Product review: Seven integrated endpoint security products


This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."

Download it now to read this article plus other related content.

About this review:

    Requires Free Membership to View

We tested solutions that provided a minimum of signature-based antivirus and antispyware, personal firewall, host-based IPS, and central management and reporting capabilities. We selected a mix of leading traditional antivirus vendors and relative newcomers in the market, testing comprehensive endpoint security products from CA, eEye Digital Security, IBM ISS, McAfee, Sophos, Symantec and Trend Micro. (Because of space and resource limits, we opted not to include products from four other companies that responded positively to our invitation to apply for consideration for testing: Fortinet, F-Secure, Grisoft and Kaspersky Lab. In addition, ESET, Norman Data Defense Systems and Third Brigade declined our invitation to be considered.)

Our analysis test bed consisted of a Win-dows 2000 Server with Service Pack 4 running the enterprise management software, managing and protecting four Windows XP client systems. Each XP client had no service pack or patches. As a control, for each test, we utilized one target Windows XP machine with exactly the same configuration but lacking the endpoint security protection.

--Ed Skoudis & Matt Carpenter

Specifically, we tested CA Threat Man-ager 8.1 and Host-Based Intrusion Pre-vention System 8; eEye Digital Security Blink Enterprise Edition; IBM ISS Pro-ventia Desktop Endpoint Security 9.0; McAfee Total Protection for Enterprise; Sophos Endpoint Security and Control 7.0; Symantec Endpoint Protection 11.0; and Trend Micro OfficeScan 8.0.

Bearing witness to the rapidly evolving nature of the endpoint security space, the three giants of the information security industry--McAfee, Symantec and Trend Micro--responded with beta versions of their suites that were nearly finalized for shipping. (We requested every product we analyzed be available for general purchase by our publication date.)

Many of the problems we encountered with testing and, in some cases, retesting updated versions of these products reflected the difficulties in dealing with beta builds of highly complex packages. But, further, our testing suggests this class of integrated endpoint security products is, for the most part, far from mature.

This was first published in November 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: