9 Endpoint Security Suites Complete an Endurance Test on Consistent Security
The use of a security solution that provides reliable protection for all of a company’s computers is particularly important in the case of small and medium-sized enterprises. Once they have been installed, such solutions are sometimes used at companies for years on end because constantly changing clients would only lead to more expenses.
The latest endurance test carried out by AV-TEST confirms the consistency of the products available from the manufacturers Fortinet, F-Secure, Kaspersky Lab, McAfee, Sophos, Symantec, Trend Micro and Webroot. The endpoint security suite provided by Microsoft was also tested in order to obtain results for comparison but was not evaluated because it is not an individual product but instead forms part of the Microsoft System Centre 2012. Owners of the management suite licence therefore also automatically have access to the System Centre's Endpoint Protection 2012 module. The Endpoint Protection package would not, however, function without the management suite.
The real-world test was used to assess the programs' important performance when detecting the latest malware (zero-day malware). The products from F-Secure, Kaspersky Lab and Symantec achieved the best results in this part of the test, while the Microsoft solution recorded a low basic detection rate of 76 percent.
Product detection rates in the endurance test on “Endpoint Security Suites” (March to August 2013)
15 to 30 Percent More Protection
The test values obtained for System Centre Endpoint Protection 2012 were used as a basis for comparison with the other products examined in the test in order to show whether the other products tested are able to improve the basic protection provided by Microsoft. The results of the test revealed that all of the eight security solutions tested improve the protection factor in comparison to the basic protection solution.
While the overall result achieved by the solution from Microsoft set a basic value threshold of 11 points, the other solutions tested scored much better results with totals of between 13.5 and 16.5 of a maximum possible total of 18 points. Using one of these external products can therefore increase the protective factor of the basic Microsoft solution by 15 to 30 percent.
A High Level of Protection against the Latest Malware
In the test category of “Protection”, all of the solutions were tested under routine conditions, meaning that they were allowed to download new updates or contact their cloud services at any time.
AV-TEST examined the protection provided by the suites against the latest malware by making them fend off attacks by approximately 390 brand-new pieces of so-called “zero-day” malware in the real-world test. The Microsoft solution was only able to achieve a low basic value of 76 percent in this category and was therefore awarded just 0.2 of a maximum possible total of 6 points. All of the other solutions achieved detection rates of between 86 and 100 percent in the "Protection" category, with the protection packages from F-Secure, Kaspersky Lab and Symantec recording the best rates of 99 to 100 percent.
Excellent Standard Detection Performance
The second part of the scanning test used the AV-TEST reference set and required the packages to detect over 60,000 known pieces of malware that had been collected in the up to 4 weeks leading up to the start of the test. Almost all of the candidates achieved detection rates of 99 or 100 percent in this part of the test.
The reference set test is a very complex part of the overall endurance test because most of the protection packages also use a number of other tools to identify attackers alongside their classic detection tools.
The test laboratory therefore first carried out an initial scan that recorded the malware captured by the suites. All of the attackers that were not detected in this initial test were then individually copied onto and run on the test computers, giving the suites' so-called "on-access scanner" and behavioural detection function the chance to capture the malware. Only the pieces of malware that went through all of these stages without being captured were then marked as not detected.
An Extremely High System Load for Clients
The best products in the category of "Protection” place different loads on the system on which they are used. The security suite from Symantec, for example, which achieved the best overall score, not only provided excellent protection but was also able to score 5 of a maximum possible total of 6 points in the “System Load” category. The other products also provided a good level of protection but required a lot more system performance in order to do so and therefore only achieved scores of 4.2 to 3.3 of the maximum total of 6 points available.
Although the solution from Webroot had practically no load on the system and was therefore awarded the maximum of 6 points in the “System Load” category, it only achieved an average protection score of just 3.3 out of 6 points, whereas the top 3 products in the “Protection” category scored between 5.7 and 6 points!
The Microsoft solution scored an average total of 4.8 points in the "System Load” category but only achieved 0.2 points for its protection.
Barely Any Disturbances in Day-to-Day Use
In the test category of "Usability“, the test laboratory examined the day-to-day behaviour of all of the solutions and their clients, for example by visiting 500 clean websites in order to check whether or not they were blocked by the protection packages. All of the protection solutions involved in the endurance test also had to repeatedly identify over 650,000 safe files without making any errors and without blocking any standard programs or delaying their execution.
None of the test candidates displayed particularly negative performance in this entire category and all of the programs other than Webroot scored between 5.5 points and the maximum possible total of 6 points. Webroot repeatedly made a number of errors during the endurance test and identified safe files as malware and was therefore only awarded 4.8 of the maximum of 6 points.
Summary: Many Solutions Provide Consistent Protection
On the whole, all of the programs examined in the endurance test provided consistent protection. All of the products tested scored much higher results than the protection solution from Microsoft, which only achieved a basic value of 0.2 of a maximum possible total of 6 points in the “Protection” category. The top three solutions from Symantec, F-Secure and Kaspersky Lab provide much better protection.
The Symantec solution’s high level of protection, low system load and excellent usability throughout the 6-month-long endurance test enabled it to achieve the best overall result of 16.5 of a maximum possible total of 18 points.
The overall results table shows that all of the solutions tested achieved better results than the basic value recorded for the endpoint security suite from Microsoft. These results prove that using an external protection solution in place of the Microsoft solution leads to a significant increase in system security.