Software

Five enterprise-ready antivirus systems

Wally Bahny examines five enterprise grade antivirus systems that you may have overlooked.

Everyone is aware of the benefits of antivirus applications. We all (hopefully) use one. Unfortunately, antivirus applications designed for home or small business use just don't suit the needs of an enterprise network containing more than a handful of computers. That's where centrally-managed, enterprise grade antivirus systems come in. Plenty of us have used one, if we've worked in or supported a large corporate network, however, most of us have probably only used one of the handful of biggest players.

In this edition of Five Apps, we take a look at five enterprise grade antivirus systems that fall just under that handful of major players. These five systems are among the myriad of systems available. The only requirement is that there is a centralized management console to manage and control the client-side software.

This blog post is also available as a TechRepublic Photo Gallery.

Five Apps

1: Avast! Endpoint Protection Suite

Avast! offers a pair of suites for endpoint management. The first is a basic suite containing endpoint protection, file server protection, and remote management. The second adds email server protection (including anti-spam) and a software firewall. Like the other selections on this list, Avast! allows administrators to create installation packages and push those to client systems on your network. It also has an auto-discovery feature that will find any unmanaged endpoints on your network and allow you to push that package to them. Finally, the client has a full interface allowing the end user to check on their protection level, run a scan, and do maintenance.

2: F-Secure Business Suite

Offering a similar set of features, F-Secure Business Suite allows administrators to find systems - either from AD or IP-based autodiscovery - and build and deploy packages to those systems. F-Secure boasts a small footprint on the endpoint while still offering browsing protection, anti-malware, rootkit detection, IPS, and email and web filtering. End users are also able to view statistics on their local system within the client software.

3: Panda AdminSecure for Enterprise

Other than the apparently standard endpoint discovery and deployment features the other systems on this list also offer, Panda AdminSecure for Enterprise offers a built-in self-diagnosis system to allow administrators to check whether the system is functioning properly. The included dashboard gives admins a quick view of network health as well. Finally, there is Activity monitor/reporting tool to provide additional detail on what the system has handled recently. The Panda Security for Desktops client software is extremely thin (on the GUI, anyway). It exists solely of a notification center icon with right-click options for various system scans.

4: GFI VIPRE Antivirus Business

Previously owned by Sunbelt Software, VIPRE Antivirus offers the same similar Windows client features but also throws in management for Mac, iOS, and Android devices. The management console is fairly sparse, but still provides admins with the necessary information. On the client side, VIPRE also claims a small footprint and offers a robust set of statistics for the end user or local admin to check.

5: Webroot SecureAnywhere Business - Endpoint Protection

Webroot SecureAnywhere Business - Endpoint Protection is the only solution on this list that is cloud-based only. Some of the others offer a cloud-based service option, but Webroot is the only one that does not offer an on-premise system. However, Webroot is still one of the most impressive applications in the list. The dashboard gives admins a quick overview of their enterprise, endpoint details can be quickly checked, and policies, reports, and logs can be easily viewed. On top of that, though, is the client: it installs in seconds (literally about 6-8 seconds for me) and scans in less than two minutes (1 minute, 42 seconds for my test system). Also, Webroot claims that their client software will run alongside any other security software without conflict. The main disadvantage of this system is its cloud-based nature - company's deploying Webroot may have limited Internet bandwidth or security concerns with cloud software.

Also read:

50 comments
shahdan
shahdan

We've been using Trend Micro Officescan for several years now and it's getting better. I wonder why it's not in the list.

TBaba
TBaba

i've used Eset remote admin server/console successfully for many of my clients

TBaba
TBaba

i've used Eset remote admin server successfully for many of my cient's

cbelangovan
cbelangovan

1. For Enterprise level i would suggest McAfee EPO, more than (5000 + machines). Its really good and make security persons jobs easy. Either implementation, monitoring, reporting Auditing pretty good. 2. Symantec EndPoint Protection: Well, Its also nice option. But my vote goes to McAfee. In my overall IT experience, I And Its not suitable for lower end client machines. 3. Kaspersky Budget level products, audit report, centralized control panel etc .. good. 4. F-Secure / Bit defender / ESET / ....... 5. < ...................... file it yourself>

BB9193
BB9193

We also use Vipre with about 18 servers and 130 endpoints. It's a decent product with a light footprint.

mistercrowley
mistercrowley

Gross! Nasty yucky program. I would not depend on that software if my life depended on it.

heckle
heckle

Most of the freeware versions of antivirus/malware are not allowed to be installed in a corporate or business setting. Read the licensing. And we are using the Endpoint suite from Microsoft. Our license agreement with MS gives us access to all of their software. It pays to be both a State Agency and Academic!

Gisabun
Gisabun

Wouldn't touch Avast with a 10 foot pole. Place I worked had the enterprise version a few years back and it couldn't even detect those fake "XP anti-virus" crap that were floating around. Maybe it has changed but the management interface also sucked. Had some clkients that weren't communicating regularly with the server. Required to remove and then re-install. Maybe it has changed but creating a deployment MSI file was also a hassle. Cryptic setup.

radrick55
radrick55

We have been using Trend Micro products for years and they seem to do a good job.

wyattharris
wyattharris

First, I'd like to say thanks for putting this on one page instead of spreading it out over 5 or 6 pages and making us click through. I've used Panda and ESET. I really liked Panda's interface and overall management features. The desktop component is very light and it had a very good detection rate. ESET is one I've used more recently and it reminds me very much of Panda. Good backend management, light client-side component.

Roger.VanOrman@HoltCat.com
Roger.VanOrman@HoltCat.com

We've been using Webroot on our network for the past 4 months. The client is very light and works well. The installation is amazingly fast. We've used Vipre for a number of years also and ran into a serious issue during an upgrade that disabled a number of critical applications. Thats when we rolled out webroot. If there's a short coming to Webroot I would say that there needs to be improvement in the administration and notifications. Webroot has been working with us to improve these areas.

Madsmaddad
Madsmaddad

My Vipre home security renewal is coming due, and to renew they want more than I paid for it originally. Sorry Vipre, I don't buy it.

dwaldo
dwaldo

I've been using Avast since 2010 (first as Avast Enterprise 4.8, now Avast Endpoint Protection Suite Plus 6.x), currently licensed through 2014, and will more than likely be renewing for another two years after that. We had been using Symantec for 2-3 years (upon the recommendation of our managed service provider) and I would need to invent new words to describe how awful it was because any superlatives in the English language are not sufficient. Symantec had a pesky problem of being easily defeated (i.e. its background services disabled and corrupted) by viruses, spyware, fake antiviruses, and the like. Self-defense is kind of an important feature for any antivirus, but Symantec flopped like a European soccer player. On four occasions I had to give up and reformat a PC because it was too far gone to repair. For all other occasions I would turn to Avast Home Edition to do the dirty work. If the PC was not too far gone and I could get Avast installed, I would run a boot-time scan (something Symantec couldn't do, at least at the time) to clean up the PC, and then uninstall Avast and reinstall Symantec. After doing that enough times I had the bright idea to just switch to Avast completely. Our MSP strongly recommended against it because it was "off the beaten path" but I told them to shove their recommendation and bought it anyway. At the time (version 4.8) neither the client nor the management software looked as polished as Symantec's but they worked a LOT better, and I noticed an instant improvement in the number of severe virus infections, even with my most problematic users. I have not had to reformat a single computer on Avast's watch, I haven't even had a virus infection bad enough to run a boot-time scan. Pretty much the only things that got through anymore were the fake antiviruses (something that I'm not sure any AV could reliably stop), but now that most of our 32-bit XP PCs have been replaced with 64-bit Win7 PCs and I've weaned people off of using IE I'm not seeing nearly as many of those anymore. We recently upgraded to Avast version 6 (Endpoint Protection Suite Plus) and had a couple of hiccups. With the latest version they've added firewall, antispam, etc., a lot of features we didn't have before The antispam feature in particular got us in trouble, although it was partially my fault. We have a spam appliance so we don't need spam filtering at the client level, but I figured I would install it anyway (just in case we needed it in the future) but leave it disabled. This does not show up anywhere in the docs but doing so installs the Avast Outlook plugin anyway and routes ALL incoming mail to Outlook's junk mail folder. 25 PCs into my upgrade deployment I had to create a new install package without the antispam module and start over. That sucked, but lesson learned, I guess. The management console does have a few quirks but it gets the job done once you learn your way around. I do wish they had made more improvements to it from version 4.8 (ADNM) to version 6 (AEA) - it's basically the same software with some updated icons. Remote installs/uninstalls are also pretty unpredictable; sometimes it works, sometimes it doesn't, and I haven't really noticed a pattern. The client itself also doesn't show you remote install/uninstall status; you have to load and refresh the remote install log file. I'd recommend having some remote support software (TeamViewer, LogMeIn, etc.) to fall back on for installs/uninstalls.

