Software

Five enterprise-ready antivirus systems

Wally Bahny examines five enterprise grade antivirus systems that you may have overlooked.

Everyone is aware of the benefits of antivirus applications. We all (hopefully) use one. Unfortunately, antivirus applications designed for home or small business use just don't suit the needs of an enterprise network containing more than a handful of computers. That's where centrally-managed, enterprise grade antivirus systems come in. Plenty of us have used one, if we've worked in or supported a large corporate network, however, most of us have probably only used one of the handful of biggest players.

In this edition of Five Apps, we take a look at five enterprise grade antivirus systems that fall just under that handful of major players. These five systems are among the myriad of systems available. The only requirement is that there is a centralized management console to manage and control the client-side software.

This blog post is also available as a TechRepublic Photo Gallery.

Five Apps

1: Avast! Endpoint Protection Suite

Avast! offers a pair of suites for endpoint management. The first is a basic suite containing endpoint protection, file server protection, and remote management. The second adds email server protection (including anti-spam) and a software firewall. Like the other selections on this list, Avast! allows administrators to create installation packages and push those to client systems on your network. It also has an auto-discovery feature that will find any unmanaged endpoints on your network and allow you to push that package to them. Finally, the client has a full interface allowing the end user to check on their protection level, run a scan, and do maintenance.

2: F-Secure Business Suite

Offering a similar set of features, F-Secure Business Suite allows administrators to find systems - either from AD or IP-based autodiscovery - and build and deploy packages to those systems. F-Secure boasts a small footprint on the endpoint while still offering browsing protection, anti-malware, rootkit detection, IPS, and email and web filtering. End users are also able to view statistics on their local system within the client software.

3: Panda AdminSecure for Enterprise

Other than the apparently standard endpoint discovery and deployment features the other systems on this list also offer, Panda AdminSecure for Enterprise offers a built-in self-diagnosis system to allow administrators to check whether the system is functioning properly. The included dashboard gives admins a quick view of network health as well. Finally, there is Activity monitor/reporting tool to provide additional detail on what the system has handled recently. The Panda Security for Desktops client software is extremely thin (on the GUI, anyway). It exists solely of a notification center icon with right-click options for various system scans.

4: GFI VIPRE Antivirus Business

Previously owned by Sunbelt Software, VIPRE Antivirus offers the same similar Windows client features but also throws in management for Mac, iOS, and Android devices. The management console is fairly sparse, but still provides admins with the necessary information. On the client side, VIPRE also claims a small footprint and offers a robust set of statistics for the end user or local admin to check.

5: Webroot SecureAnywhere Business - Endpoint Protection

Webroot SecureAnywhere Business - Endpoint Protection is the only solution on this list that is cloud-based only. Some of the others offer a cloud-based service option, but Webroot is the only one that does not offer an on-premise system. However, Webroot is still one of the most impressive applications in the list. The dashboard gives admins a quick overview of their enterprise, endpoint details can be quickly checked, and policies, reports, and logs can be easily viewed. On top of that, though, is the client: it installs in seconds (literally about 6-8 seconds for me) and scans in less than two minutes (1 minute, 42 seconds for my test system). Also, Webroot claims that their client software will run alongside any other security software without conflict. The main disadvantage of this system is its cloud-based nature - company's deploying Webroot may have limited Internet bandwidth or security concerns with cloud software.

Also read:

50 comments
shahdan
shahdan

We've been using Trend Micro Officescan for several years now and it's getting better. I wonder why it's not in the list.

TBaba
TBaba

i've used Eset remote admin server/console successfully for many of my clients

TBaba
TBaba

i've used Eset remote admin server successfully for many of my cient's

cbelangovan
cbelangovan

1. For Enterprise level i would suggest McAfee EPO, more than (5000 + machines). Its really good and make security persons jobs easy. Either implementation, monitoring, reporting Auditing pretty good. 2. Symantec EndPoint Protection: Well, Its also nice option. But my vote goes to McAfee. In my overall IT experience, I And Its not suitable for lower end client machines. 3. Kaspersky Budget level products, audit report, centralized control panel etc .. good. 4. F-Secure / Bit defender / ESET / ....... 5. < ...................... file it yourself>

BB9193
BB9193

We also use Vipre with about 18 servers and 130 endpoints. It's a decent product with a light footprint.

mistercrowley
mistercrowley

Gross! Nasty yucky program. I would not depend on that software if my life depended on it.

heckle
heckle

Most of the freeware versions of antivirus/malware are not allowed to be installed in a corporate or business setting. Read the licensing. And we are using the Endpoint suite from Microsoft. Our license agreement with MS gives us access to all of their software. It pays to be both a State Agency and Academic!

Gisabun
Gisabun

Wouldn't touch Avast with a 10 foot pole. Place I worked had the enterprise version a few years back and it couldn't even detect those fake "XP anti-virus" crap that were floating around. Maybe it has changed but the management interface also sucked. Had some clkients that weren't communicating regularly with the server. Required to remove and then re-install. Maybe it has changed but creating a deployment MSI file was also a hassle. Cryptic setup.

radrick55
radrick55

We have been using Trend Micro products for years and they seem to do a good job.

wyattharris
wyattharris

First, I'd like to say thanks for putting this on one page instead of spreading it out over 5 or 6 pages and making us click through. I've used Panda and ESET. I really liked Panda's interface and overall management features. The desktop component is very light and it had a very good detection rate. ESET is one I've used more recently and it reminds me very much of Panda. Good backend management, light client-side component.

Roger.VanOrman@HoltCat.com
Roger.VanOrman@HoltCat.com

We've been using Webroot on our network for the past 4 months. The client is very light and works well. The installation is amazingly fast. We've used Vipre for a number of years also and ran into a serious issue during an upgrade that disabled a number of critical applications. Thats when we rolled out webroot. If there's a short coming to Webroot I would say that there needs to be improvement in the administration and notifications. Webroot has been working with us to improve these areas.

Madsmaddad
Madsmaddad

My Vipre home security renewal is coming due, and to renew they want more than I paid for it originally. Sorry Vipre, I don't buy it.

dwaldo
dwaldo

I've been using Avast since 2010 (first as Avast Enterprise 4.8, now Avast Endpoint Protection Suite Plus 6.x), currently licensed through 2014, and will more than likely be renewing for another two years after that. We had been using Symantec for 2-3 years (upon the recommendation of our managed service provider) and I would need to invent new words to describe how awful it was because any superlatives in the English language are not sufficient. Symantec had a pesky problem of being easily defeated (i.e. its background services disabled and corrupted) by viruses, spyware, fake antiviruses, and the like. Self-defense is kind of an important feature for any antivirus, but Symantec flopped like a European soccer player. On four occasions I had to give up and reformat a PC because it was too far gone to repair. For all other occasions I would turn to Avast Home Edition to do the dirty work. If the PC was not too far gone and I could get Avast installed, I would run a boot-time scan (something Symantec couldn't do, at least at the time) to clean up the PC, and then uninstall Avast and reinstall Symantec. After doing that enough times I had the bright idea to just switch to Avast completely. Our MSP strongly recommended against it because it was "off the beaten path" but I told them to shove their recommendation and bought it anyway. At the time (version 4.8) neither the client nor the management software looked as polished as Symantec's but they worked a LOT better, and I noticed an instant improvement in the number of severe virus infections, even with my most problematic users. I have not had to reformat a single computer on Avast's watch, I haven't even had a virus infection bad enough to run a boot-time scan. Pretty much the only things that got through anymore were the fake antiviruses (something that I'm not sure any AV could reliably stop), but now that most of our 32-bit XP PCs have been replaced with 64-bit Win7 PCs and I've weaned people off of using IE I'm not seeing nearly as many of those anymore. We recently upgraded to Avast version 6 (Endpoint Protection Suite Plus) and had a couple of hiccups. With the latest version they've added firewall, antispam, etc., a lot of features we didn't have before The antispam feature in particular got us in trouble, although it was partially my fault. We have a spam appliance so we don't need spam filtering at the client level, but I figured I would install it anyway (just in case we needed it in the future) but leave it disabled. This does not show up anywhere in the docs but doing so installs the Avast Outlook plugin anyway and routes ALL incoming mail to Outlook's junk mail folder. 25 PCs into my upgrade deployment I had to create a new install package without the antispam module and start over. That sucked, but lesson learned, I guess. The management console does have a few quirks but it gets the job done once you learn your way around. I do wish they had made more improvements to it from version 4.8 (ADNM) to version 6 (AEA) - it's basically the same software with some updated icons. Remote installs/uninstalls are also pretty unpredictable; sometimes it works, sometimes it doesn't, and I haven't really noticed a pattern. The client itself also doesn't show you remote install/uninstall status; you have to load and refresh the remote install log file. I'd recommend having some remote support software (TeamViewer, LogMeIn, etc.) to fall back on for installs/uninstalls.

kevinHE
kevinHE

Yes. We currently are using GFI Vipre and are very happy with it. Network consists of 50 pc's nad 3 servers.

eclypse
eclypse

We had been running F-Secure's enterprise version for several years and just switched to Kaspersky. The main reasons for the switch were that the footprint on the client was not small and that they had not really updated their enterprise product in quite some time (all of their focus seemed to be on the home product). When we were talking to them, it appeared that they had no plans to update, so we decided to evaluate other options. We ended up with Kaspersky and seem to have fewer problems. There are occasionally some agent issues, but we don't see the terrible performance issues that we did with F-Secure Client Security. I'm sure some of the performance issues could have been worked around with policy updates and tweaking, but the lack of attention to the enterprise product at that time made it an easy decision to change.

georgea2012
georgea2012

Hi, I work for Webroot and we have had rave customer reviews for this new antivirus approach. Our bandwidth usage is typically less than 250KB per day, and from a data/cloud security perspective only encrypted hash values that identify that endpoint's specific applications and processes are exchanged. Absolutely no user file data of any sort is exchanged. The trade-up is no signature updates, ever, and real-time protection against malware. 30-day free trials are available at our website, and no conflicts makes us easy to test.

michael
michael

ESET Mail Security for Exchange and ESET NOD32 have worked well for us.

carlsf
carlsf

We use AVG on out business model, with NO problems.

rasilon
rasilon

I don't understand RNR1995's comment. One of Sophos' major features is the ability to block user installations. In an enterprise, it's smartest to set AD to stop any user installed programs. The Hospice I support has such a GPO and all our computers do a domain logon. No local logons. It's been flawless for us over the past 6-7 years. My major complaint is their slow response to new versions of Windows. Currently, for example, they do not have a firewall that is supported under Windows 8.

badjer
badjer

Which of these apps are freeware? Are any of these programs simply trialware - if so, are they limited, and it what way? If it is trialware, how long is it functional? When TechRepublic does a review of any software, this information is basic and critical - if you're really offering valuable information for anyone considering installing new programs, you need to pay more attention to this point. In my experience, TechRepublic rarely supplies this information and yet this is very important to most potential users of the programs you recommend. You undermine your value as a source of quality information if you don't address this issue.

RNR1995
RNR1995

SEP is not 100% effective if the user installs something

MichaelJT
MichaelJT

We use Kaspersky's Total Space Security, and it has been great! I've seen VIPRE used by a local telecom company and they have been very pleased.

Michael Kassner
Michael Kassner

Have you seen these choices used in an enterprise situation?

Mark W. Kaelin
Mark W. Kaelin

What antivirus systems are you using in your organization? Have you tried one of the five Wally mentioned? What do you think about it?

rasilon
rasilon

We tested Vipre about 4 years ago when our Sophos license came up for renewal. I wasn't that impressed. I thought the console and management was clunky and not at all intuitive. Their ability to migrate our end points was practically non-existent. The prospect of having to uninstall Sophos (4 components) and then install the Vipre client was just to much work. Also, we found that when the client was running a scheduled scan, it basically pegged the CPU at 100% until finished. I'm sure that Vipre has improved significantly since then. Our cloud vendor uses it. We've been happy with Sophos.

georgea2012
georgea2012

Sorry you feel that way. If you're talking about our old AV suites I might understand, but the new Webroot SecureAnywhere Business endpoint launched in March 2012 is very, very different. Have you tried it?

RCMelick
RCMelick

Roger - We appreciate those comments, and are very happy that you are pleased. I am ensuring that even your recommendations for improvements get sent to the correct people. Richard

Gisabun
Gisabun

If you have trojans, malware and other crap coming through then your firewall isn't doing anything to block out that crap. You are basicaklly relying on client security to secure the clients instead of having your firewall being the first line of defence. If you are also getting that much crap comething through then either your employees are not getting educated on the crap out there or they are allowed to go to sites that they shouldn't be going to. I have worked with a number of AV/EP products and I never really saw any issues with SEP when managed correctly.

dwaldo
dwaldo

We have 130 licensed PCs spread across two campuses, including an Avast mirror at the remote campus.

Gisabun
Gisabun

With new malware/crapware coming out daily, how does Webroot keep bandwidth usage to less than 250KB per day [per client I'm assuming]? That sounds about the size for checking for updates and finding there isn't any and not when there is an update.

333239
333239

We've had Sophos for years however it has been disappointing in the past year. First there was the update where it started to detect itself as Malware, this shows a lack of testing. More worryingly we've had a few infections that it didn't detect and a few others it couldn't help with.

RNR1995
RNR1995

1) I was referrring to Symantec Endpoint Protection 2) If users cannot install programs, all of your updates are maintained by an IT staff person? Acrobat, Flash, JAVA, etc? or a GPO push? Just wondering?

Gisabun
Gisabun

Most companies generally avoid freeware. They want to pay for the application so they can get support in case there is a problem. Very few freeware apps offer any support other than forums. Watch out for licensing agreements for "freeware". Most are for any non-commercial usage. So they can't be used for profit, for a chairty, etc. Well, if you don't like TR's information, you are free to go elsewhere.... They aren't in the business of supplying information just for a single area such as freeware.

maj37
maj37

Seems to me they usually do a pretty good job a providing enough information so that I can decide if I want more and do the additional research myself. In this particular case since these are labeled as enterprise ready then they will certainly not be freeware though you may be able to get a short term free trial. If I were looking for something to replace our current enterprise solution the information they provide about features etc. is more important to me than the type of license etc. If the software sounds like it will server my needs then I can look up the license information myself. If they include everything anyone might want to know then the article becomes way too long and I suspect more readers just skim it.

jred
jred

Freeware is more appropriate for home or small business users. Since this article is specifically discussing enterprise AV solutions, I would be extremely surprised to see freeware listed.

Gisabun
Gisabun

That is nice and vague. So an application is effective if SEP isn't used?

cpguru21
cpguru21

Thanks for your opinion. I +1 to remove the -1 that had no explanation. Your feedback can help others make a wise decision.

rudyg11
rudyg11

I have deployed Endpoint suites to medium to the largest companies (from a few to tens of thousand endpoints) and in cases where I replaced another enterprise suite I have never ran across these products.

cpguru21
cpguru21

We use Avast exclusively in our company. Not these enterprise editions, however if we did utilize an enterprise edition, I would certainly NOT use Symantec, McCafee etc...

Tony Hopkinson
Tony Hopkinson

I was expecting the usual suspects. Symantec, MacCaffee, etc. Strange.

eagleeye54
eagleeye54

Avira is the most promising enterprise AV, it is very low impact in the system

RCMelick
RCMelick

Gisabun That's a very valid question. As George mentioned above, the file information being sent and compared on the cloud is only encrypted hash values of the endoint's specific applications and processes, not the actual files themselves. These hash values are less then 4kb in size. Every scan is sent up to our cloud-based threat database to be checked on our end, and a response as to the determinations of those files is sent back. Webroot is not updating a definition file stored on your computer, but sending rules down regarding the file in question, thus keeping the bandwidth usage down to less then 250kb.

rasilon
rasilon

Yes. we manage all updates. We have the advantage that 98% of our users do a domain logon and then log onto one of two Citrix servers. Only I.T. computers have anything installed (other than the Citrix Receiver, WSUS and Sophos). This means that we only have to update our own computers (3) and 2 servers.

Gisabun
Gisabun

SEP is administrated centrally. It is up to whomever running the sever whether they want application updaters to to be enabled or disabled.

cpguru21
cpguru21

what RNR is saying here is SEP is not effective if a user installs a malicious piece of software on their own. I like how Avast will scan what I am downloading. I am sure that SEP has something that does this also however I would not use a Symantec product on any critical computer ever. At the same time there is a point in RNR's post regarding users, and bypassing the first line of security, dare I say it? Common Sense. I know there are ways to get into security problems that are not as obvious but most are. Educating users is a must. And if they are under age, monitoring. My son is 12. I am a CIO at an oil company. He gets approx 2 hours on the weekend to get on the computer and play games. No one in my house is allowed to install any software on any of the computers without my consent. All his devices (ipod, android phone) get monitored (manually). And we talk about bad sites and what irresponsible browsing can do.

maj37
maj37

I guess like me you initially just browsed through and looked at the names, this is from the opening remarks. ". . . most of us have probably only used one of the handful of biggest players. In this edition of Five Apps, we take a look at five enterprise grade antivirus systems that fall just under that handful of major players."

RNR1995
RNR1995

I wish we could setup every network that way Unfortunately most of our networks do not have an assigned IT person on staff or on site, it is up to the users to install certain updates, hence the rub on Symantec. If a user decides they want to install Joe blows latest ransom virus, well poof there it is.....