• 11 January 2013
  • 5 replies

Userlevel 7
Badge +6
What is the threat protection difference between WSA and DWP? I don't care about content filtering.

Best answer by browell 12 January 2013, 14:02

View original

5 replies

Userlevel 4
Howdy Explanoit!
This is a great question, and while there are some similarities between Webroot Secure Anywhere (WSA) and the Desktop Web Proxy (DWP) agent, which is a component of the Webroot Web Security Service (WWSS), there are some serious differences.
Both products leverage the Webroot Intelligence Network (WIN) for real-time, cloud predictive threat mitigation, which is just a flashy way of saying that they use the same technology and same pool of malware data to determine threats and it all happens in the cloud.
Excluding content filtering, the single largest difference is DWP/WWSS is providing protection against malware, purely for HTTP and HTTPS traffic; generally speaking, browser traffic.
WSA however, provides total endpoint protection (protection of the Operating System, Identity & Privacy protection, etc.) regardless of attack vector or where the threat is coming from (Web, local drive, USB drive, etc.).
Each product has other features and capabilities that are specific to it, but generally speaking, that about covers it.
Please let me know if you have more questions or need more detail.
Userlevel 7
Badge +6
Thanks Keith.
I'm still not quite solid on the difference. Are you saying that WSA is a total solution for endpoint protection while WWSS focuses on traffic logging and content filtering?
Could you go into more depth about why a customer would opt for WWSS when they have WSA, other than traffic logging and content filtering?
Badge +7
@ wrote:
Are you saying that WSA is a total solution for endpoint protection while WWSS focuses on traffic logging and content filtering? 
This!   Yes one of the main values of WWSS is the traffic logging and URL filtering capabilities.  But it also provides protection from malware downloads through a seperate set of AV engines.  So it adds another layer of malware protection to what you have with WSA. 
Userlevel 7
There are a lot of good reasons why you might want both.  Just to add a little to the discussion as far as malware specifically is concerned, I recently wrote an article about customized attacks originating from a USB device that is configured as a HID.  It gives one example as to why you might want to opt for having both solutions.  That thread is available over here.
Userlevel 5
Badge +23
I'm experiencing initialism overload.