By Andrew Garcia  |  Posted 2006-09-11 Print this article Print

Management and architecture

With SSE 3.0, Webroot is starting to phase out Elevate Softwares DBISAM database used in previous versions of the product. Customers now can install SSE with Microsofts full SQL Server 2000 or SQL Server 2005 databases or with SQL Express 2005. While our SSE 3.0 installation using SQL Express 2005 was fairly straight-forward, we discovered that SSE 3.0 requires the database to use named pipe authentication (rather than Windows authentication). This requirement was not documented in the setup manuals.

The new database options have opened up SSE for improved reporting as well, although weve seen more robust reporting from competing solutions such as CAs Integrated Threat Management. SSE 3.0 includes several canned reports that enumerate spyware details, trends and status by host or group for a given period of time. By default, the reports are generated in PDF files for easy dissemination.

Click here to read a review of Spy Sweeper Enterprise 2.0. To scale signature definition delivery for larger organizations, we could install and configure Distributors on Windows-based servers or clients throughout the network. However, we were disappointed that we could not deploy Distributors via the Admin Console. We were required to manually install the package on the intended host, or we could deploy a Windows Installer .msi package via Active Directory. We then had to add the link to the Distributor in the administration console to synchronize the update directories.

Pushing the client agent to workstations from the Spy Sweeper management console could not be much easier—provided the workstation firewall is configured correctly. From the Client Install/Uninstall item under the Administration node, we simply selected the systems we wished to manage from the Network view and clicked Install. We could also install the client agent to target host names, IP addresses or IP ranges.

To push agents to client machines with firewalls configured, administrators must make sure to enable the Windows Firewall remote administration exception (via Microsofts Active Directory Group Policy or otherwise) that permits communications via DCOM (Distributed Component Object Model).

Unfortunately, SSE 3.0s Network View does not tap into LDAP to recognize or enumerate already-defined organizational structures within Active Directory, so we could not easily target deployment according to our domains Organizational Units or Groups. This also meant that we had to again organize our managed Spy Sweeper agents within Webroots management console.

According to Webroot officials, Webroot now offers a separate tool for performing a one-time import from Active Directory, but true LDAP integration wont come until Version 4.0 of SSE.

All management and reporting functions are performed in SSE 3.0s Admin Console, which is now fully Web-based. As part of the SSE Server installation process, an HTML-based Admin Console application is automatically installed on the server itself, but administrators can also manage the system via a Web browser from any host in the network, allowing multiple administrators to work simultaneously in the system.

SSE 3.0 allowed us to create multiple administrative accounts to the management console, but we were dismayed to see that we still could not assign SSE groups to administrators. Wed like to see Webroot add the ability to delegate administration to the appropriate IT person without requiring us to hand every administrator the keys to the kingdom.

Next page: Evaluation Shortlist: Related Products.

Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel