January 01, 2006
from $333, including one year of updates and product upgrades
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: MSI installation creator; good detection.
- Weaknesses: Reports don't give a lot of detail on the infections.
- Verdict: Excellent management, ability to create custom installer packages and good detection make this an excellent package for enterprises.
CounterSpy Enterprise is built for remote management and administration. One of its main tasks is to distribute the agent to PCs on your network. You can either push the installation using Windows Domain rights, or create an MSI installer package – probably the preferred approach for large networks as they can use existing distribution tools.
You can add an MSI file to each policy, so you can create several installers, each with a different policy, for different user groups.
Once the agents are registered, you can manage groups of PCs by their installed policy. All agents update centrally from the server, so you save on bandwidth and have only single updates to manage.
Policies specify when to perform a scan, what to do with infected files and how to deal with the real-time protection. The default policy has real-time protection, Active Protection, turned off. You can enable it, but have to choose how to deal with each monitoring instance, such as ActiveX installations and Internet Explorer toolbars. We would have preferred a more comprehensive default policy, because other products are ready for real-time protection out of the box. Once we turned on Active Protection, it dealt with threats ably, blocking quite a few attempts to install software on our test PC.
PC scanning was done very well and in good time. The software found most of the spyware on our PC and cleaned it. It does all this without alerting the user and reports back to the CounterSpy Enterprise management console.
The Quarantine button lets you view which files and infections have been detected and where they were located.
There is an excellent range of reports, so you can get a high-or low-level view of your network’s infection status. Reports tend to just list the name of an infection, though, and we could not get more information by clicking on the name, but this is elsewhere in the management GUI.
CounterSpy Enterprise is a well thought-out and comprehensive package that deals well with large corporate networks. Its multiple policy approach lets you apply the right settings to the right PCs, while its detection is top-rate.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA 2015: Tension continues to grow between govt, cryptographers
- 'Aaron's Law' returns to Congress
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- CozyDuke APT group believed to have targeted White House and State Department
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure