IT Security Products for Corporate Users - AV

IT Security Products for Corporate Users - AV
Product Review: Corporate Review 2010
www.av-comparatives.org
IT Security Products
for Corporate Users
Review of IT Security Suites
for Corporate Users, 2010
Language: English
October 2010
Last revision date: 11th November 2010
www.av-comparatives.org
-1-

Product Review: Corporate Review 2010
www.av-comparatives.org
Contents
The Dangers of Malware.....................................
3
Target Audience / Configuration ........................
4
Management Summary ....................................
5
Synoptic Table .................................................
7
Tested Products ...............................................
8
Spam Test .......................................................
9
Product Section
AVIRA .............................................................
12
Bitdefender .....................................................
23
ESET ...............................................................
36
G DATA ............................................................
48
Kaspersky.........................................................
62
McAfee ............................................................
77
SOPHOS ..........................................................
86
Trend Micro ..................................................... 102
Feature List ..................................................... 122
System Requirements Part 1 ............................... 174
System Requirements Part 2 ............................... 179
-2-

Product Review: Corporate Review 2010
www.av-comparatives.org




The Dangers of Malware
Most organizations are aware of the risks threatening their IT environment. Viruses, trojans,
worms, exploits and many other threats represent a serious danger for the IT department.
A collapse of the IT system could mean grave financial losses right up to insolvency for a company.
The IT departments of companies are conscious of this problem. Getting the best protection
against these threats is the only issue. A simple file antivirus solution alone is totally inadequate, as there are too many threats from contaminated e-mails, exploits etc. What is required is a comprehensive suite that provides protection against all of these.
Functional Diversity
Because of the immense functional diversity of various antivirus suites and corporate products, it is becoming increasingly difficult for decision-makers in the IT sector to get a proper
overview. Which product should one opt for and for which areas of protection?
During these tests our main focus has not been on malware detection rates, but on the products’ handling and user-friendliness, and the scope of functionality. We have compiled the
functional scope of various products in a detailed table. For malware detection rates of individual products please refer to the tests of our website: http://www.av-comparatives.org
-3-

Product Review: Corporate Review 2010
www.av-comparatives.org
Target Group
This report is aimed primarily at IT administrators in organizations of all sizes. In order to present an
overview, we have depicted the installation procedure in detail. This gives administrators an idea of
what the program is like to use. However, this only represents the current state, since software products are subject to ongoing development and are updated frequently.
Hardware and Software
Organizations seldom use the latest hardware available in the market. Based on a survey conducted of
50 organizations of various sizes, which we carried out in the run-up to the tests, the hardware that
we used is representative of equipment currently deployed.
The selection intentionally included the somewhat older configurations in order to reflect the real
status of the IT environment in various organizations.
Server Configuration
CPU:
RAM:
Hard disk:
Hard disk:
OS:
Server Role:
Dual-Core Xeon
8 GB RAM
2 x 160 GB (Raid 1, Sysvol), SAS
2 x 500 GB (Raid 1, Datvol), SAS
Windows Server 2008 64-bit Std. incl. Service Packs and Security Updates current as of
July 2010
Domain controller including Exchange 2007 SP1. DNS including forwarders.
Client Configuration
CPU:
RAM:
Hard disk:
OS:
Intel Dual Core, 3 GHz
4 GB RAM
80 GB, SATA
Windows 7 Business, Security Updates current as of July 2010
-4-

Product Review: Corporate Review 2010
www.av-comparatives.org
Management Summary
This year, the participants were AVIRA,
The TREND MICRO product is new to our corpo-
BITDEFENDER, ESET, G DATA, KASPERSKY,
rate reviews. During the tests, an update was
MCAFEE, SOPHOS and TREND MICRO. Of these,
delivered that is now generally available. We
MCAFEE, BITDEFENDER and TREND MICRO are
were particularly impressed with the manage-
new to the review, having not been covered
ment console, which manages to make a huge
last year.
amount of information available to the administrator in a clear and simple manner.
Both MCAFEE and SOPHOS impressed us with
installers that do everything with a single
Considering the products reviewed last year, it
click. The installation of these products was
can be seen that the manufacturers have
particularly simple, as was the configuration.
stayed with proven technology. The plus points
of the previous version have been kept, and
With ESET we noticed the ease of administra-
administrators will immediately find their way
tion of the clients. This works well and enables
around the new software.
administrators of extremely large networks to
find their way around and configure the sys-
You can find the prices in the feature list.
tems easily. However, it should be noted that
However, we take the view that price should
while installing ESET it is necessary to consult
be a minor consideration, and security should
the manual. But reading the manual should be
always be the top priority.
done for every installation.
A new trend was observed among the manufacIn the case of AVIRA, we observed that the
turers this year. The licence models are becom-
manufacturers have revised the design of the
ing ever more granular, rather than simpler,
suite and incorporated our suggestions into
and the tendency is towards individual prod-
the product. The configuration and integration
ucts rather than pre-configured complete
of the client PCs are both carried out using
packages. We do not understand why the man-
wizards. It is good to see a manufacturer re-
ufacturers are going in this direction, as we
sponding to the wishes of its customers.
believe it would be easier for customers to
choose all-in-one packages that give them the
protection they need.
BITDEFENDER, KASPERSKY and G DATA stay
with their respective existing proven interfaces.
-5-

Product Review: Corporate Review 2010
www.av-comparatives.org
For each individual product, it can be difficult
It must be noted that there are still major
to decide exactly which version and which
differences between the suites in terms of
features are needed. Advice from an expert,
functionality, ease of use and installation. It is
either a representative of the manufacturers,
therefore particularly important when purchas-
or an independent IT security consultant, is
ing corporate security suites to consider the
invaluable.
particular requirements of one’s own network
and staff. However, all the products in this
review are sufficiently well-designed and effec-
Unfortunately, none of the manufacturers has
tive in protecting the network that they can be
made any progress with the development of
recommended without reservation.
real-time reporting. In all cases, the software
still leaves the administrator in the dark as to
the progress of individual actions.
We are happy to report that all products reviewed in this report received the AV-Comparatives
Seal of Approval. The products performed well in their primary functions, as it can be expected
from established business security products. IT Administrators may find some products fit their
needs better than other products because they address a specific set of feature they are looking
for.
-6-

Product Review: Corporate Review 2010
www.av-comparatives.org
Synoptic Table
We present here an overview of the products, which can be used to help make your decision. Please try
the products on your own system before making a purchase decision based on this review. All vendors
offer trial versions of their products and have qualified resellers in most countries. The review and the
table below contain our subjective appraisal based on the tests and the publicly available information on
the vendors’ websites.
AVIRA
Bitdefender
ESET
G DATA
Kaspersky
Ease of
    
Installation
McAfee
Sophos
 
Trend Micro

Deployment
on Client  

    
PCs
Usability
and
       
Management
Default
Values



Small Busi 
ness
Medium
Business

 



   


     
  
   
User Manual 





MS AD Sup
port




  



Enterprise


Database
Support

Website

Spam
Overall
Assessment
Award

  
   





       


APPROVED
Corporate
Product
APPROVED
Corporate
Product
2010
2010

   

APPROVED
Corporate
Product
APPROVED
Corporate
Product
APPROVED
Corporate
Product
APPROVED
Corporate
Product
APPROVED
Corporate
Product
APPROVED
Corporate
Product
2010
2010
2010
2010
2010
2010
-7-
Product Review: Corporate Review 2010
www.av-comparatives.org
Tested Products
The following vendors participated in the tests and review:
AVIRA
www.avira.com
Bitdefender
www.bitdefender.com
ESET
www.eset.com
G DATA
www.gdata.de
Kaspersky
www.kaspersky.com
McAfee
www.mcafee.com
Sophos
www.sophos.com
Trend Micro
www.trendmicro.com
-8-
Product Review: Corporate Review 2010
www.av-comparatives.org
Spam Test
Spam is a very annoying issue, which can take up much work time and therefore cost money.
Due to this, efficient spam filters are required. On the other hand, spam filters must not filter
out any wanted mails (ham), as this could be problematic in business life.
The mails were filtered directly on the Exchange Server 2007 SP1. If there was no Exchange
plug-in provided by the product, it was filtered on the client. We used Outlook 2010 (with its
junk-mail filter disabled for testing purposes).
All settings on the tested products were left on DEFAULT WITHOUT TRAINING. In real world
and by training the spam filters the filtering rates could be increased further.
For this SPAM-test, we took only SPAM mails which had been collected continuously and were
not older than 3 weeks (about 3000 emails).
-9-
Product Review: Corporate Review 2010
www.av-comparatives.org
Results Spam Test
Detected Spam
AVIRA
 99%
approved
Bitdefender
 99%
approved
ESET
 98%
approved
G DATA
 98%
approved
Kaspersky
 99% 1
approved
McAfee
 99%
approved
Sophos
 97%
approved
Trend Micro
 99% 2
approved
Results Ham-Test
Very positive is the fact that none of the tested products classified any wanted mail (Ham-Mail) of our
Ham-test set as SPAM.
The spam filters can be set at different levels, the administrator has to find the best selection for his/her
own network. Whitelisting and blacklisting are also possible.


1
Kaspersky: We have been asked to review the Kaspersky Security 8 for Exchange Server (Release Candidate), which
will be available end of November 2010
2
TrendMicro: If you use the MS-Exchange Server direct as an MX you can use Scan Mail for Exchange or Worry Free
Business Security, if you use MS Exchange Server with a pop connector you should use Worry Free Business Security,
because Scanmail without ip-reputation service would lead to significant lower spam detection.
- 10 -
Product Review: Corporate Review 2010
www.av-comparatives.org




Product Review Section
The products are reviewed in alphabetical order.
- 11 -
Product Review: Corporate Review 2010
www.av-comparatives.org
AVIRA
Tested Software:
AVIRA Antivir Server (Windows)
File Server Protection
AVIRA Antivir Exchange + Anti-Spam
Exchange Server Mail Protection
AVIRA Antivir Security Management Center
Centralised Control Console and Deployment
AVIRA AntiVir Professional
Client Virus Protection
- 12 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Product Installation
Download
The layout of the manufacturer’s website is
simple and logical, and it is easy to find the
product you’re looking for. If you already have
a key, you can download the setup files without further ado.
Registration is necessary to get a test licence.
30 days is long enough to test the product
thoroughly. The registration details are forwarded to a certified Avira partner.
An improvement here is that the individual
products of the suite no longer have to be
downloaded separately, as there is now a Small
Business Suite installer as a single item. This
is very much better the previous version.
Another plus point is that the new Avira website provides a very well organized overview on
the complete range of Avira business products
(the SmallBusiness among them) which makes
it very easy to compare the features of the
different product offerings.
Once the installation files have been unpacked
into a temporary folder, we are greeted by the
Welcome page of the installer:
Installation
Avira has also worked hard on the installation
process, and there is no longer any need to
consult the SMB product handbook during
basic setup.
The installation starts by decompressing the
setup files:
-
13 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Next comes the obligatory licence agreement:
The first step is the local installation of the
products belonging to the Suite, i.e. the AntiVir Workstation, the AntiVir Server and (optionally) AntiVir Exchange:
The licence key file obtained at registration
then needs to be located:
The next step is to enter the credentials of a
Windows user account with administrator privileges:
The path to the installation folder can now be
selected. We chose to install to the standard
location:
The installer now has the information it needs
to begin:
-
14 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Here we see that the future security environment database is populated with AntiVir Professional and the AntiVir Server, so that the
program can be remotely installed to client
PCs.
The product now searches the network environment for computers that are not already
managed. Computers are added to the managed network simply by marking the tick-box
After successful installation, the SmallBusiness
Suite wizard starts, this takes care of the next
step in the setup:
-
15 -
Product Review: Corporate Review 2010
www.av-comparatives.org
If the check was negative for certain computers the account data can be corrected on the
spot. Next the marked computers are added to
the security environment:
There is also a feature which allows additional
clients (not found automatically) to be manually added to the list of machines to be installed. The ability to name them individually
is particularly useful.
Next, we can choose a user account for adding
the marked computers to the managed security
environment. This is an ideal solution for larger networks where there is a system administrator who looks after security issues.
In an up-to-date Windows environment with
Windows Server 2008 and Windows 7 clients it
is not possible to carry out a remote installation without changing firewall settings. However, with centrally controlled means such as
Group Policy, this shouldn’t be too much of a
hurdle.
The installation then works very smoothly and
especially quickly. Products to be installed are
chosen from a list:
The product then checks if the administrative
account is valid for all marked computers and
lists the result:
-
16 -
Product Review: Corporate Review 2010
www.av-comparatives.org
(SMC) and log on with the credentials used
during the server installation:
Then choose the computer(s) that the product
is to be installed on.
The product is then installed on the marked
computer(s). The completion status is also
displayed very clearly:
At first glance, not much has changed from
previous versions, so experienced Avira users
will feel at home.
Thanks to the new installer, it is no longer
necessary to register the licence at this stage,
as it has already been done using the setup
wizard. Software packets have also been configured with the wizard.
Once the whole installation process is finished
we get a final summary listing the computers
with their installed products that are now
managed within the security environment.
The integration of additional clients or additional products can now be carried out directly
from the Security Management Center or by
using the configuration wizard again which
can be started directly from the Avira/Avira
SmallBusiness Suite program group.
Once the configuration wizard is finished we
can start the Security Management Center
Especially the configuration wizard makes the
initial configuration of Avira SmallBusiness
-
17 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Suite child’s play. It is very nice to see a manufacturer reacting to customer feedback, and
Avira has really succeeded in making the management center much more user-friendly.
The general features have not been significantly changed, and so anyone familiar with
Avira will still find their way around the settings very easily.
It is of course possible to create an individual
structure for complex networks, so that different configurations can be applied as necessary.
For example, separate configurations could be
assigned for local and remote computers.
The authentication possibilities for a push
installation were already exemplary in last
year’s version:
Remote Installation remains unchanged. Rightclicking a client machine, then “Installation |
Avira SMC Agent” allows installation of the
agent. Other software, such as the client antivirus program, can be installed in a similar way
if it has not already been installed through the
wizard.
During the installation, the hour glass symbol
is displayed, until the SMC announces that
client installation is complete.
The function scope dialog box also remains
unchanged.
-
18 -
Product Review: Corporate Review 2010
www.av-comparatives.org
On successful completion of the installation,
the installed product can be seen under the
individual client PC:
The Update Manager also provides very detailed scheduling options:
The Update Manager is now completely integrated into the Security Management Center
which means that it is now possible to have
more than one update manager, e.g. you can
assign one update manager to one specific
security environment group to speed up the
distribution of updates. In spite of these
changes the update manager remains very
user-friendly, and we found our way around it
immediately:
The user interface is, as in the last version,
exemplary, and configuration changes are
largely made using convenient drop-down
menus.
The installation routine for the Exchange
scanner remains unchanged, as do the management console for mail and spam protection.
Manufacturer’s website
The update settings are diverse, making the
suite very suitable for complex networks.
The website (www.avira.com) is designed in a
suitably clear fashion.
-
19 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The home page gives an overview of current
threats and warnings in the support/virus lab
area. You can subscribe to various RSS feeds,
in order to keep up to date with the latest
events.
In particular, the opportunity to create one’s
own security structure is especially impressive.
We very much liked the possibility to import
inventory lists for large networks; this is very
simple to do, and saves a great deal of configuration. If you use an Active Directory you can
also import your AD directory directly into the
security environment and synchronize it automatically.
There is also a “Virus Lab” area on the Support
page where you can find out about viruses and
other types of malware.
Avira has consolidated the various products
into appropriate suites, and the licence model
is, in contrast to the current trend, very simple.
We have also noticed that the suite now offers
a number of features that simplify its use in
larger network environments.
The trial versions of the products run for 30
days without any reduction of functionality.
The remote installation of clients is particularly simple. You only need to configure the login
account to be used for the installation, and
choose a package to install. No other preparation is necessary. Unfortunately, you do need
to configure the Windows firewall on the client
PCs in order to perform the remote installation. A note from the manufacturers to this
effect, giving details of the relevant ports,
would be helpful here.
The installation process
This year, as previously, Avira´s installation
process stands out, due to its simplicity and
intuitive nature.
The manufacturer has evidently reacted to user
feedback, and produced optimal solutions to
the small problems that spoiled last year’s
product.
What is particularly helpful for your every day
work with the system is that whenever you add
a computer to the security environment you
can define that it automatically gets an Avira
security product installed.
The installation wizard makes in unnecessary to
consult the manual during installation.
What is also worth mentioning is the active
reporting on errors and other security relevant
issues by so called filtering groups that show
clients that in one way or another need the
attention of the administrator.
The user-friendly nature of the product means
that it can be deployed quickly and easily,
without having to learn how to use it, and the
basic configuration is very simple.
If you want to use your own SSL certificates
you can generate, deploy and use those certificates with Avira´s SmallBusiness Suite.
Administrator Console
The Administrator Console is, due to its MMC
compatibility, clearly laid out and easy to understand.
There is a convenient solution for licence administration, which is easy to configure.
It can be said that after the installation, only
organisational work remains to be done.
-
20 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Deployment areas
Summary
The Avira suite is ideally suited to small and
medium-sized business. There have also been
notable improvements for complex networks
and enterprise environments. It is possible to
live without some other features that would be
valuable in an enterprise environment, given
the extreme ease of installation and configuration.
The Avira Small Business Suite is very easy to
install and fulfils all essential requirements.
The suite is ideal for small to medium networks, although improvements for larger networks have been implemented.
The client software is light on system resources, and the remote installation runs very
quickly and easily.
Unfortunately, Avira is no exception to the
general failure of security suites to provide
real-time status information.
In the SMB field, Avira remains a top player.
Antivirus Clients
The message pop-ups are pleasantly discreet.
After installation has completed, the initial
update must be started manually, unfortunately.
The noticeable development and improvement
of the product is particularly worthy of praise.
Even if there are small imperfections in the
product now, you can happily use it, as there
is every chance that even these will be improved in the future.
The client software is otherwise clearly laid out
and gives a good overview of the state of the
system.
-
21 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Pros:
Cons:
+ Rapid client installation
- Only small imperfections that are well compensated by the ease of use and clearly laid
out structure.
+ Clearly structured management console
+ Good configuration wizards
+ Active Directory Support
+ Automatic installation of Avira security
products
+ Active error reporting through filtering
groups
Deployment areas:
Small Networks (0-50 Users)

