Fast and Effective Endpoint Security for Business 2012 Comparative Analysis August 2012 Document: Authors: Company: Date: Edition: File: Fast and Effective Endpoint Security for Business – Comparative Analysis M. Baquiran, D. Wren PassMark Software 22 August 2012 1 Fast and Effective Endpoint Security for Business 2012 - Ed1.
Fast and Effective Endpoint Security for Business PassMark Software Table of Contents TABLE OF CONTENTS......................................................................................................................................... 2 REVISION HISTORY............................................................................................................................................ 3 REFERENCES..................................................................................................
Fast and Effective Endpoint Security for Business PassMark Software Revision History Rev Edition 1 Revision History Date First edition of the document. Performance charts and comparative reviews added.
Fast and Effective Endpoint Security for Business PassMark Software Introduction Endpoint protection is no longer an optional security measure for businesses. In this technology driven age, every business is now susceptible to the damages caused by malware (ranging from productivity loss to confidential and financial data theft), and endpoints have become the most vulnerable and targeted point of attack.
Fast and Effective Endpoint Security for Business PassMark Software Ratings and Summary Passmark Software has given each security product a rating which reflects its overall performance, ease of use, design, features and level of excellence in that category. Categories represent major functions or feature sets common to the sphere of business security.
Fast and Effective Endpoint Security for Business PassMark Software Rating Categories The table below describes the criteria and factors which were considered for each business security solution in each category to determine a rating. Evaluation categories were determined prior to testing and were chosen as a set of expected features or functions which define business security products.
Fast and Effective Endpoint Security for Business PassMark Software Task Description PassMark Software has conducted performance benchmark testing and subjective comparative analysis on the overall ease of use, speed and effectiveness on seven (7) business security software products.
Fast and Effective Endpoint Security for Business PassMark Software Products and Versions Tested Product Name Server Component and Version Client Component and Version Remote Administrator: ESET Endpoint Security v5.0.119.0 ESET Endpoint Security: ERA Maintenance Tool: v5.0.2122.1 v5.0.119.0 Kaspersky Endpoint Security Kaspersky Security Center: Kaspersky Endpoint Security: v9.2.69 v8.1.0.646 VirusScan Enterprise + AntiSpyware Enterprise: v8.
Fast and Effective Endpoint Security for Business PassMark Software Performance Benchmark Results The following performance categories have been selected as ‘real-life’ metrics which may impact heavily on endpoint system performance and responsiveness. These benchmarks allow the comparison of the level of impact that business security software products may have on endpoint machines. Products with good performance will have less impact on business activities, workflow and productivity.
Fast and Effective Endpoint Security for Business PassMark Software On Access Scan Time Perform everyday tasks faster On Access scanners are constantly monitoring a system for suspicious behavior. They are activated any time a program interacts with resources in memory or over the network. The performance of frequently carried out tasks can be impacted significantly by the overhead required to scan these tasks.
Fast and Effective Endpoint Security for Business File copy time for large files PassMark Software Sophos 121.57 Copy your media files more quickly Copying large files between directories may similarly be affected by poor performance of anti-malware functionality in business security products. This metric measures the total time taken to copy a set of large files between directories, where an endpoint security product has been installed.
Fast and Effective Endpoint Security for Business File Copy, Move, & Delete PassMark Software McAfee 22.09 Copy, move, and delete files more quickly Security products need to monitor system activity every time a file is moved, copied, or deleted. The time required to carry out these tasks can be greatly increased by poorly performing security products.
Fast and Effective Endpoint Security for Business Memory Usage during Full System Scan Reduce memory usage when carrying out a full system scan Full system scans can be resource demanding and long in duration, thus memory usage should be minimized so that other tasks and processes may still function without system performance being slowed significantly. This metric measures the additional memory usage during the running of full system scan on an endpoint.
Fast and Effective Endpoint Security for Business Server Memory Usage during System Idle Have more system resources for your server to maintain and monitor endpoints Extensive memory (or physical RAM) usage by management servers during idle can have significant impact on the security of dependent endpoints.
Fast and Effective Endpoint Security for Business ESET Endpoint Security Review Summary Overall Rating Installation & Configuration Migration Default Policies & Policy Management Client Installation Interface Design Client Management & Remote Management Updates Effectiveness Performance Pros Very little system impact on endpoint and server machines (fastest, best overall performance) Initial Setup and configuration took only a few minutes Low traffic overhead for updates Policy , client, and ro
Fast and Effective Endpoint Security for Business manually and exported and imported to create a new policy. Documentation in the ERA user guide is sufficient and covers basic information, although would benefit from having a dedicated section on migration, as related information was interspersed within the ERA Installation section. ESET provides a “Rip and Replace” service for US & Canada customers which is applicable to ERA v2.0 and higher and a range of competing solutions.
