This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."
Download it now to read this article plus other related content.
Symantec is top-notch from a large enterprise perspective, with intuitive GUIs for policy configuration and status checking. Its overall dashboard clearly identifies potential problems associated with infection, out-of-date signatures or disabled functionality on managed hosts, offering advice to an administrator on how to fix each issue. The management GUI comes in two flavors: a full-blown Java-based interface for all aspects of the administration console, and a scaled-down Web-based interface that can be used for status checks and reporting, but not policy management.
Sophos also provided very solid management capabilities, organized, the vendor told us, around the KISS principle, which we assume stands for "Keep It Simple, Sysadmin." Sophos' GUI is designed to reduce the time and effort needed to configure and deploy the product. Sure, you don't have access to a lot of the fine-grained policy settings, but the overall options available for configuration are excellent. Checking the status of managed workstations is snappy, and alerts about systems that deviate from policy are easy to understand.
The Trend Micro management interface worked quite well in configuring and analyzing managed systems, especially for antivirus and antispyware. The new product architecture enables Trend Micro to package new endpoint product building blocks into plug-ins for rapid deployment,
| a design decision that will benefit Trend and its customers.
However, we were concerned that we couldn't discern client signature updates for its Intrusion Defense Firewall (the component that implements the firewall and HIPS functionality). Such information is vital in signature-based IPS products such as this one, which applies network-based IPS signatures to traffic going into the protected host. Trend Micro licensed this functionality from Third Brigade to create the first plug-in for its new architecture.
eEye Digital Security features a well-organized, intuitive management interface. However, the client GUI is clearly more mature than the enterprise management console itself, offering finer-grained insight into the configuration and alerts generated by the tool.
This was first published in November 2007