|
Enterprise Anti Virus
Products in this category provide desktop and server antivirus
products that are managed from a central location in your network,
typically an administrator's console. The console can manage antivirus
software installation, software updates, virus definition file updates, and scan
policies for all computers within your network.
Anti Virus Gateways
An Anti-virus gateway is a
product that works with or in addition to your servers and firewall to
scan inbound and outbound traffic for virus infections. There are a
variety of products, which have been listed in the categories that
follow.
Server Anti Virus
These products install on a
standard server, and work either as a proxy or with the mail package to
check traffic for virus infections. Some do mail-only, while others can
provide scanning for web traffic as well.
Firewall Anti Virus
These products are add-on software to firewall installations, that perform
the virus scans on all traffic flowing through the firewall, preventing
the virus infections from reaching the internal network.
ISA Server Anti Virus
The Microsoft Internet Security and Acceleration Server
(http://www.microsoft.com/isaserver/default.mspx) provides security for
the network and integration with a variety of Microsoft networking
solutions. Several products run on the ISA Server to provide anti-virus
filtering for all traffic flowing through the server.
Anti Virus Appliances
These are hardware/software combination "boxes" that are placed in your
network to perform anti-virus scanning. Many perform other functions
(anti-spam, content filtering, etc.) as well. They may be placed near
the firewall or near the mail server, depending on the functionality
offered by the product.
Anti Spam Desktop
Products in this category
install on the desktop and monitor for and remove spam at the time of
download by the user.
Anti Spam Mail Servers
These products install on, or
are part of, the mail server, and filter spam at the time of receipt by
the mail server, prior to delivery to the user.
Anti Spam Gateways
These products are separate
gateways that install in the network, monitoring for and removing spam
prior to reaching the mail server. It may be part of the firewall or
a separate piece of equipment.
|
|
Spyware Prevention
Spyware Prevention tools
can run on the workstation, or at the network perimeter.
Workstation software provides active monitoring and review of processes and programs as
they run, identifying potentially harmful actions and normally
requesting your approval or denial of the action. Network
appliances block spyware before arriving at the desktop, and prevent
previously-infected workstations from reporting back.
Spyware Removal
Spyware removal/detection
products scan your computer, looking for known spyware, adware, etc.
The success with which each product detects and removes the various
spyware instances often differentiates the products. It is normally
recommended to run two detection products, one free and one commercial.
Content Filters
Content filters do just what
the name implies, filter content. They can be for a single pc, or a
network. They are software and/or appliances. They can act just on web
browsing, or all traffic. They filter based on file type, banner
ads, URL, page content, images, executables, white lists, black lists,
categories, p2p, chat. They can log and record for monitoring and
reporting purposes. Most that filter based on URL come with a URL
database and update services.
Endpoint Security
Endpoint Security includes applications to control the use of portable
storage devices on the computer, encryption of the data on those devices,
and improvements in the devices themselves to secure the information on
them.
Network Access Control
Network Access Control (NAC)
products (also referred to as Network Admission Control, Network Access
Protection (NAP), or Network Quarantine) protect networks by
authenticating and authorizing users and computers prior to granting
access to the network. The implementation by each product varies widely,
using solutions such as DHCP servers, VPNs, or switch hardware. Some
solutions require endpoint software be installed on each client.
Full Disk Encryption
As the use of mobile computing
increases for business and governments, so does the risk of sensitive
information falling into "the wrong hands." Many businesses and
governments now mandate full disk encryption as a way to mitigate this
risk. This can be done through hardware or software, as an
individual or a centralized administration task or even as a managed
service. Many products perform FDE with the use of special
encryption chips or the TPM (trusted platform module) that is being
included in more and more laptops.
|
