Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    RFP: Anti-spyware Solutions

    By
    Andrew Garcia
    -
    May 15, 2006
    Share
    Facebook
    Twitter
    Linkedin

      As administrators deal with conditions of worsening desktop security, lost user productivity and reduced system performance, anti-spyware defenses have emerged as a necessary layer of protection for enterprise desktops.

      Anti-spyware solutions come in many forms, however, including stand-alone desktop-based protection, protections integrated with desktop anti-virus solutions and systems delivered via network-based gateway protections. This sample document is designed to help IT administrators develop an RFP for an enterprise-grade, stand-alone desktop anti-spyware solution.

      To identify the right solution when creating an RFP, administrators should have a good understanding of what the real problem is that needs to be solved, what the scope and size of the deployment will be, and what potential obstacles may currently exist.

      Protection and Research

      An anti-spyware solution is only as good as its research team and the signatures it generates—most anti-spyware products detect and clean only about 80 percent of malware. Customers should know ahead of time what types of threats are most critical to address and whether spyware or adware is of concern as a security, performance or productivity issue.

      What types of threats does your solution detect?

      • Spyware
      • Rootkits
      • Adware
      • Dialers
      • Trojans
      • Cookies
      • System monitors
      • Other (list)

      Does the solution provide cleaning and blocking services?

      Describe how blocking works.

      Blocking often relies on heuristic detection in addition to signature databases. Since false-positive rates can increase with heuristic detections, its worth getting to know how the software does it.

      * How are new malware samples identified?

      * How often are new signatures delivered?

      * Describe your research team.

      * How many members? Locations?

      Do you partner with any other research teams for additional signatures?

      Please list the teams notable awards or achievements.

      * How does your organization deal with requests to remove Web sites or applications from the detection list? Describe the submission and review processes.

      * What actions are taken if a status change is warranted? Are sites removed from the database, or is there a change of default recommended action?

      * How are customers notified of changes?

      Servers and Infrastructures

      Describe the various components of the solution infrastructure, including:

      • Policy server

      • Distribution server

      • Reporting server

      • Management console

      What are the minimum and recommended requirements for server components, including:

      • Supported operating systems

      • CPU

      • Memory

      • Disk space

      Please provide a scaling guide, describing maximum clients supported versus server specifications.

      Can server components be installed on separate machines, or must they all be installed together? Please list what communication ports are used between components.

      Database

      Describe the database included with the server installation package.

      Does the application work with existing enterprise databases? If so, list which databases are supported.

      Clients

      Which client operating systems are supported?

      • Windows Server 2003

      • Windows XP

      • Windows 2000

      • Windows 95/98/ME

      • Other (list)

      How much disk space is required?

      How much memory is consumed?

      • Under normal conditions?

      • During scans?

      What is the CPU usage during scans?

      Can administrators adjust via policy or manually?

      Does the client operate as an application or a service?

      At what point in the boot process does the anti-spyware product start?

      Does the service/process require local administrative rights to perform scans or cleans?

      Describe modes of operation:

      • User interactive

      • User alerting only

      • Silent (no user interaction or alerting possible)

      • Other (describe)

      Are there any known conflicts with other applications and services?

      As spyware threats have become more complex, anti-spyware programs have needed to reach deeper into the operating system to find and detect the threats, as well as to avoid tampering from outside sources. Administrators should take care to list in an RFP existing security or management applications to ensure that the anti-spyware program does not have known incompatibilities with any of them.

      Describe how agents communicate with server components. Please list any relevant TCP/UDP (User Datagram Protocol) ports.

      Describe any special concerns for clients traveling out of network.

      Does the client receive updates from the vendor?

      Does the client process shut down after a predetermined amount of time?

      Can the client report back to the server through an alternative method?

      Next Page: Client distribution, Updates, Directory integration, Policy control, Reporting.

      TKTK

      Client Distribution

      Does the solution include client distribution tools? Describe how they work.

      Can you create .exe or .msi files for deployment using existing software deployment tools?

      Is the server contact information hard-coded into the agent package, or can server assignments be changed from the console?

      Updates

      Does your product schedule definition updates for the primary servers and when clients check in for new definitions?

      What is the typical definition size?

      Describe administrative rights controls.

      Large enterprises often will have multiple administrators looking after an anti-spyware solution. An RFP should gauge the granularity of access controls to ensure IT managers have only the rights necessary to administer their corner of the solution.

      Can read access be set for some administrators and read/write access for others?

      Can administrator access be granted to only one particular group?

      Directory Integration

      Does the software tie in with Microsoft Active Directory to identify existing computers, groups and organizational units?

      Does the software integrate with directories other than Active Directory?

      Can additional groups be created and managed outside the Active Directory structure?

      Policy Control

      Can client scans be scheduled for individual computers or groups of computers?

      Can scans looking for subsets of threats (such as system monitors only) be run?

      Can threats be automatically quarantined with the option to restore, if necessary?

      Can exemptions for certain Web sites, applications or proc-esses be configured?

      Can Web site blacklists be configured?

      Reporting

      How many reports do you offer?

      Describe some unique reports.

      What formats can reports be exported to?

      What types of alerts are available?

      • In-console

      • SNMP

      • E-mail

      • Syslog

      • Pager

      • Other (list)

      Licensing and Maintenance

      What is the licensing cost per user per year?

      Volume pricing is likely available, so you will want to have the number of seats needed in mind when developing an RFP.

      Are there additional costs for server or reporting components?

      Describe the standard support agreement. Is it included in the license fee?

      What are the support operation hours?

      Describe any premium or advanced support contract options, including pricing.

      Technical Analyst Andrew Garcia can be reached at [email protected].

      Source: eWEEK Labs

      Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Avatar
      Andrew Garcia
      Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at [email protected]

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×