Medium Networks (50-500 Users)

Large Networks (500-? Users)

Overview:









Installation Wizard
User Navigation
Administrator console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
-
22 -
Product Review: Corporate Review 2010
www.av-comparatives.org
BitDefender
Tested Software:
BitDefender Security for File Servers
File Server Protection
BitDefender Security for Exchange
Exchange Server Mail Protection
BitDefender Client Security
Centralized Control Console and Deployment
- 23 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Downloading the product
The website design is simple and logical. There
is no difficulty finding the products you want,
and they can all be downloaded in fully functioning versions.
In the business section of the website, there is
an overview of the functionality provided by
different versions of the suite. This is very
simple and practical for the user.
You have to register to get a test key for the
software. This allows an adequate 30 days in
which to test the product.
With BitDefender trial registration you get an
email message with downloadinstructions and
links, where you are pointed to videoturorials,
too.
Two possible installation methods are described in the documentation. The components
can be installed individually with their own
installers, or by the management console. The
latter is significantly simpler, but the individual components method may be useful in special cases.
- 24 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Installation
We begin with the installation of the management server, which will then be used to install
the other components:
The following point gives us an idea of the
scalability of the security system. The Mas-
We then have to agree to the obligatory licence
agreement:
ter/Slave variant is ideally suited to large networks, or those with remote sites:
After this, we can choose the installation
method. For the purposes of our test we chose
the Custom Installation, in order to better
evaluate the functions of the installer.
The next step is to choose the scope of the
installation:
The next step is decisive for the communication of the individual components. The ports
used by the suite can be configured to suit
your own network environment:
- 25 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The additional software components for SQL
Server Express are now shown:
Even the port used to provide updates can be
selected:
After the installation of SQL Server Express and
its additional components comes the setup of
the management server:
Like many other management products, BitDefender Security Suite needs a database server
running in the background. As there is no SQL
server in our test network, we select the SQL
Express option:
After the installation, a summary report of the
changes made is shown.
We leave the database login credentials as the
defaults.
- 26 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The Management Interface
As soon as we start with the Network Builder,
the simple handling of the suite is clearly
demonstrated, and we can make rapid progress. In order to find the client computers
more quickly, and get around any network
security barriers, Network Builder enables us to
use Active Directory to choose the clients:
The first task is to provide authentication credentials. The standard password has to be used
here, which requires delving into the user
manual, unfortunately. We confirm the password without change, and log in to the management console for the first time.
We are initially greeted by a very simple, even
Spartan, dashboard, which informs us of the
next steps.
Now comes step 2 in the Network Builder wizard. After clicking on “Apply Changes”, we
immediately see the “Deployment Wizard”,
which allows us to configure various options
for the installation.
After successful registration of the management console, we proceed to the next stage of
initial configuration. We start the Network
Builder in order to define networks:
After selecting the desired options, we can
begin with deployment:
- 27 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The next job is to bring the clients we have
just installed into a group, which we have
called simply “Clients”. This grouping function
is, as in other security suites, the best way to
create a security structure which can be modified to fit the individual requirements of the
organisation’s network.
Configuration continues after successful installation of the clients:
The next point on our dashboard is quickly
dealt with. The standard password needs to be
changed:
We remove our client from the “Ungrouped”
PCs and add it to our new group:
- 28 -
Product Review: Corporate Review 2010
www.av-comparatives.org
take a look at the rest of the management
console.
The “Policies” area gives us the opportunity to
create various security policies, whereby a
number of preconfigured plans are available. It
is easy to create one policy for clients and
another for the management server. This policy
management structure is the best means of
realising complex security environments in
corporate networks.
This example shows clearly the way the management console works. In MMC-compatible
style, the console shows the available areas to
be selected, and individual objects can be
conveniently configured by means of a rightclick.
The various templates can be used to control
the individual functions of the clients, so
there are specific templates for the firewall,
scan behaviour, and other client functions.
After using the “Paste Client(s)” command, we
immediately see the client we have just installed appearing in our newly created group:
The next point, the script manager, is well
known in corporate circles, and is an essential
component of every good security suite:
As with policies, BitDefender provides a very
good choice of pre-configured templates. This
Having completed this step, we have already
finished the initial configuration. Now we can
- 29 -
Product Review: Corporate Review 2010
www.av-comparatives.org
makes it very easy to configure the suite according to the requirements of your own network, without needing to consult the manual.
Exchange 2007 Protection
In order to demonstrate the second means of
installation, we also set up the Exchange Protection using the standalone installer.
The template-based user interface is also used
in the “Report Center”. Again, it is an optimal
method, and enables you to configure the
system as you want in minimal time.
To begin with, the installer unpacks the installation files into a temporary folder, and then
displays the first page of the setup wizard:
The “Activity Log” is the logging centre of the
suite, and very simple logs enable the administrator to maintain an overview of the system.
The Spartan nature of the information recorded
in the logs is ideal for quickly checking the
main functions of the suite, but has the downside that it is only of limited use in troubleshooting procedures where detailed information is needed.
As usual, we have to accept a licence agreement:
All in all, the management console is a very
successfully designed tool for the central administration of the suite. The Dashboard in
particular gives an excellent overview of the
remaining tasks, and little time is needed for
the initial configuration.
The screenshot below shows the choice of installation options. As we have already installed
the file server protection using the management console, we will deactivate this option in
our installation.
- 30 -
Product Review: Corporate Review 2010
www.av-comparatives.org
In the next step, you can decide whether to
send reports to BitDefender. This option
should be deselected for high-security environments.
The next step is to choose the number of
scanning processes. The installer informs us
that up to 24 instances can be selected, but
recommends 4 (the minimum number) for our
own network:
At the start of the process we chose to install
the Exchange scanner, so now we are asked
about the role of the Exchange Server:
The installer now has enough information to
begin the installation process.
- 31 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Installation of the Exchange Protection component using the standalone installer is thus
complete.
The management console for the Exchange
2007 protection
When installation is complete, we find the
following program group in the Start Menu:
The Exchange server protection is also configured using a simple, familiar console like the
MMC.
The monitoring section of the Exchange console is exemplary. A very clear overview of the
mail system and processed emails is presented,
which is very hard to fault.
- 32 -
Product Review: Corporate Review 2010
www.av-comparatives.org
You can display detailed information from the
various different areas, and so easily track
potential problems/threats.
We were particularly pleased to see that BitDefender gives us the opportunity to create our
own SMTP groups, a feature that we have very
rarely seen elsewhere.
The configuration options are diverse and
comprehensive:
Due to the really exemplary choice of configuration options, the Exchange protection module in the BitDefender suite is extremely flexible, and can be adapted perfectly to the needs
of your own network.
- 33 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The remote installation of the clients is in
itself extremely simple. Unfortunately it is
necessary to configure the Windows Firewall on
all client PCs, to allow the remote installation
to work.
Manufacturer’s Website
The
manufacturer’s
website
(www.bitdefender.com) is designed in
an appropriately clear and simple way, in accordance with current standards.
The management console for the Exchange
protection is extremely powerful but still very
straightforward to use.
Additionally, the site offers a security zone,
where you can find out about viruses and other
malicious programs.
Deployment areas
The management console has been very well
designed.
The BitDefender suite is suitable for networks
of all sizes, including complex environments.
The installation process
Antivirus clients
The installation procedure is very simple if the
management server is used, and can easily be
performed by any user without resorting to the
handbook.
The antivirus software for clients is efficient,
very user friendly and easy to find your way
around. Once installed, clients need virtually
no configuration and do not present excessive
pop-up warnings.
However, we were also pleased that the standalone option is available, as this allows the
product to be installed on smaller networks
without any need to worry about the many
detailed configuration options.
Summary
The entire suite impresses due to its simple
installation routine and very convenient user
interface.
The administration console
The MMC (Microsoft Management Console)
compatibility of the administration console
makes it clear and easy to use.
Regardless of the size and complexity of your
network, the BitDefender suite offers you all
the features you need.
Here too it can be said that after the installation, only organisational tasks still need to be
completed.
The Exchange server protection must be particularly praised, as it is possible to make very
detailed configuration changes, without feeling overwhelmed by the possibilities.
The opportunities to customise a security
structure for your own network are excellent.
The user interface is so simple that a manual is
more or less redundant.
The available functions and configuration possibilities mean that the suite is intended primarily for up to 3500 endpoints.
In conclusion, the suite can be recommended
to everybody.
- 34 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Pros
Cons
+
+
+
+
+
+
- Limited filtering options
- No real-time status
Rapid client installation
Simple and clear management console
Easy remote installation
Good grouping functionality
Quick and simple installation
Excellent Exchange protection
Deployment areas
Small Networks (0-50 Users)

Medium Networks (50-500 Users)

Large Networks (500-? Users)

Summary









Installation Wizard
User Navigation
Administrator console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 35 -
Product Review: Corporate Review 2010

ESET
Test Software:
ESET Remote Administrator
Management Console
ESET Mail Security
Exchange Server Mail Protection
ESET Smart Security 4
Client Protection
- 36 -
Product Review: Corporate Review 2010
Installation
Next we have to confirm acceptance of the
licence agreement:
Downloading the product
It is easy to find the products you’re looking
for, as the website is clear and well designed.
ESET is the only manufacturer amongst those
in this review to limit the availability of the
test version. It is only possible to download a
trial of the corporate software after making
contact with the company.
Like many other manufacturers, ESET makes a
separate installer for every individual product
or tool.
The products can be bought online from the
web store. There is all information and user
guides about them on the site
After this, we can choose the installation
method. The Advanced Installation gives the
option of Cluster Mode:
ESET offers an online scanner as an additional
service free of charge.
Installation of the products
We start with the installation of the Remote
Administrator Server:
The next step is to locate the licence key file:
- 37 -
Product Review: Corporate Review 2010
We now have the opportunity to enter passwords for the individual functions of the software. Using different passwords for different
areas of access increases security, although
some administrators would surely prefer to use
one password for all functions. But, as mentioned before, it is more secure this way!
The installer now has enough information to
begin the setup process.
The next step is to install the Remote Administrator Console. This can be installed on any PC
on the network, and serves as the interface for
the Remote Administrator Server, which we
have already installed. This distinction is not
very clear to the new user without reading the
manual.
The next point concerns the update settings.
There is another licence agreement to accept:
- 38 -
Product Review: Corporate Review 2010
Again, there is a choice of “Typical” and “Advanced” installation methods:
On completion of the installation, we can open
the console.
In the case of a Typical Installation, the Microsoft Access Engine (Jet Database) is selected by default as the database. If you want to
use an SQL server, this has to be configured
manually with the help of the manual.
We can then choose the installation folder:
The installer has now collected enough information and can begin the setup process.
- 39 -
Product Review: Corporate Review 2010
defined at group creation. The Active Directory
Import Wizard is very helpful here.
The management interface
By default, two clients can be managed using
ESET Remote Administrator. If you import a
test license obtained from ESET, you will be
able to manage as many clients as the license
permits.
Once we have accepted the message, the ERA
console opens:
To make the software packets ready for a push
installation, we first have to create them, or
download them from the manufacturer’s website with the help of a wizard.
The console needs a good deal of getting used
to, but offers the users a wide variety of options. Studying the manual is unavoidable.
There is a help option within the product,
quick start guide and user manual for full feature explanation.
Our first task is to configure the security structure and the clients. To do this, we click on
the “Group Manager” button on the taskbar
and create the desired group(s). Aside from
creating the security structure, dynamic groups
can be created – clients become members of
these groups based on meeting certain criteria
If the relevant MSI files for client installation
are already available on the network, these can
naturally be used to form the installation
packets.
- 40 -
Product Review: Corporate Review 2010
Now we can distribute ESET Smart Security (the
client software) to the clients.
The “Remote Installation” tab allows you to
select the client machines to be installed:
We choose the PCs we want and click on “Push
Installation”.
We then need to enter the login details for
these machines:
The next stage is to choose the package to be
installed:
- 41 -
Product Review: Corporate Review 2010
After a short wait we are informed that installation is complete.
The installation can be carried out immediately, or scheduled for a later time:
The push installation without interaction improves the user-friendliness of the software.
As in our test last year, we found the filtering
and organisational options very comprehensive
and good. With ERA 4, ESET has also added a
centralized view of the quarantine on the clients; i.e. files that are in quarantine remain on
the clients, but the administrator has a centralized view of what has been quarantined
and can download the files from the clients for
further inspection, delete them or restore
them.
The list view with tabs at the bottom of the
window for the individual areas is a good solution:
As with almost all other suites, there is no
real-time status, but by clicking on “Task Details” in the context menu, and then “Refresh”, the degree of progress can be seen:
- 42 -
Product Review: Corporate Review 2010
The variety of functions is strength of the
suite. It offers very detailed configuration
options, and can thus cope with complex demands. Aside from clients on Windows based
systems, the console allows management and
configuration of clients running product for
Mac
OS
X,
servers
running
ESET
Mail/File/Gateway security solutions, or even
mobile clients (ESET Mobile Security for Windows Mobile/Symbian). In other words, it is
possible to manage, configure and update all
ESET security solutions from a single console.
Once again, there is a licence agreement to
accept:
There is also a choice of installation options:
Exchange 2007 protection
To start off with, the Exchange protection component has to be installed.
We have already entered all the information necessary for the installer to begin:
- 43 -
Product Review: Corporate Review 2010
The management interface is simply and appropriately designed. On the “Protection Status” page we see what needs to be done next.
The first step is to enter the licence key.
Setup is now complete, and we can take a look
at the configuration.
Extended configuration options can be found
by clicking on the “Setup” menu, then “Advanced Setup”.
The Exchange 2007 management interface
Starting the management console also opens
the Help window for the initial configuration:
If the standard options available are insufficient for you, you can use this advanced menu
to find all available settings.
The choice of a simple or an advanced interface is very convenient, and makes it easy for
less experienced users to configure the Exchange protection.
Mail Security advises a restart, which we carry
out.
- 44 -
Product Review: Corporate Review 2010
anyone needing to set up very complex configurations.
To enter the licence key, we click on “Miscellaneous” and then “License”.
As soon as we have entered a valid licence, we
can see that the status indicators in the Mail
Security window have all turned to green:
Anyone who knows their way around the ESET
Smart Security Client will feel at home with the
interface of Mail Security. Configuration can be
carried out quickly and easily.
Most users will be happy with the Standard
view, although the Advanced view is useful for
- 45 -
Product Review: Corporate Review 2010
Manufacturer’s website
Deployment areas
The website, www.eset.com, is suitably clear
and simple, and conforms to current standards.
“The ESET suite can scale for very large networks.”
The site gives basic information about ESET
products, and there is an online scanner available to download.
Antivirus clients
There are no complaints about the client software, which is well designed and simple to
use.
ESET is one of very few manufacturers to limit
the functionality of their test software. Additionally, it is only possible to obtain a test licence by contacting a member of their sales
team. Some users may regard this as an unnecessary hurdle, although it does mean that users
will be properly advised before installing the
software.
Summary
The management console takes a lot of time
and effort to investigate and understand, but
compensates for this with an abundance of
configuration possibilities.
The installation process
The installation is in itself very straightforward
and simple. Hardly any information needs to
be entered. Any necessary configuration
changes can be made afterwards.
The management console shows the status at a
glance. The Exchange protection is very simple
to configure and cannot be faulted.
We suggest that ESET should reconsider the
Microsoft Jet Engine as the default database.
All in all, the product is a really well done
software for enterprise environments.
The administrator console
The management console is very extensive and
offers sometimes an too abundant choice of
configuration possibilities for maximum customization.
Thorough consultation of the manual is indispensible or has to consult the in-product help.
The icons are arranged so as to enable a good
overview. The system is well designed and
allows individual systems to be found and configured easily, even in extremely big network
environments.
- 46 -
Product Review: Corporate Review 2010
Pros
Cons
+ Very simple installation
+ Very good organisational features
+ Ideal for very large networks
- Use of the manual is unavoidable when installing ERA console
- Partially complicated admin interface
Deployment areas
Small Networks (0-50 Users)

Medium Networks (50-500 Users)

Large Networks (500-? Users)

