CyberGuard WW 1000
Strengths: Good range of spyware blocking; high spyware protection.
Weaknesses: Hard to integrate with existing security measures; no dedicated client protection.
Verdict: Impressive range of tools, but might be difficult to integrate into a network with existing security tools.
This appliance is designed to monitor, scan and block internet-based threats. Its anti-spyware functions come from a range of different protection options, accessed through the appliance’s web front-end. For larger installations, you can also use the Global Command Center for centralized management.
The WW 1000 is designed to integrate with your existing network infrastructure, including proxy servers, and scan incoming and outgoing internet traffic.
It does not have a dedicated spyware protection as such, but each part of its protection helps to safeguard against infection.
First is URL filtering, which blocks access to malicious sites. One category has a spyware sub category, so blocking access to these sites increases network protection and helps prevent PCs from getting infected. You can also filter other web categories, and stop existing spyware sending data back to its target.
Next, there’s network antivirus, which detects some spyware threats, such as keyloggers. It can also be set to scan email.
Finally, there’s content security, which is used to protect your network against malicious code. It was quite successful in blocking ActiveX installs on our test PC. Content security can also be used to block known advertising sites and pop-ups, so you introduce a high level of security there and more preventative measures.
You can create different profiles for different parts of the company. It’s very easy to build policies, but you can also make global changes to all policies, particularly useful for blocking harmful content across the whole network. There is also an emergency lockdown button for the entire system.
With all three filtering methods working together, the majority of spyware installations were stopped quite easily. However, there’s no client-based protection, so you cannot remove existing threats and notebooks are not protected when they leave the network.
The multi-pronged approach to dealing with spyware is excellent, but it also means that it is not so easy to add CyberGuard’s anti-spyware product into an existing infrastructure.
That said, the appliance’s combined approach and wide range of tools mean that the WW 1000 gives an impressive depth of spyware prevention.