Actiance
Malware and Spyware Prevention
Block Malware at the Gateway Before It Impacts the Business
Dealing with spyware and other malware has become a daily challenge for IT staff. There's no lack of potential solutions on the market, but finding an effective solution that also takes into account other security and compliance requirements is a whole other challenge. Most solutions only react to spyware once an infection has occurred. The real answer to the spyware problem has to be proactive prevention - simultaneously blocking spyware from entering the network and preventing pre-existing spyware installations from activating.
Rather than address the spyware security problem with the traditional 'point solution' approach, FaceTime takes a broader view. Spyware applications are addressed as part of the spectrum of problems posed by greynets, which encompass both legitimate and unauthorized real-time communications applications that share a key common attribute - they are largely invisible to the traditional corporate security infrastructure.
IM, P2P, Web browsing, and other real-time communications channels can:
- Expose vulnerabilities and become vectors for spyware distribution
- Establish undetectable outbound communications that may facilitate data leaks
- Put organizations in breach of privacy legislation without their knowledge
- Sap employee productivity and increase helpdesk costs
Spyware and malware exhibit many of the same traits as legitimate Web applications such as web conferencing or VoIP applications - evasive network behavior and stealthy end-user-level deployment. For this reason spyware, unlike viruses or worms, can be delivered by a plurality of vectors, and so poses a different prevention challenge - one that requires a multi-layered approach.
FaceTime Unified Security Gateway (USG) pulls together strategies that effectively prevent spyware from invading corporate networks through an easy-to-manage approach that's backed by the industry-leading strength of the FaceTime Security Labs team:
- Protect all major real-time communications channels - public and enterprise IM, industry-specific communities, VoIP and other P2P networks, and WebEx chat
- Disable user access to known spyware infection sites
- Prevent installation of spyware applications, regardless of the vector used
- Block spyware downloads and drive-by installs of known spyware packages
- Detect and block spyware's "phone-home" activities
- Provide targeted remediation for infected PCs with no
client software
- Prevent spyware on both managed and unmanaged (remote)
PCs
- Clean only infected PCs with efficient targeted remediation,
avoiding resource-draining false positives
- Disable existing spyware installations and prevent re-infection with patent-pending inoculation
- Identity-based access control and management to ensure comprehensive matching of user names and machine identities
Defense-in-Depth Spyware Prevention
FaceTime's defense-in-depth approach to spyware prevention begins at the gateway. Unified Security Gateway detects and blocks incoming infections and uncovers existing endpoint infections when the spyware starts trying to 'phone home'. Unified Security Gateway reports these endpoint infections to the Greynet Enterprise Manager (GEM), which initiates FaceTime's patent-pending targeted Active Remediation to clean the client and inoculate it against future infections. The results of this clean-up operation are recorded by GEM and aggregated with reports from all Unified Security Gateway installations in the organization to provide a comprehensive view of the state of spyware in the enterprise.
Learn more about Unified Security Gateway, FaceTime's award-winning end-to-end multichannel solution to protect enterprise networks against spyware and other malicious greynet applications while ensuring compliance and productivity.