Fast and Effective Endpoint Security for Business PassMark Software entries. Important data such as errors, warnings, and importance level are viewable at a glance. At times the interface may feel quite compact, but this also means that less is hidden. The ERA web dashboard uses an AJAX based interface that is customizable and aesthetically pleasing. Windows can be reorganized, and graphs are tastefully colored with pastel gradients fills. The EES interface is simple but well laid out and organized.
Fast and Effective Endpoint Security for Business Kaspersky Endpoint Security Review Summary Overall Rating Installation & Configuration Migration Default Policies & Policy Management Client Installation Interface Design Client Management & Remote Management Updates Effectiveness Performance Pros Initial configuration was quick and easy Wizard-based configuration eases administrators into management Relatively low traffic overhead for updates Policy and Client management is flexible One-click
Fast and Effective Endpoint Security for Business When deploying client software, administrators are given the option to automatically remove incompatible third-party security software. Default Policies & Policy Management 4.5/5 On installation, KSC creates a single default policy for Kaspersky Endpoint Security (KES) 8.0. Default policy settings were reasonable, with all basic Anti-Virus features being enabled at the recommended medium security level.
Fast and Effective Endpoint Security for Business among other color conventions. The client interface is aesthetically pleasing, appropriately sized and simple, having two main tabs, Protection and Control and Settings. Client Management & Remote Management 4/5 As with ESET’s product, the KSC Administration Console can be installed on a separate computer to the Administration Server for remote management. While online documentation indicates that KSC supports configuration of permissions (e.g.
Fast and Effective Endpoint Security for Business McAfee Total Protection for Endpoint PassMark Software Installation and Configuration 3/5 The installation of McAfee ePolicy Orchestrator (ePO) 4.6.0 was a much longer process than that of ESET and Kaspersky’s products, taking around 30 minutes to complete. The process was not particularly smooth, requiring that setup be restarted after required prerequisites were installed. In addition, we ran into an error specific to Windows Server 2008 R2.
Fast and Effective Endpoint Security for Business Default Policies & Policy Management 2.5/5 Upon installing ePO, several default policies are created, including 3 policies for McAfee Agent labeled "McAfee Default”, having one for each category, General, Repository, and Troubleshooting. Similarly, there are another 3 policies labeled "My Default" and a "Large Organization Default" policy. The policy catalog displays policies by product and category.
Fast and Effective Endpoint Security for Business Deployment, Trends, and an ePO Summary. Client software components, including VirusScan Enterprise and McAfee agent, are functionally well designed but look plain and outdated. Client Management & Remote Management 4/5 Administration is performed from a web-based console, so management can be performed remotely from anywhere on the network.
Fast and Effective Endpoint Security for Business PassMark Software Installation and Configuration Review Summary Overall Rating Installation & Configuration Migration Default Policies & Policy Management Client Installation Interface Design Client Management & Remote Management Updates Effectiveness Performance Pros Interface is elegant and familiar SCCM is used for a wide range of purposes Performance is fairly good Cons Provided and online documentation is scarce and very poorly organize
Fast and Effective Endpoint Security for Business Migration PassMark Software 1/5 There have been several vastly different (and incompatible) enterprise security offerings from Microsoft. Microsoft's earlier solution, Forefront Client Security (supported from 2007 to 2010) runs on a custom version of Microsoft Operations Manager 2005, while the new Endpoint Protection 2012 is part of the System Center 2012 platform.
Fast and Effective Endpoint Security for Business Windows 7 look-and-feel and integration with Windows Action Center makes it one of the more approachable and familiar to use. PassMark Software to be ultimately restricting compared to the other remote management features offered by competing solutions. Updates 1/5 Unfortunately, there were no update policies created by default.
Fast and Effective Endpoint Security for Business Sophos Endpoint Protection 10 Review Summary Overall Rating Installation & Configuration Migration Default Policies & Policy Management Client Installation Interface Design Client Management & Remote Management Updates Effectiveness Performance Pros Documentation is very clear and in-depth Interface is familiar and intuitive to use Migration is fairly automated Cons Performance is only average (large client installation size, slow On-Access s
Fast and Effective Endpoint Security for Business upgrading all computers) or completely in one step. The latter process can be performed simply by configuring the Software Subscriptions window, allowing the Console to download updates that will then be used to upgrade the endpoint software automatically. Another convenient migration feature is that the Sophos client Installer also removes third-party software automatically.
Fast and Effective Endpoint Security for Business specific roles. An example of this, given in the documentation, is a help desk engineer who can perform updates but not configure policies. There are 4 preconfigured roles, System Administrator, Administrator, Helpdesk, and Guest. Roles can be edited created and defined by the System Administrator.
Fast and Effective Endpoint Security for Business Symantec Endpoint Protection 12.1 PassMark Software Installation and Configuration 4/5 Installing the Symantec Endpoint Protection 12.1 management server and console is very straightforward. The wizard-based setup provides brief explanations of key features and minimal input is needed from the user, with only a few fields being marked as required.
