| Executive Summary:
We compare ESET Smart Security: Business Edition, McAfee Total Protection Service–Advanced, Sophos Endpoint Security and Control 8, Symantec Endpoint Protection 11.0, and AVG Internet Security Network Edition 8.0. All five products feature antivirus software, antispyware agents, anti-rootkit scanning tools, client firewalls, web scanning engines, and email scanners. |
Endpoint-protection products incorporate various technologies that monitor common ways
in which intruders can compromise your computer system’s functioning and information
privacy. Such products include antivirus software, anti-rootkit–scanning tools, client firewalls,
and email scanners. (See the web-exclusive sidebar, “Types of Endpoint Protection
Products, for a basic explanation of these
product types.) I review a sampling of five endpoint-protection products that incorporate
these features to help you get decide what will best protect your system.
ESET Smart Security Business Edition
ESET Smart Security Business Edition includes antispam and firewall features in addition to those found
in the company’s flagship ESET NOD32 Antivirus. Smart Security Business Edition features remote
administration, local update mirroring (which lets local systems get updates from local systems, reducing
Internet traffic and the load on the vendor’s servers), and the ability to install the product on both
servers and workstations protected by Smart Security.
Smart Security Business Edition comprises four installable components. Smart Security is the antivirus,
antispam, and firewall client piece that protects servers and workstations. ESET Remote Access
Server communicates with client systems, collecting status information and coordinating scan, update,
and configuration requests. You can deploy one or a replicated hierarchy of remote access servers in
various locations to suit your organizational structure. There’s a GUI console, ESET Remote Administrator
Console, which Figure 1 shows, and finally, threat signature updates, which Smart Security systems
can get directly from ESET company servers or from update mirrors that you can configure on Smart
Security or Remote Access Server systems.
Smart Security stores configuration parameters in XML files that you create by using the ESET
Configuration Editor. Although Smart Security’s components are highly configurable with dozens of
parameters, the basic initial configuration pattern is simple.
I used the console to install Smart Security to Windows Vista and Windows XP systems. The console
lets you browse the network, drag target systems to a list, select the appropriate installation configuration,
and install. Updating a client configuration requires using the Configuration Editor to create or
modify an XML configuration file.
You apply the update to clients using
an update task.
You can easily implement Smart
Security’s user-defined groups.
Each client can belong to several
groups, and you can select a subset
of systems to display via the console.
Administrators can choose one of
three ways to manage Smart Security’s
firewall: automatic, based on
ESET’s predefined rule set; interactive,
in which you create a rule the
first time you access a program or IP
port; or policy-based, in which you
configure the rule set to block undefined
communications.
Likewise, you can configure three levels of action when Smart Security detects
an infected file: Ask the user to choose an
action, automatically take the action earmarked
for that threat, or aggressively clean
all infected files. Automatic actions don’t
delete infected compressed archives that
also contain uninfected files; the aggressive
option does so.
ESET Smart Security Business Edition
PROS: Easy-to-use console; management server
can run on a workstation; update mirrors set up
easily for users with satellite offices; provides
many configuration options and XML-based
config files
CONS: Requires running an “update” job to apply
configuration changes
RATING: 4 out of 5
PRICE: $11.99 to $40.99 per endpoint, depending
on quantity
RECOMMENDATION: Recommended for
midsized-to-large organizations with satellite
offices and mobile users because of its solid feature
set and support.
CONTACT: ESET • 619-876-5400 • www.eset.com |
Smart Security is easy to install and
configure. Some users will appreciate the
layered configuration approach capability,
which lets you create configuration files that
affect only part of the full feature set. The
lack of named-policy–based configuration
makes more work for the administrator, but
ESET will tackle that need in an upcoming
release. Smart Security Business Edition is
the ticket if you’re looking for an easy setup
and support for multiple locations.
McAfee Total Protection
Service–Advanced
McAfee Total Protection Service–Advanced
includes the features of the standard version
of Total Protection Service (server and client
antivirus, antispam, and client firewall components,
McAfee SiteAdvisor, and Outlook
client email scanning) and adds licensing
to use McAfee Secure Messaging Service for
Small Business, which provides additional
antivirus protection and spam filtering.
You can manage the service using McAfee’s
SecurityCenter website, shown in Figure 2,
which sends weekly reports and gives you
configuration tools and on-demand access
to the status of your protected systems.
Protected clients communicate with the
Network Operations Center to provide status
information and download updates. A
feature called Rumor Technology lets computers
that lack a direct Internet connection
get their updates from another Total Protection
Service client. Designed particularly for
small organizations or those without an IT
infrastructure, this product offers an online
tutorial that walks users through the client
installation.
The McAfee Security Center status screen
shows the number of clients running up-todate
software and provides summaries of
filtered email and license usage. Each client
computer belongs to a nonhierarchical
group, and each computer in a group takes
on the configuration defined by the policy
assigned to that set. The default policy performs
on-access scanning for files (but not
within archives), prompting users to action
when it detects potential spyware, and lets
users configure firewall rules. Total Protection
Service automatically applies policy
changes to every client in assigned groups
at the next update interval.
McAfee Total Protection Service–
Advanced
PROS: Because product is a web service, it
requires no onsite hardware; client installs via a
web URL or an executable; relatively simple to
deploy and administer
CONS: Limited configuration and reporting
options
RATING: 4 out of 5
PRICE: Starts at $52.48 per client for a one-year
subscription or $78.71 for a two-year subscription
RECOMMENDATION: I recommend this easyto-
use product for organizations that have a
limited IT infrastructure and uncomplicated protection
requirements.
CONTACT: McAfee • 888-847-8766 •
www.mcafee.com/us |
I successfully used the browser/URL
method to install Total Protection Service to
Windows Vista and Windows XP systems.
You can also add antivirus, firewall, and
browser protection and choose a policy
group for the system to join.
McAfee TPS–Advanced is easy to operate
and manage. I recommend it for users who
want centrally managed endpoint protection
without the fuss of setting up a management
infrastructure.
Sophos Endpoint Security
and Control 8
Sophos Endpoint Security and Control 8
comprises the Sophos Antivirus engine,
Sophos Client firewall, and Sophos Network
Access Control (NAC). The Sophos Enterprise
Console, which Figure 3 shows, and
the Sophos NAC Console provide centralized
endpoint management.
Continue on Page 2