Can I Evade ScanSafe Anywhere+ ?

scansafe anywhere plusScanSafe just launched Anywhere+, a very cool web security service which is intended to provide web content security for roaming users.

Well, securing the laptops used by sales or marketing staff  *outside of the company’s premises* has always been a pain in the behind πŸ™‚ and I’m afraid this will not change overnight.

However, I find ScanSafe’s approach interesting and it might just work this time… but how does it work? Is it a proxy setting? Is it a VPN connection? Is it a browser plugin? I don’t know so I had to find out. I applied for a trial account and I hope I will get to the bottom of this issue soon.

Sure, the marketing presentation looks nice:

And so does the explanatory text:

  • Authenticates and directs your external client Web traffic to our scanning infrastructure. 
  • Numerous datacenters are located all over the world from Sydney to San Francisco ensuring that your employees are never too far from our in-the-cloud scanning services.
  • SSL-encryption of all Web traffic flowing to us improves security over public networks

So, I’m guessing that Anywhere+ alters the browser itself and no matter how you get on Internet, the web requests will be redirected to ScanSafe’s data centers where the response is checked for web malware.

This raises a few questions on the adoption of this technology:

  • User’s online privacy could be questioned – Lots of authentication pages don’t use SSL
  • If this technology is browser dependant (my money is on Internet Explorer), what would prevent a smart a$$ user to use a different browser such as portable apps

I wish ScanSafe Anywhere+ best of luck because the service is much needed and it’s distributed architecture looks promising.  And guys, please don’t forget my application for a trial version πŸ™‚

UPDATE:

I got an email from Spencer Parker, Director of Product Management at ScanSafe and here are some clarifications:

1. The software works at the protocol level, not application level. This means it works with any application that uses the HTTP or HTTPS protocols. This means if users go ahead and install another browser to bypass corporate proxy settings (which a lot do!) then the Anywhere+ driver still redirects the protocols correctly to the closest ScanSafe scanning tower.

2. We use an SSL tunnel to get all HTTP and HTTPS traffic to the scanning tower. It does this to add an extra level of security to the application (stop people sniffing your traffic at wireless hotspots etc) and for other reasons as well.

I’m still waiting for my trial account πŸ™‚



Thank you for reading this post. You can now Read Comments (9) or Leave A Trackback. Print This Post Print This Post

9 Responses to “Can I Evade ScanSafe Anywhere+ ?

  • 1
    James
    March 10th, 2008 05:15

    Nice little post. I was wondering if you got any further with the trial??

  • 2
    Ashley
    May 30th, 2008 01:28

    😯 Awesome, but I am araid not.

    ScanCenter provides a unique visual dashboard that simplifies the process of configuring and monitoring policy.

  • 3
    Simon
    July 10th, 2008 07:53

    I doubt you’ll get a trial account as this is focused on mid-tier and enterprise users.
    You might want to try a security partner.

  • 4
    Smith
    March 31st, 2009 07:52

    😈 I cracked there anywhere plus application without hacking the application or registery in 30 seconds.

  • 5
    charlie
    May 27th, 2009 15:36

    Hi

    I am a frustrated user of a company laptop that has Anywhere+ installed on it.
    I cannot get a the laptop to work from home when Anywhere+ is running, the
    only way to get an internet connection that doesn’t time out is to disable Anywhere+.

    Why oh why is this?
    Our useless IT department have reinstalled the software twice and fiddled with
    some connection to Germany!#? but to no avail.

    Can you help?

    Thanks
    Charlie

    ps: my broadband provider is Orange run over a BT line in the UK.

  • 6
    Smith
    May 28th, 2009 12:35

    Well here is how to do it. Go to the Anywhere+ dir, cut the .dll files from teh directory and place them someplace that is not in the system path. Reboot the system and anywhere plus service fails to start and you can go where you please. To re-enable the anywhere plus put the .dll files back and reboot. IT will be none the wiser.

  • 7
    McAfee Web Protection Service Review | Dragos Lungu Dot Com
    May 30th, 2009 10:14

    […] filtering and so far I presented 2 solutions which were released in the form of  SaaS : ScanSafe Anywhere + and McAfee Web Protection Service. Too bad I didn’t get to test  Anywhere+ but I just […]

  • 8
    Allan
    June 2nd, 2009 23:02

    Um, that won’t work if your admin has locked down the folder properly with Windows permissions, as the docs tell you to…

  • 9
    Steve
    May 11th, 2010 07:51

    Webroot also offers similar albeit it free and not requiring you to pay for it as Scansafe do. Also a lot of Scansafe clients have moved to Webroot finding the mobile support more secure, simpler and easier to deploy and manage.


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge