How Sweet Is Eset's New Security Suite?By Frank Ohlhorst | Posted 2007-11-19 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Channel Labs takes a look at ESET Smart Security v3.0, a well-rounded and reliable security product for both users and channel players.
Since 1992, San Diego-based Eset LLC has been one of the silent warriors behind the scenes in the war on viruses and malware. It has been mostly silent because the company lacks the name recognition that competitors such as Symantec/Norton, Panda and Trend Micro enjoy.
While the name Eset doesn't roll off the tongue when one thinks about viruses and malware, that has no effect on the company's ability to offer leading edge security solutions that are in many cases superior to the big names on the market. Eset's technologies are proven and are often integrated under OEM agreements into many security vendors' products, while the company's NOD32 antivirus product is starting to become a favorite in many circles.
Eset realized early on that innovation and protection are the key elements of success when it comes to anti-virus software. That theme persists with the Oct. 31 launch of Eset's latest product, ESS (Eset Smart Security), a desktop suite that offers anti-virus, anti-spyware, anti-spam and firewall features in a single, easy-to-deploy and manage package.
ESS is designed to protect consumer and SMB desktop computers from the all too common security threats found today. What's more, the product incorporates Eset's proprietary heuristic ThreatSense detection system, which readily handles those not-too-common and zero-day threats of the future.
Eset took a different approach to building a security suite, while many software companies build their suites by combining their existing tools, Eset designed ESS from the ground up as a single product. That innovation in development allowed the company to offer a fully integrated security suite that is both fast and comprehensive.
The first benefit is that data traffic does not have to pass through several independent malware detection engines, all malware scanning takes place using a single engine, making for impressive performance results. Also, updates consist of a single signature file, instead of multiple separate files that have to be integrated.
The product's performance was impressive: a complete system scan took only 2 minutes, 13 seconds to go through 37,002 identified objects making it one of the fastest suites evaluated to date. What's more, the product seemed to introduce almost no overhead on the test virtual machine. That system scored an average PassMark score of 370.2 after three tests before installation of Eset's product. After installation and configuration of the security suite, the average PassMark score dipped to 365.5, a negligible drop.
For comparison, Panda's Internet Security 2008 was put through the same paces. That product scored an average PassMark score of 365.7 and took 3 minutes and 15 seconds to perform a complete system scan.
For testing, ESS was installed on a Virtual PC created by Microsoft Virtual PC 2007 and hosted on a Lenovo T61p Thinkpad. That Virtual PC ran Windows XP SP2 and had 512MB of RAM dedicated to it. The installation of ESS is very straight forward, but installers will need to register the product to get a password update before commencing the installation. Eset should find a way to make registration and password generation part of the installation process, perhaps the first guided step, instead of a separate task.
During installation, users have the option of protecting the program settings and installation options with a configuration password that can prevent unauthorized tampering with the product. That option should be used with care because administrators can inadvertently lock themselves out of future changes if the password is lost.
How Sweet Is Eset's New Security Suite?
Perhaps a better way to protect the program would be to require a Windows Administrator account (available in both XP and Vista) to effect any changes down the road that would enable remote administrators to control the product while keeping typical users out.
One of the most important options is the use of "threatsense", an Eset technology that allows ESS to "stay in touch" with Eset's servers and threat databases. Unlike traditional signature updates, where an anti-virus application can only defend against what's known in the database, threatsense allows ESS to evaluate new threats and then check back with Eset to see if that new activity is viral in nature before waiting for the next signature update. That proves to be a handy feature for protecting against zero-day threats.
Once installed, the product proves to be extremely easy to use. The installation program does an excellent job of integrating the protection technologies into the system. Anti-spam, anti-phising and the firewall are all automatically associated with the relevant applications and offer immediate protection for the typical PC.
Administrators and users will both appreciate the straightforward management console, which offers an expert mode and a simple mode. The expert mode offers access to settings and options that would normally be hidden from the user. The expert mode also allows access to logs and tools that can be used to better diagnose a system. That said, for most users, the dumbed-down mode will be more than adequate and ESS works fine as a "hands off" automatic application.
Eset's products have been put through the gamut by most of the independent anti-virus testing labs and have always scored well; ESS is no exception.
While using a test virus from Eicar.org, the product detected and blocked the malicious code effectively. The Eicar test virus could not be downloaded, executed or accessed in any fashion. ESS blocked the browser from accessing the virus host site, while the anti-spam protection and antivirus protection immediately identified the faux-virus and performed a quarantine and delete immediately. In other words, there was no way to infect the test machine.
The product logged all activity for future reference and provided informative pop-ups of what was happening and what action was being taken to block the virus. Users should have no complaints with the concise fashion that ESS handles viral activity. For those relying on the anti-spam portion of the product, ESS offers both white and black lists to further fine tune the spam fighting capabilities; users can also set the "sensitivity" of the anti-spam portion to combat false positives.
For those supporting networked users, Eset offers a centralized management module. Administrators need only apply the appropriate settings to ESS to enable remote management and then the management application can monitor and control each individual PC's ESS application. Those PCs can be managed at groups or individually, it's all up to the administrator.
The integrated logging provides detailed information about activity of ESS on each system; the management console allows those logs to be "rolled up" and filtered to build reports, a handy capability for today's security conscious administrator.
ESS retails for $59.99 per user per year, but volume and multi-year discounts do apply. Solution providers have access to the company's channel program, which offers incentives and discounts based upon volume and commitment. System builders have additional options available for bundling the software on new PCs, those options are usually addressed on a case by case basis.
In short, Eset's ESS product proves to be a well-rounded and reliable security product for both users and channel players. ESS is easy to use, inexpensive and offers thorough protection that is hard to beat.