Summary









Installation Wizard
User Navigation
Administrator console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 47 -
Product Review: Corporate Review 2010
G Data
Test Software:
G Data Endpoint Protection Enterprise
Client Protection
Mail Server Protection
Admin Console & File Server Protection
- 48 -
Product Review: Corporate Review 2010
We were very pleased to see that G Data, as
one of very few manufacturers, produces one
installer that will install the whole suite. The
installation of the management server also
includes the AntiVirus Administrator, which
will be used later to carry out the remote installation of the clients.
Installation
Downloading the product
It is easy to find your way around the website,
which is clear and simple. There is no difficulty
finding the products you want, and all software can be downloaded as a fully functional
version.
Most modules come as an ISO file, weighing in
at 1.3 GB. It’s important to allow enough time
to download this much. Fortunately, G Data’s
servers have high-speed connections.
There is of course an overview of the functions
contained in the different suites:
We start at the beginning with the G Data
AntiVirus Management Server:
Product installation
We begin with the installation of the management server, which is then used to install the
other products.
- 49 -
Product Review: Corporate Review 2010
The next selection also allows for scalability of
the security system. Settings can be stored in
an integrated database, an existing SQL server
instance, or SQL Express. The SQL Express option states that it is “required for large networks”, which gives inexperienced users a
completely false impression. If you have a own
SQL server, there is no need for the Express
version, you can use your SQL server.
As usual, there’s a licence agreement to accept:
Next we choose the installation folder:
As we don’t have an SQL server in our test
environment, we use the integrated database
for our test.
The next step is to confirm the hostname of
the computer being installed, via which it can
be accessed by client PCs:
Now we can decide on the type of server to be
installed. Compatibility mode for earlier client
versions can also be selected here. You can see
that G Data also allows you to install secondary and local servers, to enable easier distribution in large networks.
- 50 -
Product Review: Corporate Review 2010
The installer now has all the information it
needs to begin the installation process.
Services and servers are then installed and
configured:
The management interface
When the administration console first starts,
we are asked for logon credentials, and given a
choice of integrated or Windows authentication:
When installation has successfully completed,
we have to decide whether to register:
Once we have entered the correct logon details, the management console opens and the
setup wizard starts:
- 51 -
Product Review: Corporate Review 2010
The next step is to select the computers in our
network that we need to protect. It is of
course possible to manually add any computers
that don’t appear in the list.
The wizard then asks if we want to install the
client protection automatically, which we confirm.
It is of course possible to change these settings later. In this case we rely on G Data’s
default settings and don’t make any changes.
The next part of setup is the opportunity to
change the default settings for the client installation, which can be done very easily.
After this, we can change Internet update
settings, to optimise virus updates for the
clients. The default configuration is manual,
but can easily be changed to one’s own requirements.
- 52 -
Product Review: Corporate Review 2010
Now we are ready to carry out the remote installation of the clients. To do this, we click on the
“Clients” tab and select “Install G Data Client”.
When the wizard has finished, we open the G
Data Administrator, which shows a status overview:
We notice that G Data is a leader with regard
to user interface design and intuitive use of
the software.
In the left-hand pane of the window we see a
list of all the PCs in the network. You can easily right-click on a machine and activate the G
Data client software. There is also the option
of forming groups to make larger networks
more manageable:
After the access credentials have been entered,
we are asked if the G Data client firewall
should also be installed:
Unfortunately, there is no real-time progress
display, and the messages provided by the
- 53 -
Product Review: Corporate Review 2010
status windows can only be described as Spartan:
Exchange 2007 protection
We start with the installation of Mail Security.
Here again it is pleasing to see one installer
for all the mail products. Installing G Data Mail
Security also installs the Administrator, although the latter can also be installed separately.
However, the client installation completes very
quickly and easily, and in just a few moments
the remote client is installed.
All further work can be carried out using the G
Data Administrator, be it generating reports
with various criteria, or changing client settings. An obvious plus point is that there is a
preconfigured button for each standard action,
so there is no need to go searching through
menus.
It is very convenient to be able to install the
AV client software on the server itself, using
the Administrator. It is exactly the same as
installing the software on a client
The setup wizard starts after the installation
files have been unpacked.
First we have to accept the licence agreement.
- 54 -
Product Review: Corporate Review 2010
The next step is to choose the installation
folder:
During the installation it will be automatically
be recognised that the AV client is installed on
the server, and the user is shown a message
that its virus database will be used by MailSecurity:
Of course, a database will be necessary for
statistics and reports in the background. Once
again, there is a choice of using an existing
SQL Server instance, or installing SQL Express.
This time, the misleading message about using
SQL Express for large networks has gone:
When the installation is complete, we can start
the administration console and start configuring.
The installer now has all the information it
needs to begin.
- 55 -
Product Review: Corporate Review 2010
The warning indicators show the administrator
immediately which areas need immediate attention:
The MailSecurity management
interface
After the installation, we start the administrator console.
Here too, a password has to be entered:
To make configuration changes, we click on
“Options”. The dialog box has tabs to show the
different areas, starting by default with incoming security:
As we have not yet set up a password for
MailSecurity administration, we have to do this
now:
Once again it is clear here that G Data is at the
forefront of simple user interface design. All
essential information is shown on the first
page of the intuitive interface.
The Incoming tab allows groups etc. to be
imported from Active Directory, which is a very
useful feature.
- 56 -
Product Review: Corporate Review 2010
- 57 -
Product Review: Corporate Review 2010
Having configured the options, we then see
from the overview page of the Administrator
window that the system is now well protected:
The “Filter” area allows us to use preconfigured filters, or create our own, to deal
with the most diverse requirements:
We were also impressed with the various options for viewing the mail protection system,
such as the queue, or processed mails.
The tabs have been arranged so as to show all
the important options on one page, without
overwhelming the user with choices.
- 58 -
Product Review: Corporate Review 2010
Any malware found is clearly displayed in the
“Virus results” section:
The last of the configuration options is found
under “Spam Filter”. This is structured in the
same way as the Options dialog box, which we
have already seen. Thus the whole configuration interface of the G Data suite is very much
self-explanatory, and the user can immediately
find all necessary functions.
All the features one could want are present,
and so MailSecurity contributes to our overall
very positive impression of the suite.
- 59 -
Product Review: Corporate Review 2010
Summary
Remote installation of clients is very well handled and can be carried out very quickly.
Manufacturer’s website
The MailSecurity Administrator is no exception,
being very simple to use without lacking anything in the way of functions.
The G Data website (www.gdata.com) is welldesigned and easy to find your way around,
being compatible with current standards.
Deployment areas
The site offers everything that you would expect from an antivirus manufacturer. There is
information about current threats, and a virus
encyclopaedia. The business section is appropriate to the needs of business users.
Although the suite copes with all standard
requirements, the manufacturers see it as being appropriate for medium-sized businesses.
The simplicity of the administration means
that some sorting functions, which would be
valuable in larger networks, have to be forfeited.
G Data makes it clear on the website that the
suite is aimed primarily at medium-sized businesses.
Antivirus clients
The installation process
The client software is very user friendly and
easy to find your way around. There is effectively no configuration to be done, and warning pop-ups are infrequent. The default settings are ideal, as is the ability to prevent the
local user from making configuration changes.
As with the version we tested last year, the
installation of the G Data suite is made very
pleasant by the simple and intuitive user interface, which could be used even by inexperienced users without any need to consult the
manual.
Summary
The manufacturers have remained true to their
philosophy of simple installation, making this
one of the best products we have tested.
G Data has, like last year, succeeded in producing a suite that is very easy to use.
There is no lack of functionality, and G Data
sets the standard for intuitive user interfaces.
The administration console
Particularly the Exchange suite and the remote
installation are exemplary. The manual is virtually redundant.
The administration console is certainly one of
the simplest we have ever reviewed.
After the installation, only administrative work
remains to be done.
The numerous functions and configuration
possibilities mean that the suite is lacking
nothing in terms of functionality.
- 60 -
Product Review: Corporate Review 2010
Pros
Cons
+ Rapid client installation
- Few filtering options
+ Simple administration console
- No real-time status
+ Simple remote installation
- Misleading annotation in the database setup section
+ Quick and easy installation
+ Excellent Exchange protection
Deployment areas
Small Networks (0-50 Users)
Medium Networks (50-500 Users)
Large Networks (500-? Users)



Summary









Installation Wizard
User Navigation
Administrator console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 61 -
Kaspersky
Product Review: Corporate Review 2010
Installation procedure
Downloading the product
Product installation
All the products can be downloaded in fully
functioning versions from the manufacturer’s
website. It is easy to find the products, and
the website design is simple and clear.
We begin with the installation of the Administrator Kit.
The trial versions of the software run for 30
days, which is adequate time to carry out comprehensive tests. It is necessary to register to
obtain a trial licence.
Unfortunately, Kaspersky conforms to the general rule whereby there is no single installer
for the whole suite. This does however give
you the opportunity to choose the individual
products suitable for your own network. We
note that Kaspersky also produce security
software for Linux networks.
The first step is to choose the folder for the
setup files:
There is a clear and simple diagram of the
different products and their functions:
By and large we had no complaints about the
design of the website.
The installer then unpacks the setup files to
this folder:
- 63 -
Product Review: Corporate Review 2010
The setup wizard then starts:
Now we have to choose the installation folder:
There is the usual licence agreement to accept:
The next step is to choose the features we
want to install:
The next point allows us to choose between
“Standard” and “Custom” installation. To get
an idea of the options available, we select
Custom.
We particularly liked the next step, which asks us
to choose the expected size of the network. Unfortunately there is no information as to how
each of these options will be configured.
- 64 -
Product Review: Corporate Review 2010
We select SQL Express for our test.
In the next step we can choose the user account for administering the suite. There is a
choice of using an existing account, or creating a new one:
We now just need to choose the authentication
method:
We then have to choose a database option
from SQL Express or MySQL.
The next point concerns the SQL parameters:
- 65 -
Product Review: Corporate Review 2010
The installer now has enough information to
begin the setup process. It must be noted here
that the installation must be carried out using
the main Administrator account; any other
user account, even with administrator privileges, will not work. We feel that the wizard
should notify the user of this at the start.
Kaspersky uses a network share to distribute
installation packets and updates. You can
choose between using an existing share and
creating a new one:
An Administration Server port also needs to be
defined:
Once the installation is complete, we can open
the administration console:
The management interface
First use of the admin console conveniently
starts a configuration wizard:
The method of name resolution for the server
can also be set:
- 66 -
Product Review: Corporate Review 2010
The first step is to select a licence file:
By clicking on “View discovered computers“
you can see the client PCs that have been discovered:
We choose a locally stored licence key:
Next, we can configure the notifications for
the mail server:
Next, the installer carries out a thorough scan
of the network:
We then see a summary of the completed
tasks:
- 67 -
Product Review: Corporate Review 2010
Next we start the deployment wizard:
The configuration wizard then downloads updates to the administration server:
Here we can select the installation packets
that we want to distribute to the clients. Any
installation packet not in the default list can
be added manually:
A great number of update files will be downloaded for the various systems, but there is no
need to wait for the update process to finish,
as it will run unattended in the background.
Like last year, Kaspersky’s configuration wizard
is definitely one of the best we have tested, as
finishing one wizard leads to the start of the
next, so that no important tasks can be forgotten.
If the wizard has already been used before,
there is a choice of installing software to new
clients, or additional packets to existing clients.
- 68 -
Product Review: Corporate Review 2010
Kaspersky provide an exemplary choice of actions to be carried out on client computers
when a restart is necessary:
As this is the initial configuration, we have to
select the client PCs to be installed:
The next point is the selection of options for
the client installation. We particularly liked
the option for Active Directory integration:
The installer can be configured to remove any
incompatible applications, such as other antivirus or firewall programs:
Now we have to select a licence for the client
installations:
The next step allows client computers to be
assigned to administration groups:
- 69 -
Product Review: Corporate Review 2010
We then choose the Windows account to be
used for the installation:
stallation display that informs the user of the
current state of client installations:
The wizard now has enough information to
begin the deployment process:
When the installation has been successfully
completed, a summary page is presented:
The only thing to be criticised here is the
speed with which the clients are installed.
The wizard then informs us that the deployment task has been created and started:
The console is designed in the accustomed
clear and comprehensible manner. All the necessary functions are present and easy to find.
This simplicity means that even inexperienced
users can find their way around easily, without
any need to consult the manual.
It seems impossible, but Kaspersky is the first
manufacturer to have created a real-time in-
- 70 -
Product Review: Corporate Review 2010
Exchange 2007 protection
We begin with the mail security setup:
Here we can choose whether to start protection immediately after setup completes:
There is the usual licence agreement to accept:
We were pleased to note that the installer
points out that some Microsoft services need
to be restarted after the installation.
There is the choice of “Typical” or “Custom” installation:
The installer now has enough information to
begin:
The installer points out that additional parameters can be configured in the next stages:
- 71 -
Product Review: Corporate Review 2010
The Exchange 2007 interface
The MMC-compatible management console for
the Exchange protection is very clear:
An initial screen allows us to define what servers we want to manage with that console. This
can be useful for some administrators, who by
some reason do not want to use Administration Kit.
If you switch to managed server you can see
installed components and basic license overview.
There is a limited range of options here, so it
is an easy task to configure the available settings. These are notification, reaction in the
event of an infection, backups and reports:
The upcoming Kaspersky Security Suite for
Microsoft Exchange has fewer steps. We will
report in one of our next tests.
- 72 -
Product Review: Corporate Review 2010
Server protection menu have two tabs related
to two main tasks the product is charged with
– Anti-Virus and Anti-spam protection.
Notification settings allow us to set up notification rules for main predefined event types.
Anti-SPAM protection tab allows us to define
rules for spam processing.
Reports management allows us to create and
view reports on virus and spam detection.
Updates management also allows setting up
update source and frequency, again as a separate settings for Anti-spam and Anti-virus protection.
- 73 -
Product Review: Corporate Review 2010
And final License tab used for license management.
Settings tab used to set up some main system
configuration like logging and backup storage
capacity.
- 74 -
Product Review: Corporate Review 2010
Summary
Antivirus clients
Manufacturer’s website
The client software is, as usual for Kaspersky,
very professionally produced, and hard to find
fault with.
Kaspersky’s website (www.kaspersky.com) conforms to normal Internet standards and is easy
to find your way around.
Summary
Kaspersky has, as it did last year, produced a
very good corporate suite, which can be recommended to everyone without reservation.
There is also a “security zone” where you can
find out about viruses and other types of malware.
The setup wizards and administrator interface
make working with the suite very easy.
The installation process
There is a lot of information to be entered
during the setup process. However, the cleverly designed setup wizards are a big help, and
so even inexperienced users can carry out the
installation quickly and easily.
It is of particular note that Kaspersky is one of
very few manufacturers to produce a real-time
display of the status of client deployment.
It is actually mystifying that other software
companies don’t follow Kaspersky’s excellent
example and allow the administrator to keep
up with the installation status of the clients.
The configuration is also made easy by the
wizards.
The entire suite can be installed and configured in minimal time, without having to consult the manual.
The administration console
As with the product we tested last year,
Kaspersky knows how to make life easy for the
user, and so the entire configuration process is
child’s play.
The MMC-compatible console, with its graphical
presentation in the functions pane is particularly
pleasing.
Deployment areas
Kaspersky is at home in networks of all sizes,
and the Active Directory integration is a big
help. It is only in very large networks that the
product might be a little inconvenient.
- 75 -
Product Review: Corporate Review 2010
Pros
Cons
+ Real-time status of tasks
- Limited Exchange functions
+ Graphic display in administrator console
+ Simple remote Installation
+ Excellent setup wizards
+ Quick and easy installation
Deployment areas
Small Networks (0-50 Users)
Medium Networks (50-500 Users)
Large Networks (500-? Users)



Summary









Installation Wizard
User Navigation
Administrator Console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 76 -
Product Review: Corporate Review 2010
McAfee
Software:
Test Software:
McAfee Total Protection for Endpoint
File Server Protection
Exchange Server Mail Protection
Client Virus Protection
- 77 -
Product Review: Corporate Review 2010
Installation process
Product installation
Downloading the products
We begin the installation of the “Total Protection Suite for Endpoint”. The first task is to
confirm that additional software packets
should be installed:
The layout of the McAfee website is simple. It
is, however, the least informative of all the
manufacturer’s websites in this review. You
could be forgiven for thinking that it serves
rather more as a storage area for developers’
documents, and less as a source of information
for customers.
Even after searching the website for hours, it
is still not clear to the corporate user which
products to choose.
We confirm this installation. We note that
McAfee is one of very few manufacturers to
demand a restart of the server after installing
the C++ Redistributable Package:
Having eventually reached the download area
for the trial versions, you are faced with a
huge variety of products. There is a filter function, but the labelling of the filter options is
just as mysterious as the naming of the products.
Registration is necessary to obtain a trial key.
This is valid for 30 days, which is sufficient
time to test the selected product thoroughly.
Now the installation proper can begin:
When we reviewed the beta release of McAfee’s
ePolicy Orchestrator management server we
were pleased to see it bypasses this web site
complexity. ePO provides a Software Manager
screen that presents the user a list of available
evaluation and licensed software for download
directly into the management server.
- 78 -
Product Review: Corporate Review 2010
The next step is to enter the user credentials
for the management console:
Next we have the choice of entering a licence
key, or using a test version:
We accept the licence agreement:
Here we can select the installation folder:
Following this, we can choose the scope of
functionality to be installed:
The access data for the database server is then
entered:
- 79 -
Product Review: Corporate Review 2010
This is followed by the choice of ports for
communication with the suite:
When installation is complete, we start the
“Orchestrator” to carry out the configuration:
The installer now has enough information to
complete its task:
- 80 -
Product Review: Corporate Review 2010
The management interface
After starting the ePolicy Orchestrator, we are
greeted by the login site of the web application:
The first step is to create groups for network
organisation, and assign client PCs to these:
The first step is to authenticate yourself.
The standard password has to be entered here,
which can only be found by reading the handbook.
We confirm without changing the password
and log in to the management console for the
first time.
The management interface of the Orchestrator
has a very pleasing graphic design:
By clicking on System Tree we can begin creating our security structure:
McAfee is entering new territory here by offering the user an interactive tour of the suite, in
order to learn how to use it, and what the next
steps will be:
- 81 -
Product Review: Corporate Review 2010
When the computer has been added into the
group, there is a variety of actions which can
be applied to it:
Having created two groups, for the server and
clients respectively, we add the machines to
these:
This very extensive form allows the administrator fine control over the process of adding
computers, and also enables pre-configuration
of some important settings, thus saving a lot
of work later.
Having activated the Computer Browser service
on the server and entered details of an administrator account, you can select the computers
and add them into the security structure:
The scope of the Orchestrator is very wide, and
the well-designed web interface makes it very
user-friendly. It is very easy to download the
necessary software packets and store them in
the Repository of the Orchestrator, from where
they can be distributed with just a few clicks.
To do this, we go to the Client Tasks area and
select “New Task”:
We import our server with a click on OK:
- 82 -
Product Review: Corporate Review 2010
more in the way of knowledge and experience
from the user.
The query area is ideally prepared for analysis
of the log files, and offers a huge variety of
pre-configured queries, which provide a convenient means of finding out all important
information about the system.
It is also very practical that the Exchange protection has been installed at the same time,
and everything can be controlled using the
Orchestrator. McAfee has definitely created
one of the best all-in-one management consoles here.
The wizard that then starts has a wide variety
of tasks which can be applied to our selected
computers.
This type of configuration is found throughout
the interface and is very easy to get used to.
The individual areas are clear and easy to understand, and laid out in a well-structured
manner.
The Interactive Learning Tour is intended to
make using the suite easier for less experienced users. However, it must be said that the
suite is designed more for very large and complicated networks, which of course requires
- 83 -
Product Review: Corporate Review 2010
After just a short familiarisation period, the
user can carry out the most complex tasks
easily.
Summary
Manufacturer’s website
The McAfee website (www.mcafee.com) conforms
to normal Internet design standards.
The enormous functionality and organisational
opportunities mean that the Orchestrator is
very suitable for large and complex networks.
Unfortunately, it is very easy to get lost on the
website, due to the confusing mass of different
products. For a corporate user, it is practically
impossible to find clear information about the
available suites. You are simply overwhelmed
with information and cannot get any sort of
overview.
Deployment areas
In short, all networks!
Antivirus clients
The client software is very user-friendly and
easy to find your way around, with no obvious
flaws.
This should be improved by McAfee as soon as
possible, either by simplifying their product line
or finding a way of presenting their products
more clearly.
Summary
After the initial confusion on the website, you
will be very pleasantly surprised by the suite.
The installation process
When you have eventually managed to find the
right suite, you can look forward to a very easy
installation.
Installation is very simple. The management
console provides trend-setting solutions in
several areas, and the degree of functionality
is impressive.
The fact that the management console, Exchange protection and intrusion prevention
system are installed together by one setup
program saves a great deal of time and effort.
Whether you need to protect a small network
or a huge domain, the McAfee suite will be
ideally suited for all requirements.
Other manufacturers should see this as an example and follow suit. Too many “suites” come
in the form of separate products with separate
installers.
The administrator console
The ePolicy Orchestrator is currently one of the
best and most powerful management consoles
on the market.
- 84 -
Product Review: Corporate Review 2010
Pros
Cons
+ Outstanding administration console
- Very confusing website
+ Simple configuration
+ Very good grouping functions
+ Quick and easy installation
Deployment areas
Small Networks (0-50 Users)
Medium Networks (50-500 Users)
Large Networks (500-? Users)



