FaceTime Enterprise Spyware Prevention Suite™

About FaceTime Enterprise Spyware Prevention Suite

FaceTime Enterprise Spyware Prevention Suite is the first and only integrated, anti-spyware solution that detects, prevents and automatically remediates spyware from infected PCs – without having to deploy desktop software.

What’s the Problem?

Spyware is ubiquitous. It’s getting onto corporate networks at an unprecedented rate. Why. Because it’s entering through multiple channels, in multiple guises, using multiple protocols. All of which means that a single point anti-spyware solution, whether it’s sitting at the gateway or on the desktop, cannot effectively prevent spyware from entering the organization.

Spyware is far more complex, and carries a far greater impact, than worms and viruses. Undetected spyware programs, operating below the radar of typical information security controls, endanger the confidentiality of corporate data including intellectual property, customer records, and user names and passwords. This uncontrolled 'phone home' traffic can slow desktops to a crawl, significantly reducing user productivity, which in turn increases calls to the helpdesk, raising IT costs.

Desktop anti-spyware solutions typically take hours to fully scan a user’s system, draining resources as much as the problem they are intending to solve – not to mention the helpdesk time needed to deal with the inevitable volume of false alarms, false positives, and other timewasters. Coupled with the operational complexity of managing yet another client-based product, such solutions are clearly not a viable long-term option.

A typical gateway solution is only filtering URLs, so its protective capabilities are limited to the web (HTTP) channel, leaving IM, P2P, and other less visible communications protocols unprotected. Add to this the continuing explosive growth of spyware-ridden sites and applications, and an increasingly mobile workforce that's not connecting to the Internet via the corporate network, and the limitations of relying on perimeter protection against spyware become all too apparent. What's needed is a multi-layered approach.

The Solution: Defense in Depth

Effective spyware prevention requires the intelligent harnessing and deployment of the most effective elements of both traditional approaches – gateway and desktop – integrated within a single management system and backed by targeted research. FaceTime’s Defense in Depth anti-spyware solution delivers on all fronts. The solution consists of two key components to deliver organizations unmatched efficacy and management of spyware in the enterprise:

1) RTGuardian 3.0 (RTG 3.0) - an anti-spyware gateway appliance at the perimeter, and

2) Greynet Enterprise Manager (GEM) - a centralized management, reporting and control server in the LAN. Gateway Detection and Prevention RTG 3.0 delivers gateway-based spyware detection and prevention to protect corporate networks against security threats on any communications channel.

FaceTime Enterprise Spyware Prevention Suite

- Monitors all possible protocols – HTTP, IM, P2P, and more – for spyware activity

- Blocks attempts by spyware to “phone home" with unauthorized data, thus preserving the integrity of corporate information

- Enables targeted remediation of infected PCs by identifying both machine and spyware application, avoiding the possibility of false alarms

- Blocks user access to known spyware sites, preventing accidental infections

- Stops “drive-by" installations of known and unknown spyware applications through unauthorized Web, P2P and IM communications

- Prevents unintentional downloads of spyware hidden within or co-opted by a seemingly helpful application using multiple behavioral factors

Desktop Targeted Remediation and Inoculation

Greynet Enterprise Manager (GEM) provides centralized control and management of client scanning, remediation and inoculation and is completely transparent to the user avoiding any impact on productivity. Any spyware application detected is isolated and rendered ineffective before it can initiate any “phone home" activity.

- Gateway alert triggers targeted scan or inoculation of any managed PC or group of PCs based on custom policies set by the administrator

- Full support for LAN attached and remote PCs, including road warriors’ laptops

- Patent-pending inoculation blocks new installations – freezes existing installations of spyware applications and isolates and protects PCs against re-infection without deploying client software

- Optional, transparent client can be pushed out ‘hands-free’ to inoculated PCs for removal and cleansing of spyware applications, or enterprises can utilize their existing desktop cleansing software

Real-time Research

FaceTime’s Greynet Research Database is the result of seven years’ working with customers to identify and address problems associated with greynet applications. Every instance reported by a customer is analyzed by security experts and incorporated as appropriate into our spyware database, enabling every customer to immediately take advantage of new detection and remediation through automated updates. By combining analysis of all greynet applications from IM to P2P to spyware, FaceTime Security Labs is uniquely well-equipped to provide organizations with the information they need to make informed choices about application behavior that will and will not be tolerated on their networks.

Low-overhead Management

FaceTime Enterprise Spyware Prevention Suite is centrally managed through a single console. Every component is self-configuring using the intelligence generated by the solution itself. System administrators need only review reports on a regular basis to maintain a 360-degree view of the network’s spyware protection status.