Every computer that connects to the Internet must have some form of anti-virus protection installed. The number and type of virus threats increase every year, with new ones appearing at an alarming rate. However, threats to the desktop are not limited to simple viruses, but often come as a coordinated attack via drive-by installation of malware and spyware. Further, not all threats are from the Internet: Unprotected vendor laptops can inject malicious programs directly into the enterprise, or malicious employees can siphon secrets to USB thumb drives. Security applications must be able to protect the desktop from both internal and external threats.
Because securing the client device – the endpoint, if you will – is so important, I decided to put five of the top enterprise endpoint security packages to the test. They include: Check Point Endpoint Security – Secure Access Edition; McAfee Total Protection for Endpoint 4.0; Sophos Endpoint Security and Control; Symantec Endpoint Protection 11; and Trend Micro OfficeScan Client/Server Edition 8.0.
All five products worked well in my test lab, performing their anti-virus and anti-spyware security duties flawlessly. However, there were other factors to consider in evaluating these products beyond the effectiveness of their virus and malware protection, as well as their other security services. I looked at how easy they are to administer, how straightforward it is to update and manage clients, and how well the systems report back the security health of the enterprise. I also considered OS support; some of the products support an array of platforms, whereas others are Windows-only.
Check Point Endpoint Security – Secure Access Edition
Endpoint Security - Secure Access Edition from Check Point is a good all-around package of client-security services for Windows users. The package includes anti-virus, anti-spyware, a desktop firewall, NAC, program control, and a VPN client bundled in a single agent. The browser-based management console is less cumbersome that McAfee Total Protection's, but it's also not as intuitive as that of Trend Micro OfficeScan. Check Point's reporting engine is very utilitarian but provides all of the information IT needs to keep up with the network's security status without information overload.
I installed Endpoint Security on a virtualized Windows Server 2003 server and had no trouble loading the associated applications. Endpoint Security's management platform runs on a Windows Server 2003 or Check Point SecurePlatform (Check Point's version of Linux). Unlike offerings from McAfee and Sophos, the Endpoint Security client supports only Windows 2000 Pro (SP4), Windows XP Pro (SP2), and Vista Enterprise.
Once up and running, the Endpoint Security management platform consumed more than 350MB of RAM (mostly in use by the included Web engine, Tomcat) but had minimal CPU impact on the server. The client claimed about 102MB of RAM, both at idle and during a manual scan, with a rise in CPU usage from about 0 percent to approximately 55 percent. As expected, Endpoint Security detected, caught, and handled all threats without fail.
Check Point's protection engine is based on anti-virus and anti-spyware technology licensed from Kaspersky Labs in addition to Check Point's own anti-spyware technology. This two-pronged approach uses both signatures and heuristics to detect potential threats before they land on the system.
| Test Center Scorecard | |||||||
|---|---|---|---|---|---|---|---|
 |  |  |  |  |  |  | |
| 25% | 20% | 20% | 15% | 10% | 10% | ||
| Check Point Endpoint Security - Secure Access Edition | 9 | 8 | 8 | 7 | 6 | 7 |
7.8
Good
|
| 25% | 20% | 20% | 15% | 10% | 10% | ||
| McAfee Total Protection for Endpoint | 9 | 8 | 7 | 9 | 9 | 8 |
8.3
Very Good
|
| 25% | 20% | 20% | 15% | 10% | 10% | ||
| Sophos Endpoint Security and Control | 9 | 8 | 9 | 8 | 9 | 9 |
8.7
Very Good
|
| 25% | 20% | 20% | 15% | 10% | 10% | ||
| Symantec Endpoint Protection 11 | 9 | 8 | 8 | 7 | 9 | 9 |
8.3
Very Good
|
| 25% | 20% | 20% | 15% | 10% | 10% | ||
| Trend Micro OfficeScan Client/Server Edition 8.0 | 9 | 7 | 8 | 7 | 6 | 7 |
7.6
Good
|
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
238 Recommendations
