* Network Anti-Spyware-A healthy crop of anti-spyware appliances has emerged to complement desktop anti-spyware. Stopping spyware at network trust boundaries avoids over-dependence on desktop defenses. Network appliances let you uniformly enforce anti-spyware policies on all users, including contractors and visitors. When a new threat emerges, or you decide to permit business use of a P2P program, anti-spyware appliances can apply the modified policy immediately. Appliances provide a single point for spyware quarantine, reducing the risk of desktop infection and costly clean-up. Finally, anti-spyware appliances are less likely to fall victim to spyware. like mal ware that tries to disable desktop security programs.
However, network anti-spyware is no panacea. As with any perimeter defense, anti-spyware appliances cannot stop installation of spyware that originates inside the network (e.g., NonBizWare installed from USB stick). Network-based solutions must balance security and performance to avoid becoming bottlenecks. They may not excel at making per-user exceptions or desktop remediation. Finally, network anti-spyware cannot protect laptop users when they work (and surf the Web) remotely.
Combining desktop and network anti-spyware creates a layered defense that is more robust and resilient than either would be alone. In fact, some vendors offer both solutions, leveraging common components like management tools and signature databases.
What functions can you expect from an antispyware appliance?
* A network appliance is a convenient place to filter outbound HTTP requests, blocking installer downloads, known spyware URLs, and black-listed domains.
* A network appliance can also strip active content from HTTP responses, including ActiveX controls, Java applets, scripts and banned S/MIME types.
* After filters are enforced, an appliance may use signatures to scan inbound application payloads, quarantining suspicious data objects.
* A network appliance may also block adware and spyware back channels, including P2P protocols like ICQ and malware that sneaks out on port 80.Continued