The InfoWorld Test Center assesses the readiness of 10 anti-spyware operatives for active enterprise duty
Creating a policy for my domain took slightly longer than other products due to odd organization in the Policy Manager. I was constantly jumping back and forth between tabs, trying to make sure I knew what I was selecting. Deploying a policy required clicking on yet another tab and then clicking the Update icon. My issues with the UI are purely personal; all of the options and choices are clearly marked with helpful descriptions. After an hour of working with it, I was more comfortable with the Policy Manager UI, but never at ease.
Because of all of the included features, there are a lot of choices to make when creating a policy. It is with the wealth of choices that Client Security overcomes its UI. One unique feature is the different security levels available in Client Security. Administrators can create one security policy for “office” users, and another for “everywhere else,” each with its own specific security settings. For instance, office users may have the personal firewall feature turned off, whereas a mobile user’s policy may enable the personal firewall when connected at a Wi-Fi hotspot.
With Client Security active and with all features enabled, there were 18 processes listed in Task Manager, consuming at a minimum 55MB of RAM. Unlike CounterSpy Enterprise and Tenebril SpyCatcher, there is no way to throttle up or down Client Security’s CPU usage. Whenever I launched a scan of my client PC, Client Security’s processes took up nearly 80 percent of processor time, greatly reducing system response.
The reporting engine was one of the stronger implementations in the group, coming in just behind McAfee’s system. F-Secure’s Web-enabled reporter worked easily and allowed me to slice and dice the collected data quickly to monitor activity on my network.
Overall, I found the combination of anti-virus and anti-spyware effective at preventing infection and at removing traces if a PC was already infected. The real-time scanner was adept at stripping both virus and malware out of the HTTP stream. With the real-time scanner enabled, I was never able to sneak anything past it.
LANDesk Security Suite 8.6
Long known as an enterprise management company, LANDesk aims to become known as an enterprise security company. Easily one of the most complex and scalable products in this roundup, LANDesk Security Suite 8.6 includes end point security, patch management, and security compliance with very good malware and spyware protection. Real-time protection was above average, blocking most attempts, and reporting was excellent.
Installation on my Windows 2000 Server was straightforward, with the tough part to come. Unlike Sunbelt CounterSpy, getting agents deployed and policy configured took quite some time and a bit of trial and error. By default, Security Suite doesn’t download all of the necessary spyware and malware definitions. I had to create an update task and choose what I wanted to retrieve. Next, I had to define my default Windows configuration, then assign PCs to that configuration. Finally I had to create a task to push this configuration information out to my clients.
I understand why LANDesk is designed the way it is: It’s hugely scalable. By making me define all of those items, it provides a multitude of configuration choices, with different policies and definitions for different workgroups or domains. My biggest knock against the UI is that while the tasks did indicate when a job was active or pending, some jobs took a while to complete, and I often wondered whether things were really happening. A progress indicator might be nice. A pop-up monitor provides some feedback, but it, too, leaves something to be desired.