 |
Page 5 of 8
« Previous Page Next Page »
Where VirusScan Enterprise and Anti-Spyware shine is in the reporting capabilities. Rivaling only LANDesk in comprehensiveness,
VirusScan uses Crystal Reports and allows administrators numerous ways to view activity on the network, from top infected
machines to current outbreaks. Each report has a wide range of filters that can be applied to further create the specific
reports needed. Each report is interactive, allowing an admin to click and drill down for more detailed information.
Enterprise administrators are always looking to eliminate or minimize the number of consoles they have to deal with on a daily
basis. VirsuScan Enterprise and Anti-Spyware make excellent use of ePolicy Orchestrator, an awesome management platform. Its
real-time protection is weaker than that of some others, but its scanning and cleaning abilities are right near the top. Management
is inherently cumbersome due to all of the options available, but the excellent reporting engine makes ongoing monitoring
much easier.
Sunbelt CounterSpy Enterprise 1.5
CounterSpy Enterprise 1.5 was one of the easiest products to deploy and configure, with all policy options nicely tabbed and
logically laid out. Real-time protection was average, and follow-up scans proved to be effective at wiping any existing traces
away. I found the Crystal Reports engine to be just as easy to use, but reports didn’t benefit from Crystal’s drill-down feature.
CounterSpy Enterprise is a pure-play anti-spyware solution that does not include client firewall services or anti-virus protection,
although they are planned to follow soon. It does coexist well with the Windows XP firewall and Norton AntiVirus. Installation
was straightforward and one of the easiest to complete. I installed the management console on a Windows 2003 Server and easily
pushed the agent to my Windows XP Professional clients.
Policy creation is very intuitive and allows for quite a bit of flexibility. After a policy is defined, admins can add computers
to it by searching the Active Directory or by viewing PCs in the local workgroup. As the policy attempts to update the selected
PC, if the agent isn’t already installed, the Agent Deployment Wizard takes over and walks you through the process.
I like the simplicity of CounterSpy’s policy engine. It isn’t overwhelming, yet it provides enough granularity to meet most
needs. For instance, I was able to define different thread priorities and options for quick and deep scans, as well as different
run schedules. Each policy allows admins to specify how detected threats are handled, with different choices for real-time
and on-demand scans.
Reporting is good, if not overly exciting. CounterSpy uses the Crystal Reports engine, which makes it easy to print and e-mail
reports directly from the report viewer. Unlike McAfee ePolicy Orchestrator, CounterSpy doesn’t make full use of Crystal Reports
drill-down features to filter displayed data. Also, admins cannot create custom reports; they are limited to the seven reports
built into CounterSpy.
The update engine is streamlined and effective in retrieving and distributing new program and definition updates. Updates
are retrieved by the management console on a specified schedule, and admins can force an immediate check. Each policy has
its own settings for how often to check for updates, as well as an Update Now button.
CounterSpy’s agent installs five services on a client PC, with a small 16MB memory footprint. When a scan starts, however,
memory usage swells to over 62MB. Real-time protection, called Active Protection, was much like Trend Micro’s; it allowed
the malware to download and start running in memory, where it killed the process before allowing further execution. This process
was not always 100 percent successful, and it allowed a couple of adware pop-up applications to launch. By design, Active
Protection will stop a process from running, but it relies on a system scan to really remove the threat.
Quick and deep scans proved to be capable of eradicating leftover pieces of malware, with the deep scan checking more locations.
On subsequent reboots, I never experienced a reinfection of any malware that slipped through the real-time protection.
CounterSpy Enterprise is one of the most intuitive and configurable anti-spyware products in this roundup. The reporting is
good, if not flashy, and if its real-time protection were a bit more proactive, it would be hard not to make CounterSpy the
top choice for enterprise anti-spyware protection.
SurfControl Enterprise Protection Suite -- Enterprise Threat Shield
SurfControl Enterprise Protection Suite -- Enterprise Threat Shield blocks not only known malicious software, but also any
application defined as unwanted by the organization. Real-time protection was above average, allowing only one piece of adware
to sneak through. The reporting engine is browser-based, and the whole system uses MSDE -- or your existing SQL installation
-- for its data repository. Mobile users, meanwhile, only have some protection while disconnected.
Computer Associates eTrust PestPatrol Anti-Spyware Corporate Edition r5
Computer Associates, ca.com
|
| Good 7.6 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
 |
| Management |
7 |
20% |
|
| Reporting |
6 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
7 |
10% |
|
|
|
Cost:
For 100 users, $39.95 per user
Platforms:
Compatible with Windows 98 and later
Bottom Line:
Computer Associate’s eTrust PestPatrol provides very good detection and removal of installed spyware. Its administrative UI
is easy to install, maintain, and use, but its reporting is very limited. Real-time detection and prevention of initial spyware
installation is very weak: It allows spyware to install but prevents the processes from running.
|
|
About our Reviews and Scoring Methodology
|
|
Eset NOD32 2.5 Antivirus System
Eset, eset.com
|
| Good 7.2 |
|
| criteria |
score |
weight |
| Effectiveness |
7 |
50% |
|
| Management |
7 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
7 |
10% |
|
| Value |
7 |
10% |
|
|
|
Cost:
$2,060 for 100 enterprise users
Platforms:
Windows 95 and later, Linux OS Linux (Kernel 2.2.x, 2.4.x and 2.6.x, glibc 2.2.5 or higher); Novell NetWare 4.x and later
Bottom Line:
NOD32 Antivirus System has the potential to be a major anti-spyware player with a few enhancements, such as smoother, more
streamlined installation. Policies are flexible but building them is a chore. Reporting is very strong, allowing for many
different views into workstation histories. Detection and prevention is merely average: A small group of spyware slipped through.
|
|
About our Reviews and Scoring Methodology
|
|
F-Secure Anti-Virus Client Security 6
F-Secure, f-secure.com
|
| Excellent 9.3 |
|
| criteria |
score |
weight |
| Effectiveness |
10 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
For 100 users, $29.75 per user
Platforms:
Server: Windows 2000/XP/2003; client: Windows 2000/XP, F-Secure Policy Manager Console
Bottom Line:
F-Secure has rolled anti-virus, anti-spyware, and personal firewall protection into a single package. It has the best real-time
protection of any products in this roundup, stopping all attempts. On previously infected systems, detection and removal were
also first rate. Reporting is excellent, but it suffers from some organizational issues in the administrative UI.
|
|
About our Reviews and Scoring Methodology
|
|
LANDesk Security Suite 8.6
LANDesk, landesk.com
|
| Excellent 8.7 |
|
| criteria |
score |
weight |
| Effectiveness |
9 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
10 |
10% |
|
| Setup |
8 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $5,900 for the first year, $2,900 each year after
Platforms:
Server: Windows 2000/2003 Server; client: Windows 95 and later, Mac OS 9.22 and later, HP-UX, IBM AIX 5.1, NetWare 6.0, 6.5,
Red Hat Linux 7.3, 8.0, 9.0, Solaris 8, Suse Linux 9.
Bottom Line:
LANDesk Security Suite scales to any size and complements the already strong LANDesk product family. It has very good detection
and remediation, and its real-time protection is above average, although an IE toolbar did slip through. Reporting is top
notch but administrative overhead is considerable.
|
|
About our Reviews and Scoring Methodology
|
|
McAfee VirusScan Enterprise 8.0 with Anti-Spyware Enterprise Module 8.0
McAfee, mcafee.com
|
| Very Good 8.2 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
10 |
10% |
|
| Setup |
8 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $16 per user with 1-year support
Platforms:
Server: Windows NT 4 Server, Windows 2000/2003 Server; client: Windows NT 4, Windows 2000/2003/XP
Bottom Line:
The addition of Anti-Spyware Enterprise Module to VirusScan Enterprise provides a very scalable platform for protecting your
network from spyware and viruses. Reporting capabilities are excellent, but real-time protection is only average. Administration
is more difficult than that of most of the other products.
|
|
About our Reviews and Scoring Methodology
|
|
Sunbelt CounterSpy Enterprise 1.5
Sunbelt Software, sunbelt-software.com
|
| Very Good 8.5 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
9 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
For 100 users, $17.95 per user
Platforms:
Server: Windows 2000 and later; client: NT4 SP6a, Windows 98SE and later
Bottom Line:
CounterSpy Enterprise was one of the easiest products to install and maintain. Its real-time protection allows spyware to
install before terminating it, but its on-demand detection and remediation is very good. Reporting is good, but not as strong
as that of some others in this roundup.
|
|
About our Reviews and Scoring Methodology
|
|
SurfControl Enterprise Protection Suite - Enterprise Threat Shield
SurfControl, surfcontrol.com
|
| Very Good 8.3 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $1,530 for a perpetual, one-time purchase. Annual subscription to the Threat Shield databases, $1,874
Platforms:
Server: Windows Server 2000/2003; client: Windows 98/ME and later
Bottom Line:
SurfControl Enterprise Threat Shield is straightforward to install, and administration isn’t overly complex. Real-time protection
proved better than average. It relies, however, on being connected to a management server, so disconnected users lose some
protection. It has a very small memory footprint, even during an on-demand scan. Its reporting engine is very capable.
|
|
About our Reviews and Scoring Methodology
|
|
Tenebril SpyCatcher 4.0 Beta
Tenebril, tenebril.com
|
| Beta |
|
Cost:
For 100 users, $26.40 per user.
Platforms:
Server: Windows 2000/XP/20003; client: Windows 2000/XP/2003
Bottom Line:
SpyCatcher is an easy-to-deploy-and-administer anti-spyware solution with great detection and remediation. Real-time protection
doesn’t block spyware installations but does stop any process from launching. Reporting is good, but it lacks customization.
|
|
About our Reviews and Scoring Methodology
|
|
Trend Micro Anti-Spyware for Small and Medium Business 3.0
Trend Micro, trendmicro.com
|
| Very Good 8.1 |
|
| criteria |
score |
weight |
| Effectiveness |
8 |
50% |
|
| Management |
8 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 users, $17.85 per user
Platforms:
Server: Windows XP/2000/20003; client: Windows XP/2000/2003
Bottom Line:
Anti-Spyware for Small and Medium Business likely will be one of the best anti-spyware products available, once it matures
a little more. Real-time protection allows spyware to install before clamping down on it. On-demand scans and cleans work
well and remove any traces of spyware from a PC. Reporting could be made a little stronger if there were customization options.
|
|
About our Reviews and Scoring Methodology
|
|
Webroot Spy Sweeper Enterprise 2.5
Webroot, webroot.com
|
| Excellent 8.8 |
|
| criteria |
score |
weight |
| Effectiveness |
9 |
50% |
|
| Management |
9 |
20% |
|
| Reporting |
8 |
10% |
|
| Setup |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
For 100 clients, $25.97 per client
Platforms:
Server: Windows NT 4.0 and later; client: Windows 98SE and later
Bottom Line:
Spy Sweeper is one of the best all-around anti-spyware tools. It offers good real-time protection and excellent detection
and remediation. Spy Sweeper is flexible enough that administrators can easily create policies based on specific needs. Reporting
would be better if it allowed for customizable reports.
|
|
About our Reviews and Scoring Methodology
|
|
|
|
Keith Schultz is president of NetData Consulting Services.
|
|
|
|
- Special Advertising Partners -
|
|
|
|
|
WHITE PAPERS
|
|
|
|
|
|
Technology White Papers by Topic |
|
Technology White Papers E-mail Alert |
|
|
|
Find out when the latest white paper is available:
|
|
|
|
|
|
|
INFOWORLD MARKETPLACE
|
|
|
|
|
|
» BUY A LINK NOW
|
|
|
|
|
|
| FIND PRODUCTS AND COMPANIES |
|
|
What's the 411 on GOOG-411?
Just as Google has become synonymous with "performing a Web search," 411 is understood to mean "information" -- as in "what's the 411?" I was thus surprised to discover, from a billboard, no less, that the king of search is taking on the ...
Apple HTML source reveals 'iPhone Extreme'
"This one's a stretch..." reports AppleInsider.
Um, yeah. Reporting on HTML code sightings of product names could be called a stretch, but iPhone Extreme has a ring to it.
Now, that sounds like the product Apple should have released first, rather ...
Open Sources 
Product Management
When I joined MySQL four years ago, there was quite a lot of debate about product management. We didn't actually have ...
Zero Day
Botnet herders tending smaller flocks
New research backs up the theory that botnet operators are keeping their networks smaller in a continued effort to keep ...
|
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...