8 Security Solutions for Companies Complete an Endurance Test
When companies purchase a security solution for their systems, this often remains on their clients and servers for several years. An endurance test carried out on security solutions for companies is therefore an extremely important source of information, not least because it provides a long-term analysis rather than just recording the solutions’ performance at a given moment in time as is the case in comparable tests.
In its recent endurance test, which was carried out over a period of 6 months, AV-TEST tested eight security solutions from Bitdefender, F-Secure, Kaspersky Lab, McAfee, Microsoft, Sophos, Symantec and Trend Micro on the operating systems Windows XP, 7 and 8. The table of results also features security packages from Fortinet and G Data, which are listed separately because they only completed the test over a period of 4 or 2 months respectively.
Microsoft’s endpoint security suite was also tested but was not evaluated because it is not an independent product but instead forms part of the Microsoft System Center 2012. Owners of the management suite licence therefore automatically have access to the System Center's Endpoint Protection 2012 module in this package. The Endpoint Protection module would not, however, function without the management suite.
The solution from F-Secure was the only candidate to achieve a detection rate of 100 percent in both the real-world test and the test using the AV-TEST reference set. The other packages always ended up close behind, with the exception of the Microsoft solution and its low base values of 72 and 89 in the two tests (in the endurance test on endpoint security suites carried out between September 2013 and February 2014).
The detection rates of endpoint security suites
Over 25 Percent More Protection
If the values achieved by the Microsoft solution are considered to be the level of basic protection, the use of an external solution can increase this protection by over 25 percent, at least according to the test data recorded in the Protection category.
In this category, the detection performance of the security packages was tested in two different stages. The real-world test examined the products when visiting extremely recently infected websites or opening dangerous e-mail attachments. The so-called zero-day malware found in these sources is particularly dangerous. In this stage of the test, the security solutions had to fend off and isolate approx. 400 examples of such malware.
The second stage of the test in the Protection category used the AV-TEST reference set and required all of the solutions to detect and destroy approximately 60,000 pieces of known and widespread malware.
The solutions were allowed to download new updates or contact their cloud services at any time during these two stages of testing.
The solution from F-Secure was the only test candidate to master both test hurdles with a detection rate of 100 percent and was therefore the only product to achieve all of the 6 points available in this test category.
The F-Secure solution was closely followed by the security solutions from Trend Micro and Kaspersky with 99 and 100 percent in the two stages, which were in turn followed by Bitdefender with 100 and 99 percent. The Microsoft security suite was only able to achieve detection rates of 72 and 89 percent in this category and therefore received none of the 6 points available.
Client Security with a High System Load
The simple assumption that "good protection requires more resources" is completely wrong. In fact, the products with the lowest load on clients, which therefore achieved the best results in the Performance category, also scored the second-best detection rates in the test. This excellent performance came from the solution from Trend Micro, closely followed by Bitdefender, and enabled these packages to score 5.7 and 5.2 of a maximum possible total of 6 points respectively to be put towards their overall test results.
Although the Microsoft solution actually achieved a good result in terms of system load, its detection performance was extremely poor.
The solutions from McAfee and Sophos, on the other hand, had too much of a load on the systems to be awarded a good score and therefore only achieved 3.0 and 3.5 points respectively.
Barely Any False Positives in Day-to-Day Corporate Use
Protection solutions that constantly confront staff with false positives can considerably test the time and patience of company administrators. In order to examine the protection packages in this area, the endurance test required them to visit 500 non-infected websites, import over 850,000 clean files and monitor nearly 50 installations of safe programs. A point was deducted when a solution displayed a false positive whilst completing one of these actions, for example by incorrectly identifying a website, a safe program or a clean file and blocking it.
All of the packages tested, including the comparison solution from Microsoft, hardly caused any problems in this test category and therefore achieved totals ranging from 5.3 to 6 out of 6 possible points across the board.
The package from F-Secure was the only solution to block a number of safe programs in this stage of the test and therefore had a few points deducted.
The Result: A Lot of Winners and Only a Few Losers
The maximum number of points available in the test was 18, but none of the products tested was able to achieve this top result. The security solution from Trend Micro came in at first place with a total of 17.2 points after performing excellently in the Protection category and also recording the lowest load on clients.
The Trend Micro package was closely followed by the protection solutions from Bitdefender and Kaspersky Lab, which achieved top results of 16.9 and 16.8 points respectively. In terms of protection alone, the solution from F-Secure was the best candidate, scoring 6 out of 6 points.
The free basic solution from Microsoft was only able to achieve 11.2 of a maximum possible total of 18 points in the endurance test, which was particularly due to its poor total of 0 points in the Protection category.
The security solution from G Data joined the endurance test as a new candidate in the last phase of testing and was instantly able to score a total of 17 points. This result cannot, however, be compared with the scores achieved by the other candidates in the endurance test because the package only participated in the test over a period of 2 months.