F-Secure Client Security 7.0
REVIEWED BY BRENT HUSTON
Price: $29.75 per user for 100 licenses
In the face of criminal zero-day exploits, targeted attacks and mobile workforces, companies are increasingly seeking comprehensive endpoint security tools. F-Secure Client Secu-rity, a business-grade, centrally managed suite, addresses emerging threats, as Version 7 adds rootkit scanning and host-based intrusion prevention (HIPS).
|Installation & Features
Both the Policy Manager and client software install in a snap. By default, the antivirus scanner does not look inside archives, or force a complete system scan upon installation, saving system resources and time. It removes other antivirus or firewall products, although it left Comodo Firewall on one of our test systems. Client Security suite consumed about 80 MB of memory on our test systems--a little high, but not excessive.
In addition to new rootkit scanning and HIPS capabilities, Client Security suite features an antivirus and antispyware scanner, mail and Web proxies, and client firewall. The proxies act as a middleman, inspecting email and data passed via Web browsers. This allows Client Security to remove malicious software before it has completely reached the system. F-Secure's excellent antivirus engine is known for its speed and efficiency; it displays the same competence in this suite.
The Java-based Policy Manager console interface is clean, with tabbed windows allowing easy navigation. The console allows you to install F-Secure remotely, as well as manage configuration, updating and monitoring. The policy management tool auto-detects Windows machines, facilitating installation.
The console allows admins to centrally control all installed systems. Pressing one button allows you to scan every system for rootkits with the new BlackLight feature (rootkit and spyware detection), and remotely update all clients with the latest virus definitions.
Client Security is unobtrusive during normal desktop operations. It caught everything we threw at it: common viruses and rootkits, as well as hacking tools planted on test systems. We browsed Web sites that install malicious software to test the HTTP streaming scanner, which stopped all threats before they could be downloaded. Client Security also performed well in cleaning up already infected systems.
The new HIPS component, DeepGuard, which is designed to protect against new threats, blocked malware from installing when the antivirus scanner was disabled. It also stopped software downloads most organizations block by policy, such as some browser toolbars. DeepGuard can also be configured to prompt anytime something tries to change the registry, instead of relying on its AI to detect if the change is malicious or not.
Client Security reports are simple HTML pages. The Policy Manager console reports are a bit more extensive, allowing current status, trend and detailed list reports. Policy Manager stores data in a lightweight SQL database, but it too can only generate reports in HTML. However, the reports are well designed, and included an easily printable version. The bookmarking feature generates a new report with the latest data for the report type you specified every time you select a bookmark.
Client Security is fast, efficient and reasonably priced. The Policy Manager is free, a definite value-add.
Testing methodology: The management server was run on Windows Server 2003, the Client Security Suite on Windows XP SP2 clients. We tested against common viruses and malware, as well as newer malicious software.