January 01, 2006
from $333, including one year of updates and product upgrades
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: MSI installation creator; good detection.
- Weaknesses: Reports don't give a lot of detail on the infections.
- Verdict: Excellent management, ability to create custom installer packages and good detection make this an excellent package for enterprises.
CounterSpy Enterprise is built for remote management and administration. One of its main tasks is to distribute the agent to PCs on your network. You can either push the installation using Windows Domain rights, or create an MSI installer package – probably the preferred approach for large networks as they can use existing distribution tools.
You can add an MSI file to each policy, so you can create several installers, each with a different policy, for different user groups.
Once the agents are registered, you can manage groups of PCs by their installed policy. All agents update centrally from the server, so you save on bandwidth and have only single updates to manage.
Policies specify when to perform a scan, what to do with infected files and how to deal with the real-time protection. The default policy has real-time protection, Active Protection, turned off. You can enable it, but have to choose how to deal with each monitoring instance, such as ActiveX installations and Internet Explorer toolbars. We would have preferred a more comprehensive default policy, because other products are ready for real-time protection out of the box. Once we turned on Active Protection, it dealt with threats ably, blocking quite a few attempts to install software on our test PC.
PC scanning was done very well and in good time. The software found most of the spyware on our PC and cleaned it. It does all this without alerting the user and reports back to the CounterSpy Enterprise management console.
The Quarantine button lets you view which files and infections have been detected and where they were located.
There is an excellent range of reports, so you can get a high-or low-level view of your network’s infection status. Reports tend to just list the name of an infection, though, and we could not get more information by clicking on the name, but this is elsewhere in the management GUI.
CounterSpy Enterprise is a well thought-out and comprehensive package that deals well with large corporate networks. Its multiple policy approach lets you apply the right settings to the right PCs, while its detection is top-rate.
SC Magazine Articles
- USAA members hit with multiple phishing attacks
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- U.S. government extends offer to protect states from electoral cyberthreats
- Cisco shedding 7% of its workforce
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought