Webroot AntiSpyware with AntiVirus
Strengths: Good centralised management, well-designed console, engine and definition updates virtually transparent, good reporting tools
Weaknesses: Full system scans take a long time, client heavy on local resources
Verdict: Client can be resource-hungry, but this offers stiff desktop anti-spyware measures with good virus protection
Formerly known as Spy Sweeper Enterprise, Webroot AntiSpyware Corporate Edition with AntiVirus aims to deliver protection from the two biggest external security risks to your desktops. The core component of this software-only solution is a server that handles download and deployment of the client software, as well as signature updates, centralised management and monitoring facilities. The server supports Windows 2000, 2003, XP Professional and Vista.
Installation is a reasonably swift affair and we had the Webroot server up and running on a Windows Server 2003 R2 system in minutes. However, remember that you must have SQL Server already installed. During the install phase you provide details for the server component and decide on a signature update frequency, which can range from hourly to weekly.
During installation you can streamline deployment by selecting preferences for the client component. The client can be kept invisible so users have no interaction with it. Webroot uses a variety of Smart Shields to protect clients, with the StartUp version stopping spyware from making modifications or additions to the registry. Shields are also provided for preventing spyware from reading, writing or executing files, blocking ActiveX controls being used to install software, stopping communications with dubious websites and sweeping memory.
All the action takes place at the Webroot console. First you deploy clients to view all available systems and choose those to receive the software. This is a simple process. We opted to make the clients available from the System Tray, where we could upload them, run manual sweeps locally and view the session logs and quarantined items.
We liked the transparency with which updates can be downloaded and deployed, as we didn't have to do anything during testing. If you wish you can change the download and client deployment frequencies from the console, but apart from that, Webroot can be left to look after the entire process. The console keeps a full history of all updates, so it's easy to keep track of the proceedings. Full sweeps are best scheduled for unattended hours as they can be lengthy and quite demanding. We ran a full scan on a basic dual Xeon system running Windows Server 2003 R2 and it took nearly an hour, during which time CPU utilisation never went below 50 per cent.
The Webroot client Shields worked well during testing. We visited a range of sites that were veritable cookie jars and watched the client shooting them down as they came in. Viruses were handled just as efficiently, with Sophos blocking our efforts to download infected files. It will also attempt to clean infected files and quarantine them if unsuccessful. You can easily keep an eye on client status from the console where they can be placed in different groups for easier management.
Reporting facilities are particularly good as you can set them for start and end dates and include entire groups or selected workstations. Webroot can reveal areas such as the top-five troublemakers, infection trends, general detection rates and how well the client shields are holding up. Some reports display the results as graphs but those that show a table allow the results to be exported to PDF, RTF, CSV and XLS formats.
Webroot has a fine reputation in the fight against spyware and the additional anti-virus measures add considerable value to the base product. We have concerns about the client's appetite for system resources, but were impressed with how easy it is to deploy and manage and how well the automatic updates are handled.