The Defense Information Systems Agency awarded Science Applications International Corp. and Computer Associates International Inc. a $6.9 million order to provide an enterprisewide spyware detection, eradication and protection product, which DISA calls "SDEP."
As part of the deal, CAs PestPatrol anti-spyware product will be installed on about four million systems owned by the U.S. Department of Defense and branches of the armed services, DISA (the Defense Information Systems Agency) said.
The deal is a major win for CA, and its a blow to anti-virus vendors Symantec Corp. and McAfee Inc., which already protect military systems from viruses.
The anti-spyware task order is part of I-Assure, a $1.5 billion contract to provide professional IT security services to the Department of Defense, according to a DISA statement on June 30.
SAIC (Science Applications International Corp.), which is the prime contractor, will help the military deploy the SDEP software and provide onsite training for military staff, said Sioux Fleming, CAs eTrust director of product management.
Like many other large organizations, the U.S. military is struggling with spyware, which is a term that is often used to describe legal programs that display advertisements and track surfing behavior, as well as key logging tools and Trojan horse programs.
Military networks are often infected after military personnel connect to those networks from poorly secured home systems or public computers, Fleming said.
"This isnt a problem thats specific to the military. Its a problem for everybody," she said.
The deal will almost double the size of CAs anti-spyware installation base, which currently stands at about 5.6 million consumer and enterprise seats.
Military men and women will be able to download and install the consumer version of PestPatrol at no cost, to use on their home computers which will help prevent infections from affecting systems that the military doesnt own, Fleming said.
The deal marks a departure for DISA, which has turned to major anti-virus vendors such as Symantec and its partner Northrop Grumman in previous I-Assure bids, including solicitations for desktop and server anti-virus technology and security intelligence services.
By putting a high premium on spyware detection and removal capabilities, the SDEP task order may have disadvantaged companies such as McAfee and Symantec, which have traditionally relied on their anti-virus engines to spot spyware and have lagged behind pure-play anti-spyware companies such as Webroot and PestPatrol, Fleming said.
Even though spyware detection and removal is very similar to virus detection and removal, leading anti-virus vendors were slow to join the spyware fight and waited to introduce stand-alone anti-spyware tools, said John Pescatore, vice president of Gartner Inc.
Symantec, for example, shipped an integrated anti-spyware product for its Norton Internet Security product in May, long after dedicated spyware companies such as Webroot and PestPatrol began selling their wares.
"Weve been talking about spyware for two and a half years," Pescatore said. "If Symantec had been building an integrated anti-spyware product from the beginning, theres no way they would have lost this contract," he said.
Symantec did not immediately respond to requests for comment for this story.
The Department of Defense is conducting a 120-day pilot deployment of PestPatrol to hammer out training and deployment issues.
Fleming said she has not seen a time table for deployment, but expects the military to move quickly to deploy anti-spyware technology on its systems.