Summary









Installation Wizard
User Navigation
Administrator Console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 85 -
Sophos
Product Review: Corporate Review 2010
Installation
Product installation
Downloading the product
The first task is to unpack the installation files
to the local hard drive:
The website impresses with its pleasant design. It is simple, clear and fast.
Registration is necessary to obtain a free trial
key. This gives an adequate 30 days to test the
software.
The inexperienced user should take some time
to understand NAC; he or she may otherwise
waste time trying to find the additional module, which may not be necessary.
By the time you come to download the product, it should be clear which component does
what:
We are then greeted by the install wizard:
- 87 -
Product Review: Corporate Review 2010
Next, the setup programs checks that its requirements are met:
Next we can choose the installation folder:
In this case we have to update to the newest
Windows Installer (it is worth checking before
installation that this is up to date). Having
done this, we can proceed with the installation, and accept the licence agreement:
Sophos gives us the option of a “Complete” or
“Custom” installation:
We choose the “Complete” option.
- 88 -
Product Review: Corporate Review 2010
As in last year’s test, we can only applaud Sophos’ optimal Active Directory support. The
next step allows us to choose an AD group
which will be given administrator access to the
suite:
When installation has finished, the installer
informs us that the current user must log out
of Windows to complete the installation:
Sophos offers a service that sends information
on installation and operation of the system to
them, in order to improve support.
Again, we advise careful consideration as to
whether to use this service in high-security
environments.
Immediately after the user has logged on
again, the Sophos wizard appears and connects
to the newly installed management server:
The installer has now gathered sufficient information to proceed. With the Complete installation, SQL Server Express is installed:
- 89 -
Product Review: Corporate Review 2010
The most important commands can be found as
buttons with appropriate icons on the menu
bar.
When the management console has started,
the configuration is checked:
The second section is the configuration area,
where the organisational structures are created
and configuration is assigned according to
policies. This layout is simple and convenient.
Our first task is to start the download wizard
which will obtain the additional software
needed to protect the clients:
The management interface
Sophos is one of very few manufacturers to
have their own management console design.
This is very well thought out and structured:
Now we have to enter the username and password for the Sophos download account. In the
event that the system connects to the Internet
via a proxy server, this information can be
added in the same dialog box:
We particularly like the dashboard with its
overview of the state of all important security
aspects. The experienced user will see the immediate tasks at a glance:
1. Create network organisation groups and
add computers to these
2. Configure updates
3. Remote installation of the client software
4. Changes to the central configuration
- 90 -
Product Review: Corporate Review 2010
The next page of the wizard allows client software for different operating systems, including
Mac and Linux, to be selected:
At the end of the wizard, there is the opportunity to view a tutorial on the next stages of
the configuration process:
The necessary files are now downloaded to the
hard drive. It is not necessary to wait until the
download has completed; you can click on
Next to go on to the next page. However, Sophos unfortunately leaves you in the dark as to
how fast the download is progressing and
when it will finish:
As we unfortunately don’t know how long we
will have to wait before we can start deploying
the software to the clients, investigate how
easy it is to manually create new security
groups.
The next stage allows you to use AD to import
computers into organisational groups:
- 91 -
Product Review: Corporate Review 2010
Next we look for the AD container with our
client PC in:
The wizard above appears after we click on
“Find New Computers”. Again we see that Sophos has the best Active Directory support of
any of the products we have tested here. Even
importing complex AD forests is child’s play. Of
course, it’s also possible to add computers that
are not part of AD.
For our test, we select “Import from Active
Directory”:
The container structure can be imported here
as well, making it the quickest and most convenient method of importing groups:
In the Sophos management console we create
a new group called Clients, and use it to import our Client group from AD:
- 92 -
Product Review: Corporate Review 2010
A summary is displayed, and then the import
process can proceed:
The Protect Computers wizard starts:
The results of the import wizard are displayed
at the end:
Next we can select the features to be installed
on the client:
At this point we still do not know how far the
downloader has progressed with obtaining the
client software; we can do little except wait. It
is hard to understand why an otherwise highly
professional suite gives no information at all
as to the status of the download.
Once we have ascertained that the client software is available, we can proceed with the
installation of the client PCs. To do this, we
right-click on the computer we have just imported and select “Protect Computers”:
- 93 -
Product Review: Corporate Review 2010
Our client is immediately recognised, and the
deployment can proceed:
The descriptions of the different policies are
self-explanatory, and the default settings appropriate.
The clear ordering, with pre-defined filters,
makes administering even large networks very
straightforward:
We now enter the credentials of a Windows
account with the necessary privileges to carry
out the installation:
The Report Manager, for example, hardly requires any changes to be made to the standard
report:
When installation has finished, we can immediately see that the policies are being pushed
out to the client, thus assigning it the configuration settings:
The entire suite follows this principle. Functions are configured using policies, which are
distributed to the relevant PCs.
- 94 -
Product Review: Corporate Review 2010
Here we can select the features to be installed:
Exchange 2007 protection
Again, we start by unpacking the installation
files onto the local hard disk:
Next we define the installation folder:
Here we have to supply Sophos with the registration information, in order to be able to
download updates:
We accept the licence agreement:
- 95 -
Product Review: Corporate Review 2010
Here we can create a configuration group for
PureMessage:
Now we can choose a database for the storage
of quarantined items and other data:
Then we enter the admin email address:
If there is no SQL Express server available, this
can be automatically installed too. Alternatively, a connection can be made to an existing
SQL server.
The next step is to enter details of the service
account to be used to run PureMessage:
At this point it is possible to enter routing
information for the email domain, although
this can of course be done later.
- 96 -
Product Review: Corporate Review 2010
There are a few details to be entered about the
company size and location:
Immediately after the restart, Sophos begins
post-installation tasks. For example, configuration of SQL Server Express, if this is used:
Once again, a summary of the installation details is displayed before the installer begins:
As soon as these automatic tasks are completed, we can continue with our own configuration:
When setup is completed, the installer informs
us that a restart is required:
- 97 -
Product Review: Corporate Review 2010
It is the clearly ordered and professional design that makes working with the console a
pleasure:
The management interface of Pure Message
The management console for Sophos’s mail
protection is also very well-designed and professional:
The wide variety of functions can be clearly
seen, and leaves nothing to be desired:
The MMC-compatible format provides a clear
functional structure, with a good summary
page. Even the real-time summary display,
called “Activity monitor”, is a feast for the
eyes:
- 98 -
Product Review: Corporate Review 2010
The Exchange Server protection thus fits very
well with the positive impression created by
the entire suite.
With the Exchange Server protection too, Sophos comes up trumps with outstanding AD
support:
The configuration possibilities, with convenient drop-down menus, work very well:
- 99 -
Product Review: Corporate Review 2010
Summary
The clear and simple design with strong reporting functions can cope with the most complex
requirements, and the configuration wizards
are convincing throughout.
Manufacturer’s website
The Sophos website (www.sophos.com) is
pleasantly designed, clear, and conforms to
current standards.
This console should serve as an example for
many others.
If you want to find out more about Network
Access Control, the Sophos website is an ideal
starting point. There is a lot of well-presented
information on the subject, with appropriate
references to suitable products.
Deployment areas
The Sophos suite is suitable for all networks,
without exception. Its strengths are particularly suited to large and complicated networks.
The installation procedure
Antivirus clients
The installation is quick and easy, as is to be
expected from Sophos. A basic understanding
of network security is desirable, but the installer leads you through the process well.
Endpoint Protection is based on the principles
of Network Access Control (NAC). This is hardly
noticeable to the user, and the remote installation is very simple to carry out.
The single installer for the majority of the
products is to be commended.
Summary
The Active Directory support is also outstanding, and makes child’s play of setting up accounts etc.
This year (as last) Sophos has, along with
McAfee, produced the best suite of those we
have reviewed.
The management console
The consistent design of the product line and
its installation is convincing throughout.
As with last year’s product, the current Sophos
management console is a trend-setting solution.
Almost no other suite offers the user more
functionality with such ease of use and organisational features.
- 100 -
Product Review: Corporate Review 2010
Pros
Cons
+
+
+
+
+
- Few Exchange functions
- No indication of download progress
Real-time status of tasks
Graphic design of administrator console
Simple remote installation
Excellent setup wizards
Quick and easy installation
Deployment areas
Small Networks (0-50 Users)
Medium Networks (50-500 Users)
Large Networks (500-? Users)



Summary









Installation Wizard
User Navigation
Administrator Console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 101 -
Product Review: Corporate Review 2010
www.av-comparatives.org

Trend Micro
Test Software:
OfficeScan 10.0
Client Protection
ServerProtect for Microsoft Windows
File Server Protection
ScanMail for Microsoft Exchange 10
Exchange Server Mail Protection
Control Manager 5.5
Management Console
– 102 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Installation process
Product installation
Downloading the product
Until recently, only Version 5, Repack 2 was
available, which would only work with Windows Server 2003 or earlier.
The manufacturer’s website offers everything
you would expect from a commercial website,
and it is easy to find what you’re looking for.
Unfortunately, Trend Micro has adopted the
practice of offering suites consisting of individual products, without offering an installer
that will install them all in the right order.
During our tests, Trend Micro brought out Repack 3, which also supports Windows Server
2008. A few days later, version 5.5 of the Control Manager was released, which we then used
for our review.
Download times:
Even then there was another hurdle to get
over. The Control Manager cannot be installed
on a server that is acting as a domain controller.
SPNT58_en_repack1.zip
(234 MB)
05:36min (534kb/sec)
Thus we decided to install the Control Manager
on a client PC with Windows 7, in order to
simulate an administration computer that is
used to manage the Trend Micro security environment.
OSCE_10_WIN_ServicePack1_SinglePackage_
R4 (en)
(481 MB)
07:17min (489kb/sec)
We begin with the installation of the Trend
Micro management console.
SMEX10.0_GM_Build1412_R2 (280 MB)
04:4min (544kb/sec)
TMCM50_GM_repack2.zip
(550 MB)
08:10min (772kb/sec)
The message above informs us that additional
software packets are necessary and will be
installed.
- 103 -
Product Review: Corporate Review 2010
www.av-comparatives.org
There is also a message to let us know that
installation will require Microsoft’s IIS service
to be restarted:
The next step is the investigation of the environment, and a report on this is displayed:
When we have confirmed that we wish to continue, the Control Manager installer starts:
We can then choose an installation folder:
We accept the licence agreement:
The licence key now needs to be entered:
- 104 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Trend Micro also asks whether we wish to join
their threat network and send feedback:
Now we come to choosing a location for updates and backups:
The next step is to choose the security level
and IP or hostname of the Control Manager
server:
The database settings are the next task. If
there is no SQL server available in the network,
SQL Express can be installed with the Trend
Micro suite:
We then enter details of the web server used
for Trend Micro administration:
After verification of the database, we have to
create a Root (administrator) Account:
- 105 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Now we can configure routing and notification
settings, and enter proxy server details if necessary:
The Control Manager is very well designed, and
the clearly structured web interface makes it
easy to find your way around.
We are pleased to note that the information is
presented in a clear and comprehensible way,
allowing the user to keep an overview.
In the “Dashboard” category, under the
“Threat Statistics” tab, information about the
threats found on the network is displayed. The
“Compliance” tab shows relevant system information that can be used to check if the configuration complies with internal IT audit requirements.
When installation is complete, we can begin
configuration.
A very convenient feature is the ability to create your own tabs, which can be customised to
display the information most important to you:
The management interface
The login box appears in a browser window:
Such a simple method of customising the tabs
would not be out of place on some websites.
Having logged in, we see the dashboard, which
gives an overview of the state of the system:
- 106 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Under the “Products” category, you can find
installation packets and products which can be
installed or distributed around the network.
Thus it is easy to create the most important
queries and run these again when necessary,
using just a few clicks.
The other reporting functions are also very well
designed. For example, there are 8 default
templates for commonly used reports, or more
experienced users can create their own templates for customised reports.
Under “Services” we find components that
were selected for installation during the setup
process, such as “Outbreak Prevention Services.” Additionally, the latest messages from
the manufacturer are displayed on the “Trend
Labs Message Board”.
In the area of reporting and log options, the
Control Manager has everything you could possibly want.
Next we take a look at the “Logs/Report” area:
In the “Updates” category, you will also find
everything you need:
The enormous experience of Trend Micro is
shown here. The logging and reporting system
can be precisely customised to suit the administrator’s individual needs.
You have the choice of repeating queries which
have already been made, or running a so-called
“Ad Hoc Query”, which runs a wizard that will
extract the precise information you want.
The update settings can be configured down to
the last detail, and the Control Manager is well
- 107 -
Product Review: Corporate Review 2010
www.av-comparatives.org
We begin with the installation of ServerProtect:
suited to even complex network environments
in this respect.
We were impressed to see that there is an individual control with which you can precisely control how specific updates can be distributed.
The “Administration” area is responsible for
the management of the Management Console
itself. You can add new Control Manager users,
or change settings for existing ones. There is a
convenient choice of using Trend Micro’s internal user management, or adding a user from
Active Directory.
There is the usual licence agreement to accept:
“Command Tracking” can also be found in this
area. This gives an overview of which actions
were carried out by which user at what time.
These functions in the Administration area are
well thought-out and make the Control Manager suitable for use in large networks which
have their own security teams.
We then enter the registration data.
The clear and simple web interface and clear
structure mean that Control Manager is able to
display a huge amount of data in a comprehensible manner.
We now move on to the installation of the
server protection software, ServerProtect.
Anyone who has worked with Trend Micro corporate products in recent years will find the
installation process of the current version very
straightforward, as the layout has remained
the same for the last 5 years.
- 108 -
Product Review: Corporate Review 2010
www.av-comparatives.org
After this, we can choose the individual functions of ServerProtect:
The next point concerns the creation of a program group in the Windows Start Menu:
Next, we enter credentials of an administrator
account to be used to manage ServerProtect.
The installer now has enough information to
begin the setup process:
Next we enter the “Information Server” password and the domain:
On completion of the installation, we start the
ServerProtect Management Interface:
- 109 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The ServerProtect management console
The first step is to enter the password into the
familiar logon dialog box:
Next we have to decide if we want tips for
using the console to be displayed:
Nonetheless, the console is straightforward
and functional. On the left are links to the
individual areas that can be configured.
The ServerProtect system is structured simply.
There are Information Servers, which are responsible for the updates and administration
of ServerProtect branch servers.
We were pleased to see that an update is immediately recommended:
This master/slave method ensures that the
system can be scaled appropriately.
The console is perfectly functional, but a
graphical facelift would definitely not hurt.
This would not affect functionality or use, but
would fit in better with modern operating systems.
It seems that Trend Micro have adopted the
motto “Never change a running system” as their
company philosophy. The ServerProtect management console has not changed at all in the
last 5 years
- 110 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The option is provided of scanning the target
computer for threats before installation:
Installation of Trend Micro OfficeScan 10
We begin the installation of OfficeScan:
Next we choose the installation folder:
There’s the usual licence agreement to accept:
Now we have the chance to enter any proxy
settings necessary:
Next we can choose between a local installation, and remote installation to one or more
different computers:
- 111 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Next we enter the web server that will be responsible for managing OfficeScan on this PC:
Next we need to enter activation codes for the
various services:
Here we can choose whether the client should
be located by its Windows hostname (“domain
name”) or IP address:
At this point, we have the chance to install a
Smart Scan Server, which runs a fast Cloudbased scanning service:
In the next step, we activate the product:
We choose to install the Smart Scan Server,
and now we can choose additional functions.
- 112 -
Product Review: Corporate Review 2010
www.av-comparatives.org
This is followed by the option of installing the
Trend Micro client firewall:
There is of course the usual enquiry as to
whether to join the manufacturer’s feedback
mechanism, Smart Protection Network:
Now we can enter administrator credentials for
the OfficeScan management console:
Next, we can decide whether to use the “assessment mode”, which ascertains whether
some potentially unwanted applications are
legitimate or not:
Unfortunately there is no option here to use
an existing AD account.
Now we come to the next dialog box (it feels
like the hundredth), where we can decide on
the folder to use for Trend Micro shortcuts in
the Windows Start Menu:
Next, we have to state a source folder from
which clients will obtain software update
packets.
- 113 -
Product Review: Corporate Review 2010
www.av-comparatives.org
At last the installer has enough information to
proceed:
The management interface
OfficeScan 10
We are greeted by the login dialog of the console:
The installation of OfficeScan takes rather
longer than that of competing products.
Here again, Trend Micro sticks with a familiar
and proven interface:
To protect a computer with OfficeScan, we go
to Networked Computers | Client Installation |
Remote. To select a client, we have to enter
the appropriate login credentials.
- 114 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Exchange 2007 protection
Next we are informed that Remote Installation
will not work with Windows XP Home or Vista
Basic. But, these OS’s, lack of an enterprise
networking stack prevents deployment using
remote deployment. There are other methods
to deploy the software - login script, MSI
packager, exe, web install, etc.
We begin the installation of Trend Micro
ScanMail:
We accept the licence agreement:
There are various methods of installing the
client software. There is the choice of remote
installation via the OfficeScan console, sending an email with a link to the installation
files, or using a login script.
Once the software has been installed, the client can be managed using the management
console:
Somewhat confused, we continue with the
installation. The next question is another we
The OfficeScan console impressed us with its
clear structures and self-explanatory menus.
- 115 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Here too we can state the path to the desired
installation folder:
haven’t seen before; other manufacturers don’t
find it necessary.
Next we have to enter the web server settings:
Now we even have to state what the target
server for installation:
The login credentials for the target server have
to be entered.
As we have so far sorely missed automatic
detection in the setup process, we are especially surprised to see the next dialog:
- 116 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Now the installer confirms the information
which we have had to enter manually:
Again we are asked if we want to take part in
the manufacturer’s data sharing program,
called World Virus Tracking Program:
The installer still needs more input from the
user, namely proxy settings:
Every detail is asked separately. Now we have
to decide what to do with spam mails:
Next we have to enter the activation code:
- 117 -
Product Review: Corporate Review 2010
www.av-comparatives.org
In this step, we can use AD to select a group
to manage ScanMail:
Our Exchange server is now protected by
ScanMail:
Finally the installer has gathered all the necessary information:
- 118 -
Product Review: Corporate Review 2010
www.av-comparatives.org
The ScanMail management
interface
Here too, the self-explanatory descriptions
used are extremely helpful, so it is easy to find
and use all the functionality.
The scope of the functions in ScanMail is very
good, leaving nothing to be desired.
Thus, apart from the truly poor installer, there
is nothing here to criticise.
The ScanMail management console uses the
same design as that of OfficeScan, and so anyone familiar with OfficeScan will find their way
around easily.
The detailed summary page of the console is
particularly good, giving an overview of all
important information:
- 119 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Summary
The administrator console
Manufacturer’s website
Despite the fact that the administration interface of OfficeScan and ScanMail has hardly
changed in recent years, it remains very practical to use. It was a very well-designed interface when it came out, and proves that some
designs are so effective that they do not need
to be changed.
The
Trend
Micro
website
(www.trendmicro.com) is suitably designed
and easy to find your way around. It conforms
to normal Internet standards.
The site gives information about current
threats and contains all the normal antivirus
functions.
Deployment areas
An online scanner is also available.
The Trend Micro suite is equally suited to both
small and large networks.
The installation process
Antivirus clients
The installation of the individual products
requires a lot of information to be entered
manually.
The OfficeScan client is certainly one of the
simplest clients on the market. It runs unnoticed on the client PC, and with a wellconfigured OfficeScan console, no intervention
is required.
Once you have worked your way through the
installers for OfficeScan and ScanMail, you will
find a very useable interface which allows easy
configuration.
Summary
Trend Micro is a suite that fits the requirements of both large and small networks. After
a somewhat more demanding installation, the
administrator can expect a proven interface
with a functional design. The Control Manager
can be customised easily to your own requirements.
- 120 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Pros
Cons
+ Proven interface for OfficeScan and ScanMail
- Long, irritating installation
+ Management console
- High degree of manual input required
+ Functional web interface
Deployment areas
Small Networks (0-50 Users)
Medium Networks (50-500 Users)
Large Networks (500-? Users)