kevinHE
kevinHE

Yes. We currently are using GFI Vipre and are very happy with it. Network consists of 50 pc's nad 3 servers.

eclypse
eclypse

We had been running F-Secure's enterprise version for several years and just switched to Kaspersky. The main reasons for the switch were that the footprint on the client was not small and that they had not really updated their enterprise product in quite some time (all of their focus seemed to be on the home product). When we were talking to them, it appeared that they had no plans to update, so we decided to evaluate other options. We ended up with Kaspersky and seem to have fewer problems. There are occasionally some agent issues, but we don't see the terrible performance issues that we did with F-Secure Client Security. I'm sure some of the performance issues could have been worked around with policy updates and tweaking, but the lack of attention to the enterprise product at that time made it an easy decision to change.

georgea2012
georgea2012

Hi, I work for Webroot and we have had rave customer reviews for this new antivirus approach. Our bandwidth usage is typically less than 250KB per day, and from a data/cloud security perspective only encrypted hash values that identify that endpoint's specific applications and processes are exchanged. Absolutely no user file data of any sort is exchanged. The trade-up is no signature updates, ever, and real-time protection against malware. 30-day free trials are available at our website, and no conflicts makes us easy to test.

michael
michael

ESET Mail Security for Exchange and ESET NOD32 have worked well for us.

carlsf1
carlsf1

We use AVG on out business model, with NO problems.

rasilon
rasilon

I don't understand RNR1995's comment. One of Sophos' major features is the ability to block user installations. In an enterprise, it's smartest to set AD to stop any user installed programs. The Hospice I support has such a GPO and all our computers do a domain logon. No local logons. It's been flawless for us over the past 6-7 years. My major complaint is their slow response to new versions of Windows. Currently, for example, they do not have a firewall that is supported under Windows 8.

badjer
badjer

Which of these apps are freeware? Are any of these programs simply trialware - if so, are they limited, and it what way? If it is trialware, how long is it functional? When TechRepublic does a review of any software, this information is basic and critical - if you're really offering valuable information for anyone considering installing new programs, you need to pay more attention to this point. In my experience, TechRepublic rarely supplies this information and yet this is very important to most potential users of the programs you recommend. You undermine your value as a source of quality information if you don't address this issue.

RNR1995
RNR1995

SEP is not 100% effective if the user installs something

MichaelJT
MichaelJT

We use Kaspersky's Total Space Security, and it has been great! I've seen VIPRE used by a local telecom company and they have been very pleased.

Michael Kassner
Michael Kassner

Have you seen these choices used in an enterprise situation?

Mark W. Kaelin
Mark W. Kaelin

What antivirus systems are you using in your organization? Have you tried one of the five Wally mentioned? What do you think about it?

Editor's Picks