I recently came across an article from 'Information Security' that reviewed several "Enterprise" class security suites. I have reviewed several here on this blog in the past year and have found very disappointing results. There have been a couple of new comer's to the land of the personal desktop namely 'Blink' by eEye that I have been testing for several months. The tool isn't ready for personal use, but it's professional version has been commended for a while. This article compared Blink's Enterprise tool (at time of writing I haven't been able to confirm the differences between Pro and Enterprise).
For most readers of this blog, they may dismiss reviews of enterprise class applications but I decided to include it since for most of these vendors the Enterprise version represents the 'best of the best' of their offerings. As this review compares all the top providers including Symantec, CA, Trend Micro, ISS, eEye and a few others I decided it was worth while comparing them.
The article can be found here:
(I included the print-friendly version of the article as it's a 15 page review, and 15 pages is ridiculous since every page is barely a screenful on my PC, I prefer reading to clicking links and waiting for advertising to load so...)
A lot of these offerings are strictly for Windows machines, very few have linux offerings or Mac. Something to keep in mind if your network has blended OS's you will have to seek other options for a network wide protection. However if your network is mostly Windows bases these products will meet your needs.
The offerings were presented and reviewed by many criteria, such as 'ease of information gathering' to usage, to malware detection capability.
The most interesting note to this is that NONE of the products had 100% detection. NONE! The best came in around 92% detection.
It's also important to note that some were plainly incompetent at detecting malware that was present and moving around a machine. This too was a interesting consequence of the article.
Here is the features offered in the product.
The real nice extra feature that only two of the above offer is vulnerability scanning. This is a must to ensure your machines are patched and up to date. However the features can be very valuable in a work environment that can have strict policies, in a home environment it's benefits will be less. My experience shows that they typically have inaccurate results so being able to use this as a guideline rather than a definitive state is important. It's still very valuable.
Since we like Blink, it's also important to note that even the Personal version of their product offers all these features, most of the other vendors are not so accommodating for their lower end versions of the product.
So this review does in fact support our arguments regarding malware. There is NO 100% effective solution, so a multi-tiered approach to malware is wise.
It also proves our case about not relying on a traditional antivirus product alone. This type of product has pretty much no life in todays market. A blended product is what is required which most of these provide. It's unfortunate that most of these companies cannot improve their offering to be more effective.
Additionally it's important to note that 'false positives' are the #1 problem with most of these packages so it's critical to compare 'detection results' with other products before making a decision to buy. As a lot of spyware vendors like to do with their product offerings is to have LARGE numbers of detection, regardless of it's importance or even accuracy.
Comments (0)
James Friesen Net
http://jamesfriesen.net/article.php/20071212085146833