Summary









Installation Wizard
User Navigation
Administrator Console
Default Values
MS Active Directory Support
Database Support
Remote Installation
Website
Manual
- 121 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Feature List
- 122 -
Product Review: Corporate Review 2010
Feature list
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
Avira AntiVir Professional
BitDefender Internet
Security
ESET Smart Security
Business Edition
G Data Antivirus
Business
Kaspersky Small
Office Security
McAfee SaaS and
Email Protection
Sophos Computer
Security (Small Business Edition)
Trend Micro
Worry-Free Business
Security
G Data Antivirus
Business
Kaspersky Business
Space Security
McAfee SaaS and
Email Protection
Sophos Computer
Security (Small Business Edition)
Trend Micro
Worry-Free Business
Security Advanced
G Data Antivirus
Enterprise
Kaspersky Enterprise
Space Security
McAfee SaaS and
Email Protection
Sophos Security Suite
(Small Business Edition)
ESET Smart Security
Business Edition and
ESET Mail Security
G Data Antivirus
Enterprise
Kaspersky Enterprise
Space Security
McAfee SaaS and
Email Protection
Sophos Endpoint
Security and Data
Protection
Trend Micro
Worry-Free Business
Security Advanced
Trend Micro
Enterprise Security
for Endpoints and
Mailservers
unlimited
50000
unlimited
unlimited
unlimited
Recommended Product for
up to 5 Clients, 1
Server
up to 25 Clients and 1
Avira NetWork Bundle
Fileserver
up to 25 Clients and
Fileserver and Messaging Server
more than 25 Clients,
more than 1 Fileserver, more than 1 Messaging server
Features Management
Server
What is the maximum
number of clients
overall?
Avira NetWork Bundle
BitDefender Small
Office Security
BitDefender Corporate
Security
Avira AntiVir Business BitDefender Corporate
Bundle
Security
20000
Recommended 1000
per single server.
Scales to 10000 if
Master/Slave is used
(1 Master and 10
Slave Servers).
ESET Smart Security
Business Edition +
ESET File Security for
Windows File Server
ESET Smart Security
Business Edition and
Messaging Bundle
- 123 -
unlimited
Product Review: Corporate Review 2010
www.av-comparatives.org
Feature list
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
What is the maximum
number of clients
that can be managed
from a single management server under
the following conditions: All necessary
components (database, repositories,
update mechanisms,
reporting, etc) are
installed on this
server and the Clients
communicate with
the server either
continuously or at
least once per hour
20000
1000
10000
1000
50000
Unlimited,
Management Server is
Web NOC
25000
20000
Core 2 Duo 2 GB RAM
1,5 GB
Intel Core 2 Duo
E8400, 3GHz, 4GB
RAM, HDD SATA
300GB
Intel Pentium Processor or compatible
architecture; 512Mb
Ram; 500MB Disk
space
2GHz Pentium or
equivalent/512
MB/300 MB HD
OfficeScan server:
1GHz CPU, min 1 GB
RAM , min 3.5 GB free
hard disc space
Required minimum
hardware
(CPU/Memory/Disc)
Intel Pentium compatible processor
• 800MHz (1 GHz
recommended) for
Windows 2000/XP
• 1GHz (Core2 Duo or
equivalent recommended) for Windows
Server: 128MB RAM,
Vista/7
512MB HDFrontend:
• 256MB (512 MB
32MB RAM, 16MB
recommended) for
HDAgent: 32MB RAM,
Windows 2000
16MB HD
• 512MB (1GB recommended) for Windows XP
• 1GB RAM (1.5GB
recommended) for
Window Vista/7
HDD: 200MB (400MB
for installation)
Hardware needs only
to be strong enough
to support the OS,
and only optionally
the database
- 124 -
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
Does the product
provide a mechanism
to limit the data
transferred over WAN
Links when updating
clients in remote
locations?
•
•
•
• By designating one
client as local source
for definition updates
(Super Agent, Group
Update Provider)
•
•
•
•
Does the product
provide a mechanism
to prevent updates
over expensive network connections like
UMTS?
•
•
configurable
configurable
Does the product
provide a delta update mechanism?
•
•
•
•
Does the product
allow customers to
use 3rd party tools for
virus signature distribution?
Which options does
the product provide
to ensure that only
authorized administrators can administer
the product?
•
•
•
•
• •
•
•
•
Authentification
username, password
Username/Password
requirements
Password protection,
encrypted communication, role-based
administration
Authentification
username, password
Require minimum
password length
Depends on Windows
Security Policy
•
•
•
Lock administrator
account after entering a password multiple times (prevent
brute force attack)
Depends on Windows
Security Policy
•
•
Authentification
username, password
Authentification
username, password
Password protection,
encrypted communication
Administrator
account
- 125 -
Product Review: Corporate Review 2010
Feature list
Log out administrator
if idle for a specified
time
Client / Server
Communication
Does the client authenticate the server?
Does the server authenticate the client?
Is the communication
between the client
and the server encrypted?
Does the product
support a 'pull' communication mode?
Can the communication interval be modified?
What is the recommended communication interval?
Does the product
support a push communication mode?
Does the product
protect itself from
being tampered with
by the end-user or
malicious software?
Prevent processes
from being stopped
Prevent files and
folders from being
modified or deleted
Prevent product
registry entries from
being modified or
deleted
Proxy Server
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
McAfee
Depends on Windows
Security Policy
•
•
Kaspersky
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
60 minutes
5 minutes
5 minutes
5 minutes
15 minutes
4 hours
Real Time
Real Time
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 126 -
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Can a proxy server be
specified?
For HTTP
For FTP
Does the product
support proxy server
authentications?
Master-Slave-Server
Multiple AV Servers
Master server controls
slave server in different offices
Slave server for distributing updates
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Slave servers can be
nested multiple levUpdate Server is
els; they each have
separate from the
their own credentials
Slave Server. It is
for full access and for
possible to install and
read-only access.
configure more UpPolicies from upper
date Servers in casserver can be propacade
gated to lower servers.
Notes
Various product versions can be managed
within a few clicks
Client Installation
Which client deployment methods
does the product
support?
Does the product
include a mechanism
that allows the administrator to push
the software to the
clients?
•
•
•
•
- 127 -
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Can the installation
of the clients be
staggered over time
to ensure that the
network is not over
utilized?
Can the administrator
see the status of the
deployment (i.e.
Transfer, Installation
in Progress, Installation complete, etc.)?
AVIRA
www.av-comparatives.org
Bitdefender
•
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Does the product
include a mechanism
that allows the end
user to download and
install the software?
•
•
•
•
•
•
•
Can the admin sent a
link which allows the
user to download and
install the software?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Does to product
support the creation
of MSI packages for
deployment with 3rd
party tools and Active
Directory (GPO)?
Does the product
support the creation
of single file executable (.exe) installer
(i.e. for logon scripts
or CD distribution)
Which options can
be set for the client
installation in the
user interface?
•
•
•
- 128 -
•
•
Product Review: Corporate Review 2010
Feature list
Does the product
allow the administrator to define the
installation options
(i.e. silent, interactive, installation
folder, etc) in the
user interface?
Which installation
types can be defined
in the user interface?
Silent Installation (no
user interface is
displayed)
Unattended installation (the end-user
sees the progress of
the installation but
can not modify the
settings)
Interactive Installation (user chosen the
preferences)
Can the installation
folder be specified in
the user interface?
Can the administrator
define whether the
program is added to
the Start Menu?
Other installation
options
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Modules
Define if user is
restricted or power,
define what modules
to install or enable/disable, restart
options, scan before
install, set administrative password
Virtually all options
of the client can be
specified as a parameter of the push
installation
Group on bootstrap
- 129 -
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
General Capabilities
Is the system Multitenancy capable (host
multiple customers on
the same infrastructure but separating
the data)?
Does the product
allow administrators
to assign different
policies to different
groups of computers
(regardless of the
person logged in)?
Does the product
allow administrators
to assign policies to
users (regardless of
the computer they
use)?
Does the product
support static groups
(i.e. user or computer
are assigned manually
to a group or are
imported from a third
party system)?
Does the product
support dynamic
group assignment
based on criteria like
IP addresses?
Does the product
support hierarchical
groups with inheritance?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 130 -
•
•
•
•
•
•
•
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Location Awareness
Is the product capable of using different
policies, settings and
rules depending on
the location of the
computer?
Which settings/policies can be
changed depending
on the location?
Protection technology
policies
Antivirus policies
Firewall policies
HIPS & IPS policies
Device Control policies
Other protection
technology policies
Client settings
User interface configuration
Communication settings
Content update settings
Can the customer
define an 'unlimited'
number of locations?
AVIRA
•
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
IPS only
•
•
•
•
•
•
Updating
•
•
Anti-Spam, Web
Content filter, Internet usage control,
Application control
Anti-Spam; Proactive
Defense; Anti-Banner;
Anti-Dialer; AntiHacker; Updating
•
•
•
Browser control
Web Reputation
•
•
•
•
•
•
When the client
detects the notebook
is running on battery,
scheduled scans are
automatically delayed
and updated program
components are not
downloaded
•
•
•
•
•
•
•
- 131 -
Updating
•
•
•
IPS only
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Which criteria can
the customer use to
define locations?
Client IP Configuration
By specifying IP
addresses / IP address ranges
By specifying Gateway
By IP address / range
By MAC address
The client must have
the specified Gateway
The client must not
have the specified
Gateway
By specifying DHCP
server
By IP address / range
By MAC address
The client must have
the specified DHCP
server
The client must not
have the specified
DHCP server
By specifying the DNS
Server Address
The client must have
the specified DNS
server
The client must not
have the specified
DNS server
By specifying DNS
suffixes
AVIRA
•
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
over AD
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 132 -
over AD
Product Review: Corporate Review 2010
Feature list
By specifying the
type of network connection used or not
used by the client
(e.g. Ethernet, Wireless, VPN, Dial-up,
etc.)
By checking whether
a client can or can
not resolve a DNS
host name
By checking the
Registry
Can multiple criteria
be used to define a
location?
When is location
criteria evaluated?
Periodically
Immediately when a
change in the network configuration
takes place (i.e.
network adapter
enabled / disabled)
Can the end-user be
notified about a
location change?
Are location changes
logged?
Group Import &
Synchronization
Can computers be
imported from a text
file?
Can computers be
imported from Active
Directory?
AVIRA
www.av-comparatives.org
Bitdefender
always the adapter
that provides the
gateway
ESET
G Data
Kaspersky
McAfee
•
Sophos
Trend Micro
over AD
•
over AD
•
over AD
•
•
•
•
•
over AD
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 133 -
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Keeping the OU structure defined in Active
Directory
Using other criteria
to assign computers
to groups
Can changes in Active
Directory be synchronized?
Can the synchronization schedule be
defined?
Can computers be
imported from multiple Active Directory
servers?
Can computers/users
be imported from
other LDAP server?
Can computers be
imported by a GUI
Can different actions
be defined based on
the malware category?
Scan Location
Can the administrator
exclude/include files
and folders from
being scanned?
By file extension
By predefined lists of
extensions provided
by the product
By administrator
defined lists of extensions
By filenames
("file.txt") regardless
of folder or location
www.av-comparatives.org
AVIRA
Bitdefender
ESET
•
•
•
•
•
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 134 -
•
Product Review: Corporate Review 2010
www.av-comparatives.org
AVIRA
Bitdefender
ESET
•
•
•
•
•
•
•
•
•
•
•
Exchange 5.5
•
•
Exchange 2000
•
•
•
•
•
Exchange 2003
•
•
•
•
•
Exchange 2007
•
•
•
•
•
Exchange 2010
•
•
•
•
•
•
Feature list
By filenames & specific folder
("c:\Directory\file.txt
")
By folder name
Standard Windows
folder (i.e.
%WINDOWS%,
%SYSTEM32%) regardless of the operating system language
Does the product
provide preconfigured
exclusions?
Microsoft Exchange
Network shares
Is scanning of network shares disabled
by default?
Can a user or administrator scan network
shares after entering
a password?
System memory /
Processes
Does the product scan
processes in memory
for malware?
Can the administrator
define exceptions
(i.e. which processes
to ignore)?
•
•
•
G Data
•
•
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Kaspersky
- 135 -
•
•
•
•
•
•
Product Review: Corporate Review 2010
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Thunderbird
Microsoft Windows
Live Mail
Microsoft Windows
Mail
The Bat!
Does the product
scan incoming and
outgoing emails and
attachments in the
following protocols?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
SMTP
•
•
•
•
•
•
POP3
•
•
•
•
•
•
IMAP
•
•
•
•
•
Feature list
Boot sectors
Email Messages
Does the product scan
existing email in the
message stores of the
following applications?
Microsoft Outlook
Microsoft Outlook
Express
Lotus Notes
Archives
ZIP/RAR/ARJ & archived installers
how deep at on demand (by default)
Does the product
protect itself against
Zip of Death and
similar attacks?
By limiting the recursion depth
•
•
•
•
•
•
•
•
•
20
15
10
100
unlimited
unlimited
10
2
•
•
•
•
•
•
- 136 -
Product Review: Corporate Review 2010
Feature list
By limiting the number of files unpacked
By limiting the size
of an unpacked archive
By limiting the processing time for
unpacking archives
Offline files and
sparse files
Does the product
allow administrators
to define how files
with the offline bit
set should be handled?
Skip offline files
Skip offline and
sparse files with a
reparse point
Scan resident portions of offline and
sparse files
Scan all files without
forcing demigration
Scan all files touched
within a defined
timeframe without
forcing demigration
AVIRA
www.av-comparatives.org
Bitdefender
Sophos
Trend Micro
G Data
Kaspersky
McAfee
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Scan media at computer shutdown
Other locations
Does the product
provide preconfigured
scan locations?
On Demand Scans
Can the administrator
define when scans
should take place?
ESET
•
•
Removable media
•
•
•
•
•
- 137 -
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Can the system impact vs. scan speed
be defined?
Can the administrator
specify which Scan
Locations should be
included / excluded?
On Access Scan
Can the administrator
define when a scan is
triggered?
Can the administrator
specify which Scan
Locations should be
included / excluded?
Files / Directories
Log
Which information is
logged?
The Date and time
the infection was
detected
The name of the
infection and the
original location
where the infection
was found (incl. file
name)
The malware category
(i.e. Virus, Worm, etc)
The computer on
which the infection
was found
The user who was
logged on at the time
the infection was
detected
AVIRA
www.av-comparatives.org
Bitdefender
•
•
•
•
ESET
G Data
Kaspersky
•
•
•
•
•
•
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 138 -
Product Review: Corporate Review 2010
Feature list
The action and current status of the
infection (i.e.
cleaned, deleted,
quarantined, still
infected)
The current location
of the infected file
(i.e. local quarantine)
The scan that detected the infection (i.e.
On Access, Manual,
Start-up, etc)
End-user Interaction
Let the end-user
choose the action
Notify the end-user
By displaying a pop
up or balloon
Can the notifications
be customized?
By adding a warning
to an infected email
body or subject
(email)
By replacing an infected attachment
Can the notification
be customized?
Run a script or application after detection
Can a second or
alternative action be
defined (i.e. if the
first action fails)?
Which file specific
actions can the
product perform?
Clean
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 139 -
•
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Can the product
create a backup of
the file before attempting to clean it?
Quarantine on the
local system
Quarantine in a central location (i.e.
management server,
quarantine server,
etc)
Delete
Deny Access (for On
Access Scans)
Which processes
specific actions can
the product perform
Terminate the process
Stop the service
AVIRA
www.av-comparatives.org
Bitdefender
•
•
ESET
G Data
•
•
Kaspersky
McAfee
•
•
•
•
•
•
•
•
•
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Registry Access Rules
Does the product
allow monitoring and
preventing access to
registry keys and
values?
•
•
•
•
Does the product
allow to define/exclude for
which processes
(application and
services) a registry
access rule applies?
•
•
•
•
- 140 -
Product Review: Corporate Review 2010
Feature list
File and Folder Access Rules
Does the product
allow monitoring and
preventing access to
specific files and
folders?
Does the product
allow to define/exclude for
which process a
file/folder access rule
applies?
Which selection
criteria does the
product provide to
specify files and
folders?
By Name
By Filenames
("file.txt") regardless
of folder or location
By Filenames & Specific Folder
("c:\Directory\file.txt
")
By Filename and
Windows Folder(i.e.
#System32#\hosts")
Using wildcards (i.e.
*,?)
Using regular expressions
Limit by Location
(i.e. local drive, CD,
USB Stick)
Any Local Hard Drive
Any CD/DVD Drive
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
•
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
only if mounted as a
removable drive
•
only if mounted as a
removable drive
only if mounted as a
removable drive
•
•
•
•
•
•
•
•
- 141 -
Product Review: Corporate Review 2010
Feature list
AVIRA
Any Network Drive
Bitdefender
ESET
G Data
•
Any removable media
Process Access Rules
Does the product
allow monitoring and
preventing launching
processes?
Does the product
allow monitoring and
preventing terminating processes?
Does the product
allow to define/exclude for
which processes a
process access rule
applies?
Does the product
provide selection
criteria to specify
processes, e.g. by
name?
Process Definition
How can processes
(i.e. applications &
services) be specified
that are allowed/disallowed to
perform actions (i.e.
modify files, read
registry keys, load
dlls)?
By file fingerprint /
hash
By filenames & specific folder
("c:\Directory\applica
tion.exe")
www.av-comparatives.org
•
only if mounted as a
removable drive
Kaspersky
McAfee
Sophos
Trend Micro
•
•
USB/firewire
•
•
•
•
•
•
•
•
•
•
•
•
•
- 142 -
•
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Using wildcards (i.e.
*,?)
Limit by location (i.e.
local drive, CD, USB
Stick)
•
By user authorization
and by Behavioral
Genotype-based
whitelisting identities
produced by SophosLabs
Other
HIPS Actions
Which actions can be
taken when a rule is
triggered?
Allow Access to the
resource
Block access to the
resource
Terminate the process
trying to access the
resource
Can the end user be
notified when a rule
is triggered?
Can a log entry be
created when a rule is
triggered?
Sophos
Block, allow, allow
once, block once,
ignore
Block
Block
Block, allow
Block, report only,
terminate
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Conditions
Which conditions
can be checked
using the user interface (without using
scripts)
Conditions for files
and folder: How can
files be specified?
- 143 -
•
•
•
Trend Micro
Product Review: Corporate Review 2010
Feature list
By filenames
("file.txt") regardless
of folder or location
By filenames & specific folder
("c:\Directory\file.txt
")
By filename and
windows Folder (i.e.
#System32#\hosts")
By referencing a
value in the registry
Which conditions
can be specified for
file existence
File exists / does not
exist
File has specified
hash / file fingerprint
File version
www.av-comparatives.org
AVIRA
Bitdefender
•
•
•
•
ESET
G Data
•
•
Kaspersky
McAfee
Sophos
•
•
•
•
•
•
•
•
Directory exists
Which conditions
can be specified for
file (application)
versions?
File version is equal /
not equal to specified
version
File version is higher
/ lower to specified
version
Conditions for registry keys and values
A specified registry
key or registry value
exists / does not
exist
Conditions for numeric (DWORD)
registry values?
•
•
•
•
- 144 -
Trend Micro
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Is equal / not equal
to specified number
Is greater / less than
specified number
Conditions for text
(String) registry
values?
Is case sensitive
equal / not equal to
specified text
Is case in-sensitive
equal / not equal to
specified text
Contains / does not
contain specified text
(case sensitive)
Contains / does not
contain specified text
(case in-sensitive)
Conditions for binary registry values?
Is equal to specified
value
Contains specified
value
Conditions for processes
Process or service is
running / not running
Conditions relating
to the operating
system
Type of operating
system
Language of operating system
Service pack level of
the operating system
Is equal / not equal
to specified value
Kaspersky
•
McAfee
Sophos
•
•
•
•
•
•
•
•
•
•
•
- 145 -
Trend Micro
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
Is higher / lower than
specified value
How can conditions
be combined?
If .. Then .. Else
Logical (AND, OR)
Can the checks interact with the enduser?
Notify end-user (i.e.
that an operation will
take some time to
complete, e.g. by an
assessment %)
Query end-user
Does to product
provide preconfigured conditions?
Preconfigured Antivirus Check
Preconfigured Firewall
Check
Preconfigured Patch
Management Check
Other
Remediation
Does the product
provide remediation
capabilities?
Which remediation
action can be defined in the user
interface (without
resorting to
scripts)?
Registry remediation
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Standard and Expert
configuration
•
AntiSpyware
•
•
•
•
•
- 146 -
Product Review: Corporate Review 2010
Feature list
www.av-comparatives.org
AVIRA
Bitdefender
•
•
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
File remediation
Delete files / folders
•
Download files
Process remediation
Run application in
user / system security
context
Start service in user
security context
Start service in system security context
Software Remediation
•
•
•
•
•
•
•
•
•
•
Alert user when OS is
not up-to-date
(patched)
•
Virtual Patching
provided via the
Intrusion Defense
Firewall
•
•
•
•
•
•
•
Download software
and patches
•
Install / uninstall
software and patches
in user / system
security context
End-user interaction
Inform user
•
•
•
Query user
•
•
•
Enforcement
Can the product
prevent that a client
failing the client
health check connects to a network?
Which enforcement
frameworks does the
product support?
Microsoft Network
Admission Control
Cisco Network Access
Control
•
•
•
•
•
•
•
- 147 -
Product Review: Corporate Review 2010
Feature list
Symantec Network
Access Control
Other
Does the product
have inbuilt enforcement capabilities?
Host Based Enforcement / Self Enforcement (i.e. leveraging
a desktop firewall to
prevent network
connections)
Other
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
OPSWAT
•
Sophos
Trend Micro
DHCP, 802.1X, VPN
•
•
•
•
•
•
•
•
•
•
•
•
•
•
OPSWAT
Behaviour detection
Behavior detection
Is this technology
enabled by default?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
General capabilities
Is the firewall stateful for TCP and UDP
connections?
Can the firewall analyze VPN traffic
Firewall Rules
Does the product
come with default
policies?
For workstations
For server
Which criteria can
be used when defining rules?
Application
•
•
•
•
•
- 148 -
•
•
•
Product Review: Corporate Review 2010
Feature list
By filenames ("application.exe")
By filenames & Specific Folder
("c:\Directory\applica
tion.exe")
By File Fingerprint /
Hash
By Process
Network adapter
type
Ethernet
Wireless
AVIRA
www.av-comparatives.org
Bitdefender
ESET
•
•
G Data
Kaspersky
•
•
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
VPN
•
•
•
•
•
Dial-up
•
•
•
•
•
Local / Remote
•
•
•
Source / Destination
•
•
•
Remote Host
By IP address / IP
range
By MAC address
•
•
•
Direction
•
•
•
•
•
•
•
•
•
•
•
•
By DNS Name
•
•
By DNS Domain
By Technology Type
(incl. RDC, VPN,
SSH/SCP, Terminal
Services and Citrix)
Protocol
•
•
•
TCP/UDP/ICMP
•
•
•
•
•
- 149 -
•
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
AVIRA
Raw Ethernet
Other
Which Actions can
be taken when a
firewall rule is triggered?
Allow/Block traffic
www.av-comparatives.org
Bitdefender
•
128 protocols supported
ESET
G Data
•
Kaspersky
McAfee
•
IPv6-ICMP, IGMP,
GRE, ESP, SMP
IGMP, GGP, GUP, IDP,
GRE
Sophos
Trend Micro
Ability to control
network traffic below
the IP layer like EAP
or PPP and legacy
protocols like IPX and
Apple Talk
•
PPTP
•
•
•
•
•
•
•
Ask the end-user
Notify end-user when
traffic is blocked
Log
•
•
•
•
•
•
•
•
•
•
•
•
Log the incident
Include packet data
in log
End-user Interaction
Can end-users be
allowed to create
firewall rules?
Can the administrator
define rules that can
not be overridden by
end-user rules?
Can the administrator
define rules that can
be overridden by enduser rules?
Can the end-user be
allowed to disable the
firewall?
Can the firewall automatically be enabled after a defined
time?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 150 -
•
•
Product Review: Corporate Review 2010
Feature list
Can the number of
times an end-user can
disable the firewall
between reboots be
limited?
Can the end-user
easily block all network traffic?
Can the end-user be
allowed to see the
network traffic in real
time?
Firewall Logs
Which logs are provided?
AVIRA
•
www.av-comparatives.org
Bitdefender
ESET
•
•
•
•
App. Blocked and
allowed with the
reason (automatically
because of MD5,
publisher, or due
game mode), port
scan, Service started,
stopped, FW enabled,
disabled,
Can the firewall rules
be exported and
imported?
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
Critical warnings,
Errors, Warnings,
Informative records
and/or Diagnostic
records. For troubleshooting, all blocked
connections can be
logged.
•
Network attacks,
Banned hosts, Application activity, Packet filtering
Allowed in last 10
mins, Allowed today,
Blocked 10min/today,
Processes, System log
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Client Management
Client User Interface
Can the administrator
limit or control configuration changes by
the end-user?
Can different policies
be applied for different computers?
Depending on the
location of the device
(i.e. Office, Hotel,
Home, etc)
- 151 -
•
Product Review: Corporate Review 2010
Feature list
Depending on group
membership of the
computer
Depending on group
membership of the
user (i.e. administrator vs. normal user)
Actions
Which actions can
be initiated in administration console?
Update signatures
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
•
•
•
•
•
•
•
•
A group of computers
All computers matching certain criteria
(i.e. identified by
logs or reports)
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
All actions available
in the client product
Change all aspects of
configuration, including handing off a
client to another
server
mail scan
on/off/software
update
Comply with policy,
Clean up, Initiate
scans, Acknowledge
alerts, Protect (install/reinstall) etc.
connection verification, uninstallation,
outbreak prevention,
configuration changes
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
partially - outdated
clients, firewall rules
•
•
Trend Micro
•
•
Other
On which systems
can the actions be
initiated?
A single computer
•
Sophos
•
Possible using a
script
•
Reboot computer
Scan computer
Enable On Access
Scan
Enable/Disable Firewall
www.av-comparatives.org
•
•
•
- 152 -
Product Review: Corporate Review 2010
Feature list
AVIRA
Bitdefender
ESET
G Data
•
•
Kaspersky
McAfee
Any set of computers
(task for a set of
computers) or according to the administration group’s hierarchy.
Computers with a
specific user logged
on (policies per user)
Other
Can the status of the
actions be tracked?
www.av-comparatives.org
•
Sophos
Trend Micro
Automatically deploy
to discovered machines in AD
•
•
•
•
•
•
•
•
•
•
•
No. The console is
windows based and
can run from any
computer on the
network and access
the server from there.
The console software
is portable and can
run from a thumb
drive.
•
•
One per server (master server, slave
servers)
•
•
•
•
•
•
•
•
•
•
•
•
•
•
U/P for the administrator console or
Windows/Domain
authentication can be
used
•
•
•
•
Is there a web based
console?
Administrator Management
Rights
Does the product
support multiple
administrators?
Does the product
support different
access levels for
administrators?
Access Control
Can access for administrators be limited?
Authentication
mechanism
Can administrators be
authenticated using
an integrated authentication mechanism
(i.e. username /
password)?
•
•
- 153 -
Product Review: Corporate Review 2010
Feature list
AVIRA
Does the product
enforce minimum
password lengths?
Does the product
enforce maximum
password age?
Can administrators be
authenticated using
Active Directory?
Can administrators be
authenticated using
RSA Secure ID technology?
www.av-comparatives.org
Bitdefender
ESET
•
•
Kaspersky
McAfee
Sophos
Trend Micro
Depends on Windows
Security Policy
•
•
•
Depends on Windows
Security Policy
•
•
•
•
•
SEC uses AD, NAC and
Encryption use separate authentication
Administrator account
Other
Account Security
Does the product lock
an administrator
account when a
wrong password is
provided multiple
times (prevent brute
force attacks) and
can it be unlocked
automatically after
some time or manually by the administrator?
Does the product log
an administrator out
after being idle for
some time?
Administrator Auditing
Does the product
keep an audit log?
Which changes are
logged?
Log-in / Log-out
G Data
Depends on Windows
Security Policy
•
•
•
•
•
•
•
•
•
Over AD
•
- 154 -
Product Review: Corporate Review 2010
ESET
G Data
Kaspersky
Changes to policies
Changes to system
settings
Changes to groups
Change to administrative accounts
Which information
is logged
•
•
•
Time of change
The administrator
who performed the
action
The action that was
performed
•
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
•
•
•
•
•
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Device Control
Does the product
allow administrators
to limit the use of
external devices (USB
sticks, printers, etc)?
Can the product
identify devices by
•
Device ID
Manufacturer ID /
Unique ID
Can you exclude e.g.
printer USB Ports
from being scanned
Can you lock
•
•
Block
•
•
DVD
•
•
•
•
•
•
Floppy
•
•
•
•
•
•
external media
•
•
•
•
•
•
USB
•
•
•
•
•
•
- 155 -
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
All ports and all
removable media can
be locked, but it's
possible to add exceptions for any
individual ports or
media
other
G Data
Kaspersky
webcams
McAfee
Sophos
Trend Micro
WiFi, IR, Bluetooth,
Modems, Firewire,
SATA, PCMCIA,
Blueray, CD, Unencrypted/Encrypted
USB devices, Network
bridging
network resources
(N)IPS
Can the product
prevent computers
from receiving NetBIOS traffic originating from a different
subnet?
Prevent MAC spoofing
by allowing incoming
and outgoing ARP
traffic only if ARP
request was made to
that specific host
Detect ports cans
Does the product
detect and prevent
denial of service
attacks?
Does the product
provide a signature
based network intrusion prevention systems?
Can a customer create
custom IPS signatures?
Does the product
include attack facing
signatures?
Does the product
include vulnerability
facing signatures?
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 156 -
Product Review: Corporate Review 2010
Feature list
Which actions can
be performed?
Traffic can be allowed
/ blocked / dropped
Incident can be
logged
AVIRA
www.av-comparatives.org
Bitdefender
•
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
Failover
What if the AV Server (local) hang-ups
automat. switching to
a second local server
updates from vendorserver instead of local
server
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
any other network
shared folder
other
Quarantine
Quarantine Folder
Is there a centralized
quarantine-folder
Is there a quarantinefolder on the client
can administrators
specify the location
