Whether your company embraces the consumerization of IT or your policy states that only organization-managed assets are allowed in the enterprise, protecting the endpoints is probably high on your list. Whichever the device or wherever the employee, the importance of securing assets that attach to your infrastructure continues to rise.
Even if your goals are to incrementally increase the security posture of your endpoints, chances are you're experiencing all sorts of challenges with regard to making this happen in any sort of expedited manner. With so many security vendors offering varying degrees of encryption, data leakage prevention, anti-malware, device control, application whitelisting and other features, you may find yourself looking for one or many endpoint security components based on where you're at with your current product lifecycles. Strategizing on how to cost-effectively implement endpoint security over time can be daunting if you have legacy vendor relationships or if you're avoiding adding yet another agent.
The good news is convergence keeps moving forward, and licensing models are improving to help reflect the convergence. The more mature enterprise-class vendors seem to have a bit of a headstart, understanding that not everyone is going to rush out and replace their current anti-virus or other critical endpoint component they are running today. As the space matures and customers demand more from a unified agent that isn't terribly bloated, businesses will have an easier time understanding their options and how they can budget and plan for additional endpoint protections.
In this Group Test review, we focus mostly on host-based endpoint security protections. This means that the products had to have some feature to secure a local computer or, at least, secure the impact that any one particular host may have on the environment. Traditional, host-based endpoint security features include anti-virus, firewall, file/folder/disk encryption, application control, protection from local devices (USB, DVD, CD, etc.), web browsing protection, data leakage prevention and other similar technologies. Most products contained one or more of the aforementioned endpoint components. Some contained quite a few features. Overall, the products that we reviewed in this Group Test reflect the myriad of choices that businesses have in regard to how many features they need and how the solution fits into their environment.
How we tested
It is worth noting that all of the products we tested were client/server software applications. We installed the products in either physical or virtual environments based on the products' various requirements. This included a combination of Windows 2003, Windows 2008, Windows XP, Windows Vista/7 and various database and web platforms as needed.
As always, the areas we assessed were a combination of features, administration, support offerings, documentation, ease of use, cost and the total value for the money. Every product in this Group Test installed fairly effortlessly and could be managed through some sort of server-side or web-based console. In many of the technical areas, the solutions scored very similarly. We didn't encounter any solutions that were difficult to deploy from either a server or client perspective, so, ultimately, the buying decision comes down to cost, features and the overall fit in the environment.
The licensing choices seem to be aligning well with regard to simply unlocking features of the solution with an additional license key. Customers can avoid having to make tougher buying decisions by excluding solutions that offer unneeded components. Whatever the deciding factor may be, there are certainly enough quality choices to warrant a second look or even some long-term planning from organizations that may have traditionally shied away from endpoint security altogether.
Derek Thomas contributed to these reviews.