Trying out Counterspy

On July 31, 2006, in Security, by

The day I have to make a decision is here…Windows Defender beta 2 as a temporary measure to wait for the Enterprise version of Windows defender… or try out Counterspy Enterprise from Sunbelt.

My concern about going with Windows Defender as a solution is that the definition updates are controlled with WSUS/auto updates.  And I can’t then make a granular ability to allow one thing to update while another one is on an approval basis.  I approve patches, but I want antispyware and antivirus to automatically get deployed.  Granted that may have it’s own risks, but it’s the way I’m comfortable with and the process I’ve built up.  To jump on the Windows defender bandwagon, I’d lose the ability to manually deploy patches when I want to…..

…so I’ll let you know how the Counterspy works…


6 Responses to Trying out Counterspy

  1. kwsupport says:

    I did beta testing of CounterSpy for Sunbelt. Rather than influuencing you good or bad, I will wait and see what you think of it!

  2. Dave Sobel says:

    I’m also curious what you think of CounterSpy. We use it as our solution at Evolve.

  3. Graeme Smith says:

    First – I don’t think Defender is actually very good! It simply fails to succesfully protect people who I call – “high risk tolerance” surfers who will click on evetything they should not.

    So once the nasty has slipped through and is running as a process – Defender’s MAJOR weakness (IMHO) is it’s inability to run in Safe Mode – because that is often the fastest way to get rid of most embedded spyware.

    We use a blended mixture of tools to get rid of problems once through the door. But our current favorite for keeping stuff out to start with, and dealing with the crap if it gets in is PC Tools’ Spyware Doctor. They seem to be right on top of the Spyware thing right now and their update engine is independent and fast.

  4. 4u3u says:

    With WSUS you can auto-approve certain types of updates for installation. In your case that would be ‘Signature updates’ type. It’s somewhere on wsusadmin, sorry don’t remember exact path.
    Or WSUS on SBS is lacking this option?

  5. Bucky says:

    4u3u is correct (unless WSUS on SBS doesn’t include the same automatic approval functionality).

    Automatic Approval Options
    Approve for installation
    Automatically Approve Updates for installation by using the following rule:
    Classifications: Definition Updates

  6. Sal says:

    I have deployed counterspy at several clients and I have been very happy with the product. There were times when counteryspy didn’t clean the existing spyware on the machine after the install. Once I cleaned it manually, i had great success protecting the cilents!