19 Windows Security Solutions for Corporate Users Put to the Test
Corporate users are always under fire, and not just since the pandemic or the Ukraine crisis. On top of what are now almost commonplace attacks with ransomware or spyware are an increasing number of DDoS attacks or dangerous wiper malware such as HermeticWiper or IsaacWiper as collateral damage. There doesn't only seem to be a sharp increase in attacks, it is actually measurable. This is documented on the real-time platform AV-ATLAS.org. The systems at AV-TEST have a finger on the pulse of the spam, malware and other campaigns circulating on the Web. The platform categorizes the attacks and the spam volume by time, targets and countries. This enables current campaigns to be tracked online.
Corporate users ought to confront these dangers with a good security solution. The lab at AV-TEST evaluated 19 Internet security solutions for their protection, performance and usability. Each product can achieve up to 18 points in the test; 6 points per test phase. If a security solution scores 17.5 or 18 points, in addition to receiving a certificate for tested security, it also earns further recognition as a TOP PRODUCT.
19 corporate solutions for Windows put to the test
In January and February 2022, the lab evaluated 19 solutions for corporate networks under Windows. Included in the test are the products from AhnLab, Avast, Bitdefender (with 2 versions), Check Point, Comodo, ESET, G DATA, Kaspersky (with 2 versions), Malwarebytes, Microsoft, Seqrite, Sophos, Symantec (Broadcom), Trellix (formerly FireEye and McAfee Enterprise), Trend Micro, VMware, and WithSecure (formerly F-Secure Business).
The result was excellent: 12 products achieved the top score of 18 points, whereas 5 products attained an excellent score of 17.5 points. As a result, these 17 solutions earned the additional recognition of TOP PRODUCT. The last two products scored 16 points and received the certificate for tested security.
19 security solutions for corporate users put to the test
19 security packages for corporate users
Lots of protection on networks
In the first evaluation of protection, all products were required to fend off over 400 samples of 0-day malware and a package with nearly 16,000 samples of known malware. All the tests were performed twice – once in January and once in February. The adjacent table indicates all four test results in terms of percentage of detection. Without exception, all the attackers were detected by the following 12 products: Avast, Bitdefender, Bitdefender (Ultra), Comodo, Kaspersky, Kaspersky (Small Office Security), Malwarebytes, Microsoft, Sophos, Symantec, Trellix and Trend Micro.
AhnLab, G DATA, WithSecure, ESET and Check Point had minor issues in only one test phase, but they received the full 6 points like all other products.
Seqrite and VMware did not detect certain attackers, thus missing out on just a few, yet crucial points. Seqrite received 5.5 and VMware only 5 points.
Excessive burden on client PCs?
Especially in companies, it is important for a security solution to make very conservative use of resources on office PCs. In order to test this, in the category of performance, the lab used two reference PCs: one high-end PC and a small office PC. The lab performed operations on both machines, such as copying data, downloads, opening websites or installing and launching applications. The times necessary then served as a reference. Afterwards, the lab repeated all the work steps, but this time with an installed security solution. The delta of additional time affected the point score.
15 of the 19 evaluated solutions delivered exemplary results, requiring neither additional resources nor excessive time. For this, they earned the full 6 points. Windows clients from Comodo and Sophos slowed down the PCs just slightly. This resulted in a deduction: only 5.5 points. VMware required even more resources: only 5 points. Check Point slowed PCs down too much and received only 4 out of a possible 6 points.
Trend Micro Apex One
G DATA Endpoint Protection Business
Kaspersky Endpoint Security
Avast Business Antivirus Pro Plus
ESET Endpoint Security
Bitdefender Endpoint Security
Consequential false alarms
In the test category of usability, the lab bundled the test of corporate security packages for false alarms, along with the erroneous blocking of websites, applications or installations. After all, every false positive means work for internal or external IT support.
For this test, the lab equipped the PCs with an active security solution, visited 500 harmless websites and installed dozens of popular business applications and tools, then launched them. Moreover, each solution was required to examine nearly 1.2 million innocuous files and to classify them as harmless.
For 17 of the 19 corporate solutions evaluated, the test ran perfectly, and they received the full 6 points. Only Bitdefender Endpoint Security (Ultra) and Malwarebytes Endpoint Protection each blocked a harmless application. As result, these packages earned only 5.5 points.
Lots of protection for corporate users
The test yielded excellent results for many corporate solutions. In addition to earning the certificate for tested security, a total of 17 of the 19 test candidates also achieved the additional recognition of TOP PRODUCT, as they scored 17.5 and even the maximum 18 points in the test.
Especially noteworthy are the point scores for protection. A product can receive up to 6 points in this category. In the current test, 17 of the 19 corporate solutions evaluated earned this score.
The test for protection, performance and usability provides an excellent overview of the capabilities a corporate solution can muster against attackers. One thing the test does not show is the capability of a solution in individual steps against an attacker, for instance in the case of ransomware. Because it is still possible to fight off such a diabolical attacker even if the security solution does not immediately detect the malware. To evaluate these significantly more complex situations for security solutions, the lab regularly conducts a series of sophisticated Advanced Threat Protection tests with endpoint solutions. In these tests, the capabilities of the security solutions for corporate users are analyzed and evaluated step-by-step.