Advanced Spyware Reports
Blue Coat Reporter provides the capability to track and view spyware activity on your network. This includes viewing reports for the following activities:
- Spyware traffic
- Spyware infected clients
- Blocked suspected spyware
Spyware Traffic:
Displays spyware (and adware) sites visited by the user such as Gator, iMesh, etc. In addition to server domains displayed, this report shows hits, page views, bytes uploaded and bytes downloaded from these sites. This report allows an administrator to get a better understanding of how many clients on his network are infected with spyware. This report is generated through four vectors of information including content security filters detecting spyware at the gateway and reporting on it, users visiting known spyware sites, spyware detected by WebAV scanning, plus Spyware calling home from infected systems.
Spyware Infected clients:
This report displays any client (by IP address and server domains) that has been infected with spyware and has made attempts to communicate with an external spyware site. The spyware communication is blocked if the ProxySG is using the Blue Coat spyware policy. A log file is generated by the ProxySG showing which clients are infected and which clients made attempts to communicate with external servers.
Blocked Suspected Spyware:
This report displays blocked suspected spyware sites through the use of content security filters, WebAV scanning (with ProxyAV) and special spyware URL categories. Blocked spyware sites are displayed in this report along with the application or executable such as Gator.com/autoupdate (a spyware application attempt) and dst.websearch.com/Dnl/T-50154/TBPS.cab (a drive-by install attempt).
Buy Now