going to sites known to download
Spyware when viewed passively or actively, and with
its SmartReporter™ feature, can detect whenever
Spyware is sending information back out, and stop it
before any damage occurs. Secure Computing’s multilayered solutions don’t negatively impact the network,
and by reclaiming bandwidth lost to Spyware, will
likely even improve overall performance.
Following are descriptions of how Secure Computing
products can greatly help mitigate Spyware as a
problem in any organization.
What concerns corporate security departments is
that spyware can also be used to monitor keystrokes,
scan files, install additional spyware, reconfigure Web
browsers, and snoop email and other applications.
Some of the more sophisticated spyware can even
capture screenshots or turn on Webcams. Although
some spyware is installed with the user’s knowledge,
most programs have been slyly bundled with some
other free download.
IDC, Worldwide Spyware 2004-2008
Forecast and Analysis, November 2004
SmartFilter and Spyware
Much malicious code, including Spyware, enters the
network when a user visits a Spyware-infected Web
site. This is one of the main ways Spyware gets inside
networks. Therefore, unrestricted Web browsing
carries with it significant risks as the possibility of
Spyware entering into the network through non
work-related Web sites is very high. SmartFilter limits
and/or blocks access to known sites that could expose
users and your organization’s network to Spyware.
security protections include Spyware, Phishing,
Resource Sharing, Malicious Sites, P2P/File
Sharing, Spam Email URLs, Shareware/Freeware,
and Web Ads.
SmartFilter Web filtering keeps staff away from sites
containing pornography and inappropriate Web
material, which is advantageous for more than just
preserving productivity. Many of the sites included
in SmartFilter’s categories, such as Pornography
and Gambling, are notorious for including Spyware.
SmartFilter prevents users from visiting known Web
sites that host Spyware.
In addition to its security protections, SmartFilter,
with over 70 categories, is widely recognized as
having the most complete database of inappropriate
sites in the industry.
Specific anti-spyware protection
SmartFilter, unlike many other Web filtering solutions,
has distinct “Spyware” coverage, containing sites
that our experts have discovered to contain Spyware.
Disallowing access to sites in this category will
automatically prevent Spyware from these identified
sites from entering into your network. Additional
Additional security protections include Spyware,
Phishing, Resource Sharing, Malicious Sites,
P2P/File Sharing, Spam Email URLs, Shareware/
Freeware, and Web Ads.
Industry-leading Internet coverage
and accuracy sets SmartFilter apart
from other competitors
Spyware applications appear rapidly on sites, so
broad coverage and high accuracy in categorization
is necessary to provide strong Spyware prevention.
SmartFilter’s Spyware coverage is superior, backed
by its database that has received top industry ratings
by independent third parties. The reason for this is
Secure Computing’s uses a combination of advanced
technologies and a second-to-none multi-lingual Web
Spyware: an annoying and dangerous problem you can eradicate
5
www.securecomputing.com
analyst team, who performs specialized search and
detection technologies, including the use of custom
tools to harvest and categorize suspected sites on
a daily basis. This combination is the key to high
accuracy and excellent coverage, and for providing
non-stop search and identification benefits to
customers. This team:
To access this document,•please
return
to Web-crawler
page 1 to complete
Deploys
advanced
and heuristicthe
form.
technologies, along with spam and Phishing trap
More malicious Spyware
may come by more
stealthy methods. It
can come packaged
with spam, adult
entertainment Web sites
with disguised links,
and as a supplemental
payload in worms.
Generally, these Spyware
programs contain
more malicious code
such as zombies, key
loggers, and worms.
The intent can range
from controlling a
user’s PC, to launching
denial of service attacks
against other users, to
identity theft.
capabilities, to comb the Internet 24 hours a day,
seven days a week to identify malicious or risky
once,
Web you
sites. will have access to all similar
By completing this form
documents without needing
to ‘honeypot’
register again.
• Uses
and ‘sandbox’ computer labs that
IDC, Worldwide Spyware
2004-2008 Forecast and
Analysis, November 2004
SmartReporter—always on the
alert for spyware transmissions
With SmartReporter, IT administrators can easily drilldown using real-time snapshots of Internet traffic
to identify which users/machines have Spyware
installed and are attempting to transmit data back to
host servers. Finding and stopping this transmission
prevents damage from being done and private
company information from getting out and being
captured by host servers and the parties behind them.
SmartReporter also allows administrators to monitor
machines that have had Spyware removed to ensure it
has been completely eliminated.
allow us to find and test URLs to verify that they
host Spyware and other kinds of harmful code
• Brings a wealth of technical expertise and cultural
diversity that’s unmatched in the industry. Our
Control List coverage spans more than 60 different
languages.
• Harvests sites from other third-party sources and
experts dedicated to identifying Spyware.
SmartFilter provides strong overall coverage in all
of its other categories, many of which may also
cross over into containing Spyware threats as well.
Pornography sites, as previously mentioned as an
example, are the most notorious for hosting Spyware
applications. That’s why SmartFilter has very extensive
coverage in its Pornography category, and as a result,
provides unequaled protection against Spyware in
this area.
Real-time updates and protection
Because the face of Internet changes by the second,
constant vigilance is needed to maintain timely
security protections, excellent database quality, and
accurate coverage. For this reason, Secure Computing
provides real-time updates to ensure that customers
have the most up-to-date protection at all times.
As soon as risks are identified, SmartFilter provides
immediate protection.
Every SmartFilter feature and
advantage—at one price
Unlike competing Web filtering products that charge
extra for different filtering coverage, SmartFilter
provides all customers with every type of category at
one all-inclusive price, including Malicious Web sites,
Spyware, IM, Web mail, P2P, streaming video, and
all the rest. All categories are included with the basic
subscription, rather than sold at an additional charge.
Sidewinder G2 and Spyware
Spyware is often secretly bundled as a component
of a legitimate software application. As a result, it
can pass through traditional packet-filtering firewalls
easily. Sidewinder G2 as an application-level security
appliance offers a comprehensive set of configuration
options to identify and block spyware from entering
your network. Sidewinder G2 includes the world’s
strongest Application Defenses™ firewall/VPN. In
addition, it includes IPS/IDS, and optional embedded
modules providing anti-virus and anti-spyware, antispam, and content filtering (both using SmartFilter
and other content protective features).
Technical paper
Sidewinder G2 anti-virus and
anti-spyware protections
At the heart of Sidewinder G2’s ability to identify
and block spyware from entering networks is the
integration of the Sophos award-winning anti-spyware
solution. The Sophos anti-spyware solution has just
won the Checkmark award from WestCoast Labs
for its detection of 100% of spyware with no false
alarms. The Sidewinder G2 Sophos solution provides
organizations with reliable, manageable, and effective
protection against Spyware in the same way as it
protects against other threats, including viruses.
Spyware: an annoying and dangerous problem you can eradicate
6
Spyware detection, designed at the architectural level,
is an integral part of the virus detection engine.
To view the analysis and thousands of descriptions of
viruses and Spyware—all protected against by this
comprehensive feature—
visit http://www.sophos.com/virusinfo/analyses/.
www.securecomputing.com
To access this document, please return to page 1 to complete the
form.
By completing this form once, you will have access to all similar
documents without needing to register again.
• File type filters. With Sidewinder G2’s advanced
application filtering capabilities, restricting files
such as .OCX, .CAB, .EXE, .VBE or .DLL files, can
easily block a significant amount of Spyware before
it has a chance to enter the network.
• Spam and Phishing Email filters. A large percentage
of Spyware enters into the enterprise through spam
email or Phishing scams which ask users to download
a file or visit a Web site which contains Spyware.
Sidewinder G2’s integrated Cloudmark anti-spam and
anti-phishing solution, part of Secure Computing’s
Unified Threat Management solution, cuts Spyware
off at the source.
Sidewinder G2 Security Reporter
and Spyware
and the list goes on...
Sidewinder G2 and Content
Protection
Throughout the enterprise, content has taken an
increasingly important role as it has become much
easier to create, update and share information
electronically. But this reliance on content, whether it
is contained on the corporate Web server, intranet, or
on individual PCs, carries risks and the need to protect
against content that could include Spyware.
The comprehensive Sidewinder G2 appliance
line includes a powerful security event analysis
and reporting solution called the Sidewinder G2®
Security Reporter™. The Security Reporter collects a
vast amount of raw security data from one or more
Sidewinder G2 appliances in a global network, and
transforms it into a real-time dash-board view, sends
alarm notifications and creates easily readable reports.
The information is aggregated into a central database,
allowing users to view hundreds of reports with
valuable security insights in an easy to read, graphical
format. In addition, Security Reporter provides
network bandwidth utilization analysis tools to quickly
identify and react to network spikes often associated
with virus and spyware outbreaks.
Part of Sidewinder G2’s comprehensive
content protection is achieved through the
Sidewinder G2 Unified Threat Management
approach, which promotes and protects the easy
exchange of information without letting Spyware or
other threats pervade networks. The Sidewinder G2
content filtering capabilities combine the following:
• URL filters. With its superior On-Box™
architecture, most accurate control list, and
its specific “Spyware” category, SmartFilter’s
integration with Sidewinder G2 helps mitigate
Spyware threats.
• IM & P2P filters. Use Sidewinder G2 to block
employee use of Instant Messaging (IM) and
Peer-to-Peer (P2P) file sharing. This reduces your
exposure to viruses, Spyware, and other types
of malicious code, frequently introduced from
employee access to these Internet services.
• Java and ActiveX blocking. It is a simple matter for
the administrator to configure the Sidewinder G2 to
restrict access to Java applets and ActiveX content,
a policy that is highly recommended for secure
environments due to the presence of Web-based
malware written in these types of active code.
Technical paper
Spyware: an annoying and dangerous problem you can eradicate
7
Summary of recommendations for prevention
of Spyware
• Block unauthorized freeware and shareware
www.securecomputing.com
• Block peer-to-peer file sharing systems from
the network
To access this document, please return to page 1 to complete the
• Block Web sites that host Spyware
form.
• Regulate file downloads, such as IM or P2P
applications, and files with extensions that may
include
.exe
or .vbs,
and ActiveX
form once,
you
will
haveJava,
access
to all code.
similar
• Use anti-virus, anti-spyware, anti-spam, and antiphishing components to prevent Spyware from
entering into the network through rogue emails
and Web access.
For more information, visit www.securecomputing.com/
goto/spyware.
By completing this
documents without needing
to register
again. such as IM or P2P
• Regulate
file downloads,
applications, and files with extensions that may
include .exe or .vbs, Java, and ActiveX code.
Technical paper
Spyware: an annoying and dangerous problem you can eradicate
8
Related documents
PART 2
PART 2
Home Computer Security & Browser Tips
Home Computer Security & Browser Tips
Download
advertisement