Fast and Effective Endpoint Security for Business number of ways, including an AutoUpgrade (an Automatic Upgrade Wizard), configuring LIveUpdate settings to permit product updates, and a local installation. As we saw with other reviewed products, the Client Deployment Wizard provides an option for automatically uninstalling existing security software. Documentation is relevant and well presented, frequently using tables to compare and summarize information, for e.g. a feature map between 11.x and 12.
Fast and Effective Endpoint Security for Business Client Management & Remote Management 4/5 Since the web console shares the same functionality as the management console, remote management from anywhere on the network is possible, sparing administrators the need to install the management console software on additional workstations. Role based administration is well supported, where 3 default administrators can be created (System Administrator, Administrator, and Limited Administrator).
Fast and Effective Endpoint Security for Business Trend Micro OfficeScan 10.6 PassMark Software Installation and Configuration Setup was fairly easy, taking less than 15 minutes to complete, although configuration requires a bit more attention compared to other products. During setup, the administrator is prompted to enter in Activation Codes for three services, Antivirus, Damage Cleanup Services which is optional, and Web Reputation and Anti-spyware.
Fast and Effective Endpoint Security for Business Migration 4/5 OfficeScan 10.6 supports upgrades from OfficeScan 8.0 SP1 and OfficeScan 10.x. Migration is documented in acute detail in the Installation and Upgrade Guide. A 4 step process is outlined for backing up the database and configuration files before upgrading, which is a bit more complicated than other products we reviewed, requiring stopping the Office Master Service and backing up a list of files manually.
Fast and Effective Endpoint Security for Business dashboard, widgets can be added to the dashboard, shuffled around and resized. The map widgets were amusing, highlighting countries in red and displaying a score for threat sources and threatened users as the cursor hovers over them. The client software launches a relatively small window. The interface is quite simple and looks bland and outdated. As with the web console, the client interface would benefit visually from more use of color.
Fast and Effective Endpoint Security for Business PassMark Software Disclaimer and Disclosure This report covers selected Enterprise Security products that were available at the time of testing. Version numbers of software reviewed within this document are provided in the “Product Versions Tested” section of this report.
Fast and Effective Endpoint Security for Business PassMark Software Appendix A – Performance Methodology Client Image Creation After installation of the client image, the following Windows services/features were disabled to minimize the impact of Windows background activity and ensure the consistency of test results: Windows SuperFetch – Disabled for all tests. Re-enabled to allow boot time optimization functionality, and for boot and restart time tests.
Fast and Effective Endpoint Security for Business PassMark Software installed. Test Tool(s) xbootmgr and xperf by: Microsoft These tools are available from the Windows Performance Toolkit version 4.6 (as part of the Microsoft Windows 7 SDK, obtainable from the Microsoft Website). Xbootmgr was used to optimize the boot process, as well as to benchmark the time taken to boot the machine. Xperf was used to parse the detailed boot traces outputted by xbootmgr.
Fast and Effective Endpoint Security for Business PassMark Software File Copy Performance – Large Set of Small Files (Endpoint) Description Test Tool This metric will measure the time taken to copy a large set of small files between directories on the endpoint machine. CommandTimer by: PassMark Software A command line utility developed by PassMark software which measures and logs the time taken to perform a task in a command prompt.
Fast and Effective Endpoint Security for Business PassMark Software File Copy, Move and Delete (Endpoint) Description Test Tool This metric will measure the time taken to copy, move, and delete samples of files in various formats. CommandTimer A command line utility developed by PassMark software which measures and logs the time taken to perform a task in a command prompt.
Fast and Effective Endpoint Security for Business PassMark Software Memory Usage during Idle (Endpoint & Server) Description This metric measured the total additional memory use consumed by the endpoint machine during a period of system idle where an endpoint security product has been installed. Test Tool(s) SysinfoAvg by: PassMark Software A command-line utility developed by PassMark software which retrieved and logged memory commit charge values (e.g.
Fast and Effective Endpoint Security for Business Result PassMark Software The final result was measured in megabytes (MB) and calculated as an average of 40 samples. This average was subtracted from the baseline to obtain the total amount of additional memory consumed by the security solution.
Fast and Effective Endpoint Security for Business PassMark Software Memory Usage during On-Demand Scan Task (Server) Description This metric will measure the total additional memory use consumed by the server machine during the period in which On-Demand Scan Task is being run on an endpoint client. Test Tool SysinfoAvg by: PassMark Software A command-line utility developed by PassMark software which retrieved and logged memory commit charge values (e.g.
Fast and Effective Endpoint Security for Business PassMark Software month (30 days), whichever comes first. Result Update Size: The final result is calculated as the total amount of data downloaded by the product over 30 days. Update Frequency: The network activity log is analyzed and the download frequency described (e.g. polling every hour, scheduled download every day, etc) over 30 days. Issues Microsoft Forefront required WSUS to be synchronized in order to access updates.