of the quarantine
folder anywhere
rechecking quarantine
after a signature
update, is the quarantine folder
checked?
automatically
manually
•
•
•
•
No, but administrator
console provides a
centralized view of
the quarantine on
clients
•
•
•
•
•
•
•
•
•
•
•
•
- 157 -
Product Review: Corporate Review 2010
Feature list
undo av-action if
false positive is detected
Messaging
Exchange
Feature overview
Messaging
AVIRA
www.av-comparatives.org
Bitdefender
•
Exchange
G Data
•
Exchange
Modules and functional areas
Malware detection
Recursive scan of all
e-mails and file attachments in real
time, event-and timecontrolled.
Information Store
scans on every server.
Support of automatic
virus pattern updates.
Scanning of e-mail
message text and
attachments.
Detecting file attachments by means
of clear, nonmanipulable file
patterns or by file
type, detects and
blocks even manipulated files
ESET
Exchange
Kaspersky
McAfee
•
Exchange
Special module for
Exchange. Full integration with MS
Exchange, scans the
whole Exchange
store. Manageable
from the central
management server.
Supports 64-bit Exchange.
Gateway Solution
•
Exchange
•
Sophos
Trend Micro
•
Exchange
Exchange
Exchange
Complete defense
against spam, phishing, malware and
data leakage. An
upcoming add-on will
enable email encryption.
antimalware, antispam, content filtering, attachment
blocking, Url filtering
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 158 -
•
Product Review: Corporate Review 2010
Feature list
Definition of file
limitations by a
combination of file
name, file extension
and file size.
Application of the
restrictions on file
archives such as zip,
rar
www.av-comparatives.org
AVIRA
Bitdefender
ESET
•
•
•
•
•
•
•
•
•
•
Automatic detection
of new mailboxes
Kaspersky
only by file extension
and by time
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
Examination of encrypted e-mails for
viruses in combination with Crypt
Scanning of existing
mailboxes
Anti-Spam
scan according to the
company's policies on
prohibited, not desirable or confidential
content
Blocking unwanted email senders (spam
senders, mailing lists,
etc.) as well as to
unwanted recipients
(e.g. competitors)
Analysis of images on
undesirable content
(e.g. pornography)
Using current spam
pattern for the fast
detection of new
spammer tricks
G Data
Optionally possible
through integration
with email encryption
server or as part of
upcoming on-box
encryption capability.
•
•
•
•
•
•
•
•
YES to blocking unwanted senders, NO
to blocking unwanted
recipients
•
•
•
•
•
•
•
- 159 -
•
•
•
•
•
•
YES to blocking unwanted senders, NO
to blocking unwanted
recipients
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
User-Specific Management of Whiteand blacklists on the
server solely for
effective blocking
unwanted e-mails
Definition of transmitter / receiver
channels on a dedicated e-mail communications
Freely editable exclusion list for addresses
and content in subject and message text
Flexible notifications
of blocked e-mails
(directly or schedule)
to administration or
transmitter/receiver
email
User-specific access
to e-mails in the
quarantine
Centralized quarantine management
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
•
•
•
•
•
McAfee
Sophos
Trend Micro
•
•
Only for addresses
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Formation of company-specific e-mail
categories
•
Automatic classification of e-mails to one
or more categories
•
•
•
•
•
- 160 -
•
Product Review: Corporate Review 2010
Feature list
Response Management through defined
classifications, for
example, the customer support automatic
forwarding of e-mails
to qualified employees
www.av-comparatives.org
AVIRA
Bitdefender
•
•
Document protection:
Following categories
may, for example, all
outgoing e-mails on
company-related
content should be
examined
ESET
G Data
Kaspersky
McAfee
•
•
•
•
General Windows
General Windows
Modules and functional areas
Malware detection
Recursive scan of all
e-mails and file attachments in real
time, event-and timecontrolled
Information Store
scan on every server
Trend Micro
•
A content audit of email attachments is
also possible
if the same mail is
delivered several
times, would it be
blocked as spam
Feature overview
Messaging
Sophos
•
•
•
General Windows
General Windows
Integration with most
Windows mail servers
is possible through
the command line
scanner
Gateway Solution
•
•
- 161 -
General Windows
General Windows
General Windows
General Windows
Complete defense
against spam, phishing, malware, and
data leakage
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
Support of automatic
virus pattern updates
Scanning of e-mail
message text and
attachments
Detecting file attachments by means
of clear, nonmanipulable file
patterns or by file
type, detects and
blocks even manipulated files
Definition of file
limitations by a
combination of file
name, file extension
and file size
Application of the
restrictions on file
archives such as zip,
rar
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
•
•
•
•
•
•
•
•
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Automatic detection
of new mailboxes
•
Examination of encrypted e-mails for
viruses in combination with Crypt
•
Scanning of existing
mailboxes
Anti-Spam
scan according to the
company's policies on
prohibited, not desirable or confidential
content
•
McAfee
•
•
•
•
•
- 162 -
•
Product Review: Corporate Review 2010
Feature list
Blocking unwanted email senders (spam
senders, mailing lists,
etc.) as well as to
unwanted recipients
(e.g. competitors)
Analysis of images on
undesirable content
(e.g. pornography)
Using current spam
pattern for the fast
detection of new
spammer tricks.
User-Specific Management of Whiteand blacklists on the
server solely for
effective blocking
unwanted e-mails.
Freely editable exclusion list for addresses
and content in subject and message text
Flexible notifications
of blocked e-mails
(directly or schedule)
to administration or
transmitter/receiver
email
User-specific access
to e-mails in the
quarantine
Centralized quarantine management
AVIRA
www.av-comparatives.org
Bitdefender
•
ESET
G Data
•
•
•
•
•
•
•
•
•
•
Formation of company-specific e-mail
categories
Automatic classification of e-mails to one
or more categories
•
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 163 -
Product Review: Corporate Review 2010
Feature list
AVIRA
Response Management through defined
classifications, for
example, the customer support automatic
forwarding of e-mails
to qualified employees
Document protection:
Following categories
may, for example, all
outgoing e-mails on
company-related
content should be
examined
A content audit of email attachments is
also possible
www.av-comparatives.org
Bitdefender
ESET
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
General Linux
General Linux
if the same mail is
delivered several
times, would it be
blocked as spam
Feature overview
Messaging
Modules and functional areas
Malware detection
Recursive scan of all
e-mails and file attachments in real
time, event-and timecontrolled.
G Data
Kaspersky
McAfee
•
General Linux
General Linux
General Linux
General Linux
Special product for
Linux mail servers.
Includes Anti-Spam,
web administration
interface. Manageable
from the central
management console.
Gateway Solution
•
•
- 164 -
General Linux
General Linux
Complete defense
against spam, phishing, malware, and
data leakage.
•
•
•
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
Information Store
scans on every server.
Support of automatic
virus pattern updates.
Scanning of e-mail
message text and
attachments.
Detecting file attachments by means
of clear, nonmanipulable file
patterns („fingerprints") or by file
type, detects and
blocks even manipulated files.
Definition of file
limitations by a
combination of file
name, file extension
and file size.
Application of the
restrictions on file
archives such as zip,
rar.
G Data
•
Kaspersky
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Automatic detection
of new mailboxes.
Examination of encrypted e-mails for
viruses in combination with Crypt
Scanning of existing
mailboxes
Anti-Spam
scan according to the
company's policies on
prohibited, not desirable or confidential
content
ESET
•
•
•
•
•
- 165 -
•
Product Review: Corporate Review 2010
Feature list
Blocking unwanted email senders (spam
senders, mailing lists,
etc.) as well as to
unwanted recipients
(e.g. competitors)
Analysis of images on
undesirable content
(e.g. pornography)
Using current spam
pattern for the fast
detection of new
spammer tricks
User-Specific Management of Whiteand blacklists on the
server solely for
effective blocking
unwanted e-mails
Freely editable exclusion list for addresses
and content in subject and message text
Flexible notifications
of blocked e-mails
(directly or schedule)
to administration or
transmitter/receiver
email
User-specific access
to e-mails in the
quarantine.
Centralized quarantine management
Formation of company-specific e-mail
categories
Automatic classification of e-mails to one
or more categories
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
•
YES to blocking unwanted senders, NO
to blocking unwanted
recipients
•
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 166 -
Product Review: Corporate Review 2010
Feature list
Response Management through defined
classifications, for
example, the customer support automatic
forwarding of e-mails
to qualified employees
Document protection:
Following categories
may, for example, all
outgoing e-mails on
company-related
content should be
examined
A content audit of email attachments is
also possible
if the same mail is
delivered several
times, would it be
blocked as spam
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
•
•
- 167 -
McAfee
Sophos
Trend Micro
•
•
•
•
•
•
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
Language:
In which languages
are your corporate
products available?
In which languages
are your (help) manuals available?
English, German,
Spanish, Russian,
Italian
Server: German,
English.
Client: German, English, Spanish, Russian, Italian
English, German,
French, Spanish,
Chinese Simplified,
Japanese, Chinese
Traditional, Brazilian
Portuguese
Management Server
and Console (English,
Japanese, Russian,
French, Spanish,
KAV for Windows
Polish, Chinese SimWorkstations & KAV
plified, Chinese Tradifor Windows Servers:
tional)
English, Danish,
12 languages (EngClient (Bulgarian,
German, French,
lish, Russian, EstoniSimplified and TradiChinese (Simplified or
an, French, German,
tional Chinese, CroaGerman, English,
Traditional), Dutch,
Italian, Japanese,
tian, Czech, Danish, French, Italian, SpanHebrew, Italian,
Polish, Portuguese,
Dutch, English, Esto- ish, Russian, BraziliJapanese, Korean,
Portuguese (Brazil),
nian, Finnish, French,
an, Turkish, Polish,
Portuguese (Brazilian
Spanish, Turkish).
French Canadian,
Japanese
or Iberian), Spanish,
Kaspersky AdministraGerman, Hungarian,
Russian, Finnish,
tion Kit: 7 languages
Italian, Japanese,
Norwegian, Swedish
(English, Russian,
Kazakh, Korean,
and Turkish.
French, German,
Norwegian, Polish,
Spanish, Polish,
Portuguese, RomaniItalian).
an, Russian, Slovak,
Slovenian, Spanish,
Swedish, Turkish,
Ukrainian)
English, German,
French, Spanish,
Chinese Simplified,
Japanese, soon to be
released: Chinese
Traditional, Brazilian
Portuguese
KAV for Windows
Workstations & KAV
English, Danish,
for Windows Servers:
German, French,
10 languages (EngChinese (Simplified or
lish, Russian, French,
German, English,
Traditional), Dutch,
German, Italian,
French, Italian, SpanHebrew, Italian,
Japanese, Polish,
ish, Russian, BraziliJapanese, Korean,
Portuguese, Spanish).
an, Turkish, Polish,
Portuguese (Brazilian
Kaspersky AdministraJapanese
or Iberian), Spanish,
tion Kit: 7 languages
Russian, Finnish,
(English, Russian,
Norwegian, Swedish
French, German,
and Turkish.
Italian, Japanese,
Spanish)
All languages in
which the products
are available
- 168 -
English, Spanish,
French, Italian, German, Chinese, Japanese
English, Spanish,
French, Italian, German, Chinese, Japanese
Server Products:
English only
Desktop Products:
all languages in
which the products
are available
Server Products:
English only
Desktop Products:
all languages in
which the products
are available
Product Review: Corporate Review 2010
Feature list
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
for SLA customers
No
For Business Products
we offer support
during business hours
in US (EST), UK,
DACH, Spain, Romania
for SLA customers
•
for SLA customers
For customers with
active support accounts
•
for SLA customers
Depends on location
Depends on location
Depends on location
and support agreement
Depends on location
Regular (no additional fees)
German, English,
French, Italian, Spanish
Local in countries of
presence and English
Local in countries of
presence and English
English, Spanish,
French, Italian, German, Japanese
Local in countries of
presence and English
•
•
•
•
•
•
•
•
•
•
•
•
•
Support
24/7/365 phone
support
Dial Rates
Supported Support
Languages
Remote Desktop
Control for support
Support per Forum
Support over Email
Depends on location
German, English
Toll Free Numbers are
available in most
countries
ESET has four regional offices (US and
Canada, Slovakia,
Czech Republic, Argentina); all of the
offices provide techEnglish, German,
nical support in their
Spanish, Romanian,
local languages. In
French (our partners
addition ESET has
offer Tier 1 support in exclusive distributors
their local languages. in 50 countries and
They are more than
value added resellers
the languages speci- in over 100 additionfied above).
al countries. Support
in those countries is
provided in local
language by the local
distributor, who in
turn receives support
directly from ESET.
Regular (no additional fees)
•
•
•
•
•
•
•
•
•
•
- 169 -
Product Review: Corporate Review 2010
Feature list
AVIRA
Guaranteed E-Mail
response within
On-Site service?
Service
Managed by Vendor,
this means, can the
whole management
process be done as a
service by the vendor?
•
www.av-comparatives.org
Bitdefender
Tiered based on the
partner or client
level:
- Platinum 2h
- Gold 4h
- Silver 6h
- Bronze 8h
Romania. For other
regions the on-site
service is based upon
issue severity.
ESET
G Data
Kaspersky
Guaranteed response
for Premium
24/7/365 business
support is 1 hour.
McAfee
Sophos
Tiered based on the
partner or client
level:
- Platinum 2h
- Gold 4h
- Silver 6h
- Bronze 8h
Dependent on Support Entitlement
•
•
•
•
Possible by reseller
Possible by reseller
•
•
- 170 -
Trend Micro
•
•
•
Product Review: Corporate Review 2010
Feature list
AVIRA
www.av-comparatives.org
Bitdefender
1. BitDefender has
very high detection
rate awarded the
highest possible
ADVANCED+ award
and also very few
false alarms for its
anti-virus engine
Why should users
choose your product
and not another?
2. BitDefender provides a more extensive set of Web-based
threat protection
than any other vendor
Best detection, fast
product, 20 years of
experience and conti3. BitDefender delivnuity, Proven protecers updates more
tion
frequently than most
of its competitors
4. BitDefender is the
only vendor providing
Endpoint Auditing
and Management
scripts
5. BitDefender Client
Security has more
extensive system and
user control features
than other vendors
ESET
G Data
Kaspersky
Our product was
designed with large
enterprise corporate
ESET offers the best
networks in mind. We
performance and
do have multiple
requires the least
G Data security solu- enterprise customers
resources on worktions offer the highwith 50K+ who have
station. ESET is also
est malwarechosen our system
the unmatched leader
detection by using
due to its flexibility
in proactive protecthe G Data Douand manageability.
tion - ESET holds the
bleScan technology. We do support server
most AVThe G Data concept of hierarchy with unlimComparatives
easy administration
ited nesting. The
ADVANCED+ awards in
saves time and money same is also applicaProac- long term trainings
ble to user groups.
tive/Retrospective
are not any more
We strongly believe
tests. Centralized
necessary.
that in large corpomanagement is easy,
rate networks the
effective and fits
only way to eliminate
organizations of all
chaos is through
sizes.
properly designed
structure of user
groups.
- 171 -
McAfee
Sophos
Sophos and Sophos
products are geared
towards supporting
businesses. Offer
Anti-virus, antiMcAfee Security-as-aspyware, data loss
Service solutions are
prevention, device
designed to provide
control, application
organizations of all
control, network
sizes, from small to
access control and
large enterprises,
encryption through a
with a comprehensive
single product. Simset of security prodple-to-use products
ucts built on a Softwith low total cost of
ware-as-a-Service
