|
|
|
|
|
|
 
|
|
ISP-Planet Survey: Managed
Security Service Providers
(Back to Article) Managed Anti-Virus and Anti-Spyware Chart |
|
Provider
|
AV / AS
Platforms |
Anti-Virus Scanning
|
Actions Taken
|
Anti-Spyware Measures
|
Logging & Reporting
|
Additional Comments
|
|
Altoria
|
NW-based MX Logic, SanaSoft, Symantec |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean, Quarantine. |
Blocks Back-Channels. |
Logs, detailed reports, config options provided via web interface. |
Uses McAfee & Sophos AV engines, updated every 5 minutes. Stops viruses before they can enter or leave customer network. |
|
AT&T |
NW-based [ No platforms enumerated ] |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean. |
Blocks Spyware URLs, Risky Content, Back-Channels. |
Statistics on Web Usage by User/Group, Category, Time, Spyware Prevented, Viruses Blocked. |
Scans any traffic sent in response to HTTP call (HTTP, FTP, etc) & most popular IM channels for viruses, spyware, or improper content. |
|
FiberLink |
Host-based TrendMicro, Webroot |
Inbound:
Outbound:
|
Log, Reject/Deny, Clean, Monitor. |
Periodic Host Scanning. |
Host events forwarded to central portal, where reports are provided to customer. |
Service requires customer to install Extend360 software on each end user's device. Ensures that Anti-Spyware software is active. |
|
Getronics
|
CPE-based McAfee, MessageLabs |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean, Quarantine. |
Blocks Spyware URLs, Risky Content, Back-Channels. |
Logs & reports for historical & analysis purpose detail malware type, frequency, time of day. Can identify individuals engaging in risky behavior. |
Available standalone & with Managed Firewall/AV/Spam Gateway. Scanned protocols vary. MSSP offers CPE scans & SOC vulnerability scans. |
|
Provider
|
AV
/ AS |
Anti-Virus Scanning
|
Actions Taken
|
Anti-Spyware Measures
|
Logging & Reporting
|
Additional Comments
|
|
IBM
ISS
|
CPE-based ISS Proventia M |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean, Quarantine. |
Blocks Risky Content. |
Detailed access to virus log data, with the ability to query, sort, filter, & correlate across multiple device types & platforms. |
CPE hosted by customer or MSSP. Standard feature of both Proventia-based Managed Protection & Managed Firewall services. |
|
IBM
ISS
|
CPE-based TrendMicro VirusWall on Checkpoint, Cisco, Juniper |
Same as above. |
Same as above. |
Same as above. |
Same as above. |
CPE hosted by customer or MSSP. Add-on for Managed Firewall services that have been deployed on non-ISS platforms. |
|
MegaPath |
CPE-based or NW-based Fortinet |
Inbound:
Outbound:
|
Log, Quarantine. See IDS Table for event response. |
— |
Weekly & monthly exec reports provide strategic threat summary, while detailed reports provide tactical attack details. |
72 hr SLA on signature update for new attacks. |
|
Perimeter |
NW-based:
CPE- based:
|
Inbound:
Outbound:
|
Log, Reject/Deny, Clean, Quarantine. |
Blocks Spyware URLs, Risky Content, Back-Channels. |
Reports available via end user portal at the customer level to view all details of virus & spyware activity. |
CPE hosted by customer or MSSP. |
|
Provider
|
AV
/ AS
Platforms |
Anti-Virus Scanning
|
Actions Taken
|
Anti-Spyware Measures
|
Logging & Reporting
|
Additional Comments
|
|
Secure
Designs
|
CPE-based SonicWALL |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny.
|
Blocks Spyware URLs, Risky Content, Back-Channels. |
Reports provided through support portal. Raw logs archived & available on customer request. |
Delivered as Managed Firewall Service option. |
|
SecureWorks
|
CPE-based iSensor |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Quarantine.
|
Blocks Spyware URLs, Risky Content, Back-Channels. |
Customers can view virus & spyware activity details via portal, including source/target & impacted systems. |
AV service is bundled with Managed IPS offering. |
|
Solutionary
|
CPE-based Cisco, Fortinet |
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean, Quarantine. |
Blocks Spyware URLs, Risky Content, Back-Channels. |
Alerts & logs provided to customers via e-mail, paging, phone, portal. |
Logs that indicate potential virus or spyware activity are immediately escalated to SOC for analysis, then to customer with remediation recommendations. |
|
Symantec
|
NW-based Symantec |
Inbound:
Outbound:
|
Log, Reject/Deny, Clean, Quarantine. Strip Attach. |
— |
Reports detail sender, recipient, header info, virus name & action taken. Viruses & infection rate for day, week, month. Top 10 viruses by name. |
Sender/recipient custom notifications. When mass mailers are detected, messages are rejected w/ no sender/recipient notification. |
|
Unisys
|
NW-based: CPE-based:
|
Inbound:
Outbound:
|
Log, Drop, Reject/Deny, Clean, Quarantine. |
Blocks Risky Content. |
All actionable events regarding AV/AS transactions are logged & made available to customer via portal. |
CPE-based service, hosted by customer or MSSP, covers anti-virus, spam, & malware. NW-based service uses MessageLabs for text & imaged content control. See Managed Web Filtering service for other protocols. |
|
Provider
|
AV
/ AS
Platforms |
Anti-Virus Scanning
|
Actions Taken
|
Anti-Spyware Measures
|
Logging & Reporting
|
Additional Comments
|
