Endpoint Security: F-Secure's Client Security 7.0
This article can also be found in the Premium Editorial Download "Information Security magazine: CISO survival guide: 18 of the best security tips."
Download it now to read this article plus other related content.
The Java-based Policy Manager console interface is clean, with tabbed windows allowing easy navigation. The console allows you to install F-Secure remotely, as well as manage configuration, updating and monitoring. The policy management tool auto-detects Windows machines, facilitating installation.
The console allows admins to centrally control all installed systems. Pressing one button allows you to scan every system for rootkits with the new BlackLight feature (rootkit and spyware detection), and remotely update all clients with the latest virus definitions.
Client Security is unobtrusive during normal desktop operations. It caught everything we threw at it: common viruses and rootkits, as well as hacking tools planted on test systems. We browsed Web sites that install malicious software to test the HTTP streaming scanner, which stopped all threats before they could be downloaded. Client Security also performed well in cleaning up already infected systems.
The new HIPS component, DeepGuard, which is designed to protect against new threats,
blocked malware from installing when the antivirus scanner was disabled. It also stopped software downloads most organizations block by policy, such as some browser toolbars. DeepGuard can also be configured to prompt anytime something tries to change the registry, instead of relying on its AI to detect if the change is malicious or not.
Client Security reports are simple HTML pages. The Policy Manager console reports are a bit more extensive, allowing current status, trend and detailed list reports. Policy Manager stores data in a lightweight SQL database, but it too can only generate reports in HTML. However, the reports are well designed, and included an easily printable version. The bookmarking feature generates a new report with the latest data for the report type you specified every time you select a bookmark.
Client Security is fast, efficient and reasonably priced. The Policy Manager is free, a definite value-add.
Testing methodology: The management server was run on Windows Server 2003, the Client Security Suite on Windows XP SP2 clients. We tested against common viruses and malware, as well as newer malicious software.
This was first published in July 2007