ownership. Central
model. This strategy
management of Winleverages McAfee’s
dows, Mac, Linux,
core strength in
Unix clients. Broadest
threat prevention,
platform support.
our diverse SaaS
Direct support
portfolio, and our
24/7/365 included in
industry-leading
license. Upgrades and
global threat intelliupdates are included
gence, powered by
within the license
McAfee Labs.
price (no extra charges). Protection provided by global,
integrated SophosLabs 24/7/365
Trend Micro
Product Review: Corporate Review 2010
www.av-comparatives.org
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
Avira AntiVir Professional
BitDefender Internet
Security + BitDefender Security for File
Servers for 5 users
ESET Smart Security
G Data AntiVirus
MultiUser
Kaspersky Small
Office Security
McAfee SaaS and
Email Protection
(with GOLD support)
Sophos Computer
Security (Small Business Edition)
Trend Micro
Worry-Free Business
Security
1 year Euro
175
167
187
74
208
263
250
270
3 years Euro
350
360
392
195
625
506
500
620
1 year USD
245
205
198
95
209
359
243
370
3 years USD
Scenario B SMB:
1 SBS 2003 Server,
25 Clients
490
440
396
250
418
754
485
850
G Data AntiVirus
Enterprise
Kaspersky Business
Space Security
1045
716
McAfee SaaS and
Email Protection
(with GOLD support)
1104
Sophos Security Suite
(Small Business Edition)
1606
Trend Micro
Worry-Free Business
Security Advanced
1652
Feature list
Pricing
Scenario A: 5 clients, server, outlook
as mail client
recommended product
1 year plan EURO
1015
79
ESET Smart Security
Client + File Server
Security
680
3 year plan EURO
2030
1578
1428
2122
1610
2126
3212
2589
1 year plan USD
1420
963
930
1340
780
1509
1380
2260
3 year plan USD
Scenario C:
1 Fileserver,
1 Exchange server,
200 Clients
2840
1925
1862
2722
1560
3169
2762
3540
G Data AntiVirus
Enterprise
Kaspersky Enterprise
Space Security
McAfee SaaS and
Email Protection
(with GOLD support)
Sophos Endpoint
Security and Data
Protection
Trend Micro
Worry-Free Business
Security Advanced
recommended product Avira NetWork Bundle
BitDefender Small
Office Security Suite
1 year plan EURO
8600
6880
ESET NOD32 Antivirus
4 + ESET File Server
Security + ESET Mail
Server Security
4910
5575
5166
7407
7550
9700
3 year plan EURO
17200
13760
10311
11878
11622
14261
15100
15520
1 year plan USD
12050
8390
6380
7152
6210
10124
8600
13280
Avira AntiVir Business
recommended product
Bundle
BitDefender SBS
Security Suite
- 172 -
Product Review: Corporate Review 2010
www.av-comparatives.org
Feature list
AVIRA
Bitdefender
ESET
G Data
Kaspersky
McAfee
Sophos
Trend Micro
3 year plan USD
Scenario D, 2
Fileserver, 1 Exchange server, 1000
Clients
24100
16780
12760
15238
12400
21260
17200
21260
G Data AntiVirus
Enterprise
Kaspersky Enterprise
Space Security
McAfee SaaS and
Email Protection
(with GOLD support)
Sophos Endpoint
Security and Data
Protection
1 year plan EURO
27090
27060
ESET NOD32 Antivirus
+ ESET File Server
Security + ESET Mail
Server Security
16020
19258
18647
23861
25250
Trend Micro
Enterprise Security
for Endpoints and
Mail Server
48730
3 year plan EURO
54180
54120
33662
39719
41954
45947
50500
77970
1 year plan USD
37900
33000
20932
24706
25351
32617
28750
66750
3 year plan USD
Scenario E: 10
Fileserver, 10 Exchange server,
10000 Clients
75800
66000
41864
50955
50601
68505
57500
106800
BitDefender SBS
Security Suite
ESET NOD32 Antivirus
+ ESET File Server
Security + ESET Mail
Server Security
G Data AntiVirus
Enterprise
Kaspersky Enterprise
Space Security
McAfee SaaS and
Email Protection
(with GOLD support)
Sophos Endpoint
Security and Data
Protection
Avira AntiVir Business
recommended product
Bundle
Avira AntiVir Business
recommended product
Bundle
1 year plan EURO
163400
3 year plan EURO
326800
1 year plan USD
228820
3 year plan USD
457650
BitDefender SBS
Security Suite
The price for more
than 10000 users is
negotiated case by
case. Please see the
reference price for
1000 users
Price is negotiated
case by case
Price is negotiated
case by case
Price is negotiated
case by case
117100
192380
134930
166030
245310
396790
303500
319630
152120
246800
207200
226850
304240
509040
414410
476450
The price for more
than 10000 users is
negotiated case by
case. Please see the
reference price for
1000 users
Price is negotiated
case by case
Price is negotiated
case by case
Price is negotiated
case by case
Trend Micro
Enterprise Security
for Endpoints and
Mail Server
The price for more
than 10000 users is
negotiated case by
case. Please see the
reference price for
1000 users
Price is negotiated
case by case
Price is negotiated
case by case
Price is negotiated
case by case
All prices are Manufactured Suggested Retail Prices of 2010. Actual retail prices may differ considerably esp. for scenarios D and E, as esp. for large projects
many factors and savings/discounts may apply. Please contact the vendors for actual project prices. The here listed prices are just a rough estimation.
Furthermore, some products may be more expensive as they include e.g. additional Support (or Suites instead of AV clients only).
- 173 -
Product Review: Corporate Review 2010
www.av-comparatives.org
System Requirements Part 1
System Requirements
AVIRA
AVIRA
AVIRA
ESET
ESET
ESET
G Data
G Data
G Data
Kaspersky
Kaspersky
Kaspersky
Supported Operating
Systems
Apple
Mac OS
Mac OS X
Mac OS X Server
iPhone OS
iPod OS
Windows 2000
Professional
Server
Advanced Server
Advanced Server 64 Bit
Intel
Advanced Server 64 Bit
Itanium
Data Center Server
Data Center Server 64
Bit Intel
Data Center Server 64
Bit Itanium
Windows XP
Home
Professional
Professional 64 Bit
Intel
Media Center
Media Center 2004
Media Center 2005
Tablet PC Edition
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Untested
Untested
Untested
Untested
Untested
Untested
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 174 -
Product Review: Corporate Review 2010
System Requirements
Embedded
Windows Server 2003
Standard
Enterprise 32 Bit
Enterprise 64 Bit
Data Center 32 Bit
Data Center 64 Bit
Small Business Server
Cluster Server
Storage Server
Web Edition
R2 Standard 32 Bit
R2 Enterprise 32 Bit
R2 Standard 64 Bit
R2 Enterprise 64 Bit
Windows Vista
Home Basic 32 Bit
Home Basic 64 Bit
Home Premium 32 Bit
Home Premium 64 Bit
Business 32 Bit
Business 64 Bit
Enterprise 32 Bit
Enterprise 64 Bit
Ultimate 32 Bit
Ultimate 64 Bit
Windows 7
Starter Edition
Home Premium 32 Bit
Home Premium 64 Bit
Professional 32 Bit
Professional 64 Bit
Ultimate / Enterprise
32 Bit
Ultimate / Enterprise
64 Bit
Windows Server 2008
Standard 32 Bit
AVIRA
AVIRA
www.av-comparatives.org
AVIRA
ESET
ESET
ESET
G Data
G Data
G Data
Kaspersky
Kaspersky
Kaspersky
•
•
•
•
•
•
•
•
•
Untested
Untested
•
Untested
•
•
•
•
•
•
•
•
•
Untested
Untested
•
Untested
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Untested
Untested
•
Untested
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 175 -
Product Review: Corporate Review 2010
www.av-comparatives.org
AVIRA
AVIRA
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Data Center 32 Bit
•
•
Untested
Data Center 64 Bit
•
•
Web Edition 32 Bit
•
Web Edition 64 Bit
•
System Requirements
Standard 32 Bit - Core
Installation
Standard 64 Bit
Standard 64 Bit - Core
Installation
Enterprise 32 Bit
Enterprise 64 Bit
Server R2 64 Bit
(Standard/Enterprise)
AVIRA
ESET
ESET
ESET
command line command line command line
only
only
only
•
•
•
command line command line command line
only
only
only
•
•
•
•
•
•
G Data
G Data
G Data
Kaspersky
Kaspersky
Kaspersky
•
•
•
•
•
•
•
•
•
•
only KAV for
WSEE
•
only KAV for
WSEE
•
•
•
•
•
•
•
•
•
Untested
Untested
•
•
•
Untested
Untested
Untested
Untested
Untested
•
•
•
Untested
Untested
•
•
•
•
•
•
•
Untested
Untested
•
•
•
•
•
•
•
Untested
Untested
Foundation 32 Bit
Foundation 64 Bit
HPC 32 Bit
HPC 64 Bit
Windows Mobile
Windows Mobile 5.0
Smart Phone
Windows Mobile 5.0
PocketPC
Windows Mobile 6.0
Standard
Windows Mobile 6.0
Professional
Windows Mobile 6.1
Standard
Windows Mobile 6.1
Professional
Windows Mobile 6.5
•
•
Untested
Untested
•
•
Untested
Untested
•
•
Untested
Untested
•
•
•
•
•
•
•
•
•
•
•
•
Works for Citrix
Untested
•
•
•
•
•
•
•
only KAV for
WSEE
only KAV for
WSEE
only KAV for
WSEE
only KAV for
WSEE
•
KMS EE
•
KMS EE
•
KMS EE
•
KMS EE
•
KMS EE
•
KMS EE
•
Symbian
OS 9.0
OS 9.1
•
•
•
•
only KAV for
WSEE
KMS EE
KMS EE
- 176 -
Product Review: Corporate Review 2010
System Requirements
AVIRA
AVIRA
www.av-comparatives.org
AVIRA
ESET
ESET
ESET
OS 9.3
Series 60
Linux
Redhat
Redhat Enterprise
Linux 3.x 32 Bit
Redhat Enterprise
Linux 3.x 64 Bit
Redhat Enterprise
Linux 4.x 32 Bit
Redhat Enterprise
Linux 4.x 64 Bit
Redhat Enterprise
Linux 5.x 32 Bit
Redhat Enterprise
Linux 5.x 64 Bit
SUSE
SUSE Linux Enterprise
Desktop 9.x 32 Bit
SUSE Linux Enterprise
Server 9.x 32 Bit
SUSE Linux Enterprise
Desktop 9.x 64 Bit
SUSE Linux Enterprise
Server 9.x 64 Bit
SUSE Linux Enterprise
Desktop 10.x 32 Bit
SUSE Linux Enterprise
Server 10.x 32 Bit
SUSE Linux Enterprise
Desktop 10.x 64 Bit
SUSE Linux Enterprise
Server 10.x 64 Bit
Novell
Open Enterprise Server
OES 32 Bit
Open Enterprise Server
OES 64 Bit
G Data
G Data
G Data
Kaspersky
Kaspersky
Kaspersky
KMS EE
KMS EE
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 177 -
Product Review: Corporate Review 2010
System Requirements
AVIRA
Open Enterprise Server
OES2 32 Bit
Open Enterprise Server
OES2 64 Bit
VMware
ESX 2.5.x
ESX 3.0.x
ESX 4.0.x
AVIRA
www.av-comparatives.org
AVIRA
ESET
ESET
ESET
G Data
G Data
G Data
Kaspersky
•
•
•
•
•
•
•
•
•
•
Novell
NetWare,
DOS, Solaris,
NetBSD,
FreeBSD
•
Database
•
YES, built-in
and supports
some others
For how many users/
clients is the free database recommended
Which database is
included (i.e. Microsoft SQL, Sybase,
MySQL, etc)
Which additional
databases are supported
Microsoft SQL Server
Microsoft SQL Server
2000
Microsoft SQL Server
2005
Microsoft SQL Server
2008
Microsoft SQL Server
2008 R2
Kaspersky
•
•
•
•
•
Other supported OS
Does the product
require a database
Kaspersky
Microsoft
Access (jet
database)
engine
•
- 178 -
•
•
•
unlimited
unlimited
5000
SQL Express
SQL Express
Microsoft SQL
•
•
•
•
•
•
•
•
•
•
•
Product Review: Corporate Review 2010
System Requirements
AVIRA
AVIRA
www.av-comparatives.org
AVIRA
MS-Access,
any ODBC
database
Other
Email Server
Microsoft Exchange
Domino
Tobit
Linux
Mac
Novell Netware Server
Dell NAS
Kerio
ESET
ESET
ESET
MySQL, Oracle
•
•
•
Untested
•
•
G Data
G Data
SQL Azure
SQL Azure
•
•
•
•
•
•
•
•
•
•
G Data
Kaspersky
Kaspersky
Kaspersky
•
•
•
•
•
•
•
•
•
•
•
•
System Requirements Part 2
System Requirements
Supported Operating
Systems
Apple
Mac OS
Mac OS X
Mac OS X Server
iPhone OS
iPod OS
Windows 2000
Professional
Server
Advanced Server
Advanced Server 64 Bit
Intel
Advanced Server 64 Bit
Itanium
Data Center Server
Data Center Server 64
Bit Intel
Sophos
Sophos
Sophos
McAfee
McAfee
McAfee
Trend Micro
Trend Micro
Trend Micro
Bitdefender
Bitdefender
Bitdefender
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
Management
Server
Management
Console
Protection
Client
•
•
via plugin
via plugin
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 179 -
Product Review: Corporate Review 2010
System Requirements
Data Center Server 64
Bit Itanium
Windows XP
Home
Professional
Professional 64 Bit
Intel
Media Center
Media Center 2004
Media Center 2005
Tablet PC Edition
Embedded
Windows Server 2003
Standard
Enterprise 32 Bit
Enterprise 64 Bit
Data Center 32 Bit
Data Center 64 Bit
Small Business Server
Cluster Server
Storage Server
Web Edition
R2 Standard 32 Bit
R2 Enterprise 32 Bit
R2 Standard 64 Bit
R2 Enterprise 64 Bit
Windows Vista
Home Basic 32 Bit
Home Basic 64 Bit
Home Premium 32 Bit
Home Premium 64 Bit
Business 32 Bit
Business 64 Bit
Enterprise 32 Bit
Enterprise 64 Bit
Ultimate 32 Bit
Ultimate 64 Bit
Windows 7
Starter Edition
www.av-comparatives.org
Sophos
Sophos
Sophos
McAfee
McAfee
McAfee
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Trend Micro
Trend Micro
Trend Micro
Bitdefender
Bitdefender
Bitdefender
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 180 -
•
•
•
•
•
•
•
•
•
Product Review: Corporate Review 2010
www.av-comparatives.org
System Requirements
Sophos
Sophos
Sophos
Home Premium 32 Bit
Home Premium 64 Bit
Professional 32 Bit
Professional 64 Bit
Ultimate / Enterprise
32 Bit
Ultimate / Enterprise
64 Bit
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
McAfee
McAfee
McAfee
Trend Micro
Trend Micro
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Data Center 32 Bit
•
Data Center 64 Bit
Web Edition 32 Bit
Web Edition 64 Bit
Foundation 32 Bit
Foundation 64 Bit
HPC 32 Bit
HPC 64 Bit
•
•
•
•
•
•
•
Windows Server 2008
Standard 32 Bit
Standard 32 Bit - Core
Installation
Standard 64 Bit
Standard 64 Bit - Core
Installation
Enterprise 32 Bit
Enterprise 64 Bit
Server R2 64 Bit
(Standard/Enterprise)
Trend Micro
Bitdefender
Bitdefender
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Windows Mobile
Windows Mobile 5.0
Smart Phone
Windows Mobile 5.0
PocketPC
Windows Mobile 6.0
Standard
Windows Mobile 6.0
Professional
Windows Mobile 6.1
Standard
•
via plugin
•
via plugin
•
via plugin
•
via plugin
•
via plugin
- 181 -
Bitdefender
Product Review: Corporate Review 2010
System Requirements
Windows Mobile 6.1
Professional
Windows Mobile 6.5
Works for Citrix
Sophos
Sophos
www.av-comparatives.org
Sophos
McAfee
McAfee
McAfee
Trend Micro
•
Trend Micro
Bitdefender
Bitdefender
Bitdefender
via plugin
via plugin
•
•
Symbian
OS 9.0
OS 9.1
OS 9.3
Series 60
Linux
Redhat
Redhat Enterprise
Linux 3.x 32 Bit
Redhat Enterprise
Linux 3.x 64 Bit
Redhat Enterprise
Linux 4.x 32 Bit
Redhat Enterprise
Linux 4.x 64 Bit
Redhat Enterprise
Linux 5.x 32 Bit
Redhat Enterprise
Linux 5.x 64 Bit
SUSE
SUSE Linux Enterprise
Desktop 9.x 32 Bit
SUSE Linux Enterprise
Server 9.x 32 Bit
SUSE Linux Enterprise
Desktop 9.x 64 Bit
SUSE Linux Enterprise
Server 9.x 64 Bit
SUSE Linux Enterprise
Desktop 10.x 32 Bit
SUSE Linux Enterprise
Server 10.x 32 Bit
Trend Micro
•
•
•
via plugin
via plugin
via plugin
via plugin
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
- 182 -
Product Review: Corporate Review 2010
System Requirements
Sophos
Sophos
www.av-comparatives.org
Sophos
McAfee
McAfee
McAfee
Trend Micro
Trend Micro
Trend Micro
Bitdefender
Bitdefender
Bitdefender
SUSE Linux Enterprise
Desktop 10.x 64 Bit
•
•
SUSE Linux Enterprise
Server 10.x 64 Bit
•
•
•
•
•
•
•
•
•
•
Novell
Open Enterprise
OES 32 Bit
Open Enterprise
OES 64 Bit
Open Enterprise
OES2 32 Bit
Open Enterprise
OES2 64 Bit
VMware
ESX 2.5.x
ESX 3.x
ESX 4.x
Server
Server
Server
Server
•
•
FreeBSD,
OpenBSD,
TurboLinux,
AIX, HPUX,
Solaris,
OpenVMS,
Netware, SCO,
Ubuntu,
NetApp
DataONTAP,
vSphere 4.0m
Hyper-V 2008
Other supported OS
Database
Does the product
require a database
For how many users/clients is the free
database recommended
•
•
•
•
•
•
•
•
•
•
•
•
Solaris 10
•
- 183 -
•
•
20000
1000
Product Review: Corporate Review 2010
System Requirements
Which database is
included (i.e. Microsoft SQL, Sybase,
MySQL, etc)
Sophos
Sophos
McAfee
McAfee
McAfee
MSDE SQL
Which additional
databases are supported
Microsoft SQL Server
Microsoft SQL Server
2000
Microsoft SQL Server
2005
Microsoft SQL Server
2008
Microsoft SQL Server
2008 R2
Trend Micro
DB2
Trend Micro
Trend Micro
Bitdefender
Bitdefender
Bitdefender
•
•
Microsoft SQL
Express included free of
charge (can
support SQL
Server, if the
customer has
a license for
the database)
•
•
•
•
•
•
SQL Express
2005 and
2008
Other
Email Server
Microsoft Exchange
Domino
Tobit
Linux
Mac
Novell Netware Server
Dell NAS
Kerio
Sophos
www.av-comparatives.org
•
•
SQL Express
•
•
•
- 184 -
•
•
•
•
•
•
•
•
•
Product Review: Corporate Review 2010
www.av-comparatives.org
Copyright and Disclaimer
This publication is Copyright © 2010 by AV-Comparatives e.V. ®. Any use of the results, etc., in whole
or in part, is ONLY permitted with the explicit written approval of the Management Board of AVComparatives e.V., prior to their publication. AV-Comparatives e.V. and its appointed representatives
carrying out the tests cannot be held liable for any damage or loss which might occur as a result of,
or in connection with, the use of the information provided in this document. We have taken every
possible care to ensure the correctness of the basic data, but no liability can be taken for the correctness of the test results by any representative of AV-Comparatives e.V. We do not give any guarantee
for the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering
test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising
out of, or related to, the use or inability to use, the services provided by the website, test documents
or any related data. AV-Comparatives e.V. is a registered Austrian non-profit organization.
AV-Comparatives e.V. (October 2010)
- 185 -
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement