January 01, 2006
from $333, including one year of updates and product upgrades
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: MSI installation creator; good detection.
- Weaknesses: Reports don't give a lot of detail on the infections.
- Verdict: Excellent management, ability to create custom installer packages and good detection make this an excellent package for enterprises.
CounterSpy Enterprise is built for remote management and administration. One of its main tasks is to distribute the agent to PCs on your network. You can either push the installation using Windows Domain rights, or create an MSI installer package – probably the preferred approach for large networks as they can use existing distribution tools.
You can add an MSI file to each policy, so you can create several installers, each with a different policy, for different user groups.
Once the agents are registered, you can manage groups of PCs by their installed policy. All agents update centrally from the server, so you save on bandwidth and have only single updates to manage.
Policies specify when to perform a scan, what to do with infected files and how to deal with the real-time protection. The default policy has real-time protection, Active Protection, turned off. You can enable it, but have to choose how to deal with each monitoring instance, such as ActiveX installations and Internet Explorer toolbars. We would have preferred a more comprehensive default policy, because other products are ready for real-time protection out of the box. Once we turned on Active Protection, it dealt with threats ably, blocking quite a few attempts to install software on our test PC.
PC scanning was done very well and in good time. The software found most of the spyware on our PC and cleaned it. It does all this without alerting the user and reports back to the CounterSpy Enterprise management console.
The Quarantine button lets you view which files and infections have been detected and where they were located.
There is an excellent range of reports, so you can get a high-or low-level view of your network’s infection status. Reports tend to just list the name of an infection, though, and we could not get more information by clicking on the name, but this is elsewhere in the management GUI.
CounterSpy Enterprise is a well thought-out and comprehensive package that deals well with large corporate networks. Its multiple policy approach lets you apply the right settings to the right PCs, while its detection is top-rate.
Sign up to our newsletters
SC Magazine Articles
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- New attack uses ransomware to drop trojans and keyloggers
- 'GHOST' bug in Linux library enables remote takeover of victim's system
- Firm finds link between Regin spy tool and QWERTY keylogger
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history