This article can also be found in the Premium Editorial Download "Information Security magazine: Security 7 Award winners unmasked."
Download it now to read this article plus other related content.
Anti-Virus Client Security 6.0
Price: $72 per seat
|F-Secure's Anti-Virus Client Security 6.0|
F-Secure's Anti-Virus Client Security (AVCS) 6.0 is designed to take on this Medusa of threats with an enterprise-class suite that combines AV, desktop firewall, intrusion prevention, antispyware, application control and virus news in one tightly integrated product. Its robust central management provides an easy and cost-efficient way to deploy the client and monitor the security level of the network.
AVCS was easy to install and auto-discovered Windows hosts in our domain. The intuitive interface makes it easy to add and group hosts in a policy domain. Client installations can be pushed via JAR (default) or MSI.
There are a couple of issues, however. The target machine must be in a Windows domain, rather than simply in a workgroup, for either the auto-discovery or pushed installation to work. (This is a known problem, and the company says it's working on it.) Also, hosts that aren't auto-discovered can be entered manually, but there is no provision to import target hosts using a flat file or by connecting a database (e.g., Active Directory or LDAP).
We also experienced connectivity issues with wireless machines trying to get updates from the management server. The client has to go through the authentication process every time it tries to connect, and this connection kept breaking for wireless clients.
The AVCS Policy Manager Console offers a multifaceted view into the enterprise security environment and granular policy control. Security managers can view security alerts of blocked viruses and unauthorized network activities, and prevent the use of forbidden networking software, such as file-sharing applications. Managers can create multiple policy domains with different settings based on security requirements, a handy feature for large, distributed environments.
AVCS offers a lot of control over client devices. Managers can lock down security settings on desktops and laptops, and define an automatic security-level upgrade when the laptop is connected to the Internet outside corporate premises.
There is a wealth of other capabilities, including Web traffic scanning, spyware control, firewall rules, browser tightening and even dial-up control. In addition to its signature base, AVCS conducts heuristic scanning against unknown viruses, malicious code and injection attempts, and monitors for changes in critical files and browser settings.
It's also compliant with Cisco Systems' Network Admission Control (NAC) initiative, assuring that laptops and workstations connecting to Cisco-based networks meet security policy requirements. Noncom-pliant devices can be denied access, quarantined, or given restricted access.
With the exception of a few issues, we found that AVCS's comprehensive set of defense tools and strong, flexible central management make it an attractive security package for large enterprises.
This was first published in September 2005