|
Dealing with spyware and other malware has become a daily
challenge for IT staff. There's no lack of potential solutions
on the market, but finding an effective solution that also takes
into account other security and compliance requirements is a
whole other challenge. Most solutions only react to spyware
once an infection has occurred. The real answer to the spyware
problem has to be proactive prevention - simultaneously blocking
spyware from entering the network and preventing pre-existing
spyware installations from activating.
Rather than address the spyware security problem with the
traditional 'point solution' approach, FaceTime takes a broader
view. Spyware applications are addressed as part of the spectrum
of problems posed by greynets, which encompass both legitimate
and unauthorized real-time communications applications that
share a key common attribute - they are largely invisible to
the traditional corporate security infrastructure.
IM, P2P, Web browsing, and other real-time communications
channels can:
- Expose vulnerabilities and become vectors for spyware
distribution
- Establish undetectable outbound communications that
may facilitate data leaks
- Put organizations in breach of privacy legislation without
their knowledge
- Sap employee productivity and increase helpdesk costs
Spyware and malware exhibit many of the same traits as
legitimate Web applications such as web conferencing or VoIP
applications - evasive network behavior and stealthy
end-user-level deployment. For this reason spyware, unlike
viruses or worms, can be delivered by a plurality of
vectors, and so poses a different prevention challenge - one
that requires a multi-layered approach.
FaceTime
Unified Security Gateway (USG) pulls together
strategies that effectively prevent spyware from invading
corporate networks through an easy-to-manage approach that's
backed by the industry-leading strength of the FaceTime
Security Labs team:
- Protect all major real-time communications channels
- public and enterprise IM, industry-specific communities,
VoIP and other P2P networks, and WebEx chat
- Disable user access to known spyware infection sites
- Prevent installation of spyware applications, regardless
of the vector used
- Block spyware downloads and drive-by installs of known
spyware packages
- Detect and block spyware's "phone-home" activities
- Provide targeted remediation for infected PCs with no
client software
- Prevent spyware on both managed and unmanaged (remote)
PCs
- Clean only infected PCs with efficient targeted remediation,
avoiding resource-draining false positives
- Disable existing spyware installations and prevent re-infection
with patent-pending inoculation
- Identity-based access control and management to ensure
comprehensive matching of user names and machine identities
Defense-in-Depth Spyware Prevention
FaceTime's defense-in-depth approach to spyware
prevention begins at the gateway. Unified Security Gateway
detects and blocks incoming infections and uncovers existing
endpoint infections when the spyware starts trying to 'phone
home'. Unified Security Gateway reports these endpoint
infections to the Greynet Enterprise Manager (GEM), which
initiates FaceTime's patent-pending targeted Active
Remediation to clean the client and inoculate it against
future infections. The results of this clean-up operation
are recorded by GEM and aggregated with reports from all
Unified Security Gateway installations in the organization
to provide a comprehensive view of the state of spyware in
the enterprise.
Learn more about Unified Security Gateway, FaceTime's award-winning end-to-end
multichannel solution to protect enterprise networks against
spyware and other malicious greynet applications while ensuring
compliance and productivity.
|
FaceTime
Malware and Spyware Prevention