Adware solution for large network?

D

Davenow

Gawd
Joined
Aug 8, 2003
Messages
955
I am looking for something to streamline the process of stopping/eliminating adware/spybots on our network, say roughly 60-70 users.
Basically our users are a bunch of idiots, they click yes to EVERYTHING, its not uncommon to run spybot/adaware and find 200-400 pieces of spyware/adware on their machines. What I want to do is find something that will either block the adware/spyware from our network, or some way or blocking it from installing on their machines. We have discussed making them all "restricted users" but that isnt an option for many of them as that would block them from running programs they need to do their jobs.

Any ideas?
 
I believe pest patrol runs like an antivirus program and catches them as they enter the system. But then it would be up to you or the users to delete or keep the spyware.
 
So far I have found
Pest Patrol -- nice server based
Spysweeper Enterprise -- nice server based

Giant AntiSPyware-- individual installs, was told it does better than spybot/adaware put together, I guess if filters/scans as things com in. Detects/stops it from being installed.
 
ive used both of those programs and work in a situation identical to yours, and dont recommend them at all. What we implemented instead was an internet filter to simply severely limit what sites they can visit, and enforce the rules strictly with bannings from all net activity in extreme instances. I know it sounds harsh, but we havent had one instance of spyware in over a year now. We currently use SurfControl and just built up a lengthy list of identifiable terms and sites users can and cannot visit, and it is surprisingly effective. Since most of us IT guys basically know what crap to look out for on a suspicious site, its not that hard to formulate that into a list for a proxy to look at. Users simply get the red hand of death on certain 'objectionable' sites. We also choose to run ad-aware by hand routinely on each user machine when we feel like it. On avg, each machine gets scanned once per month. Combined with a nice firewall, its easy to spot a possibly infected machine.

Now if you were dealing with 100 or more users, i'd suggest actually buying ad-aware professional with a mass license and have all the machines auto-update and scan themselves (especially since it has a resident shield).
 
uvi said:
ive used both of those programs and work in a situation identical to yours, and dont recommend them at all.
Click to expand...

Can you give me more specifics? What did you not like about them?
 
>> what UVI said...

A real enterprise solution would be to stop it at the perimeter and gateway.. before it has a chance to get to any workstations or servers.

Application layer aware firewalls or content proxy servers are the answer. Checkpoint, ISA Server, Border Manager, Cisco, Netscreen... etc.. offer some type of a full packet inspection solution, including access controls and http content filters too. Some solutions require third party plug-ins. There are also some very nice open source content proxy solutions out there too...

You would still have to clean up already infected workstations though... :eek: :)
 
Trend Micro OfficeScan 6.5

Client-side antivirus scanning AND spyware/adware detection/removal (including related regkeys). They've also got a free utility to run on clients that will remove SPAM from Outlook. You dont need any trend products to be able to use it.

If you get NeatSuite, you'll get ServerProtect (their AV client for servers), OfficeScan 6.5, Trend Micro Control Manager (centralized mgmt for everything), and I'm pretty sure you'll get mail filtering, and gateway HTTP/FTP content/virus filtering.

The Trend stuff is REALLY hard to beat. We use it in a 150-client environment, and the guy I work with was using it in a 30,000+ client network, so it's very scalable.
 
Boscoh said:
Trend Micro OfficeScan 6.5

Client-side antivirus scanning AND spyware/adware detection/removal (including related regkeys). They've also got a free utility to run on clients that will remove SPAM from Outlook. You dont need any trend products to be able to use it.

If you get NeatSuite, you'll get ServerProtect (their AV client for servers), OfficeScan 6.5, Trend Micro Control Manager (centralized mgmt for everything), and I'm pretty sure you'll get mail filtering, and gateway HTTP/FTP content/virus filtering.

The Trend stuff is REALLY hard to beat. We use it in a 150-client environment, and the guy I work with was using it in a 30,000+ client network, so it's very scalable.
Click to expand...

another vote for trend micro, i love its ability to run w/ very low resources being used.
 
You must log in or register to reply here.
Back
Top