This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."
Download it now to read this article plus other related content.
In the End, Take It Slow|
Symantec's new offering looks very solid, and eEye is a worthy new competitor in the endpoint security space. Trend Micro has a decent solution and a promising plug-in architecture for future expansion. CA and Sophos did reasonably well, but neither shined consistently. Finally, we were very disappointed with the numerous glitches, unfortunate design decisions and poor performance of McAfee and IBM ISS.
Regardless of which vendor you choose, keep in mind that the endpoint security market is relatively immature--witness our beta testing of three major vendors--and the complexity of any of these products warrants a carefully planned deployment strategy. We urge you to experiment with the products on your own laboratory test systems with images from your production environment to make sure they don't have any adverse consequences on your particular application mix.
Double check default policy settings to make sure they offer reasonable protection, and if not, adjust them for your environment and risk profile. And, finally, have your support staff become familiar with the various quirks of these management GUIs before production roll-out.
This was first published in November 2007