Spyware Blitz Spawns New Market

Security experts have a new, growing, and potent enemy: Spyware, which embeds itself into a host computer and drags down both the computer's and the network's performance, has become a growing concern in data centers.

For instance, the Green Bay Packers organization thought it knew how to neutralize blitzes and hard hits; yet nothing could prepare it for the crushing impact spyware delivered to its network.

"Spyware was crippling our network and putting our entire organization at risk each week with players, coaches, and staff depending on the Web for game planning and communications," said Keith Roskowski, computer systems technician for the National Football League team. "Spyware slowed down performance dramatically."

Some specialized security companies are coming to grips with Spyware, though you could say it's early days in the Spyware protection market.

Blue Coat Systems Inc. (Nasdaq: BCSI) and TippingPoint Technologies Inc. are addressing the spyware invasion and its harsh impact on network performance; each company believes it offers the best preventive” rather than “reactive” solution to this growing problem.“Unlike any other vendor, we are capable of stopping spyware installations from an unknown Website, where there is no known signature available to detect the malicious program,” says Tom Clare, director of product marketing at Blue Coat.

Clare says Blue Coat, which supplies its product to the Packers, is constantly updating its Spyware signatures to hunt them down in the network.

The company has started to grow in earnest; Blue Coat recently announced third-quarter revenues at $21.9 million, an increase of 63 percent compared to revenues of $13.4 million for the same quarter last year, and an increase of 4 percent compared to $21 million in the prior quarter.

David Endler, TippingPoint's "Director of Digital Vaccine," says his company's product has an early intervention approach, blocking Spyware at the installation point. “Unlike other spyware solutions that only scan and detect spyware, our product blocks spyware installation attempts,” he says.

According to Endler, TippingPoint applies behavioral analysis to block unknown spyware. Popular spyware techniques that the company claims to prevent include malicious use of browser features such as ActiveX and Browser Helper Objects (BHOs).Using specialized hardware and custom chips, TippingPoint -- which posted third-quarter revenues at $9.6 million, an increase of 44 percent compared to revenues of $6.7 million in the prior quarter -- inspects traffic through Layer 7 at gigabit speeds to block malicious traffic with microsecond latencies. Endler believes TippingPoints’ combination of algorithms and vulnerability-based filters allows it to process and deal with spyware quickly -- a difference, he claims, between its and Blue Coat’s solutions.

Endler also contends that TippingPoint's approach does not compromise network performance, allowing higher throughput than do competitors' products.

What does this all mean? Pete Lindstrom, analyst at Spire Security LLC, believes that the issue between Blue Coat’s and TippingPoint’s solutions simply boils down to “depth versus breadth.”

“Blue Coat is focused solely on the Web as an infection vector and -- because it’s a proxy -- it can get content analysis, which offers a more in-depth approach to spyware,” says Lindstrom. “However, TippingPoint’s solution sits on the network and sees spyware as one of many malcodes, thus offers enterprises a greater breath to addressing different threats… It just boils down to a question of depth versus breadth.”

— John Papageorge, Senior Editor, Next-Gen Data Center Forum0