Content

ESET Endpoint Security

ESET Endpoint Security is one of the products that does a lot of different functions, including anti-malware, anti-spam, web control, firewall, cloud-assisted scanning, anti-phishing, botnet protection, exploit blocker, memory scanner and vulnerability shield, an extension of the firewall. In a virtual environment, this tool scans a virtual machine built as an exemplar or gold machine and then puts the known clean VM into "deep freeze." When the VM is cloned in the future, all clones also will be clean.

There are two components for the ESET Endpoint Security product: the endpoint and the management console. The management console, in addition to operating on the usual PCs, is mobile device friendly. We really like that as there are many times that managing an event from a mobile device is most convenient.

The endpoint sets up nicely and has a very good user interface. Policies are easy to set up and there are 27 categories and 140 subcategories that come with the product. These are for web filtering, which arguably is the most dangerous source of threats to endpoints.

The remote administrator opens to a familiar-looking dashboard. The administrator can be installed on Windows, Linux or as an appliance on VMware, HyperV or Virtual Box. The endpoint piece uses an agent to communicate with the administrator. It can be installed through the remote administrator or a third-party tool. There also is a live installer that can be run on the endpoint itself.

Going back to the administrator, the drill-down from the main dashboard is reminiscent of typical reports. There is a lot of good information for the administrator and, at the detailed level, the tool has what ESET refers to as an actionable dashboard. One of the things we liked was the ability for the administrator to create custom dashboards. These dashboards can be representative of those things in a particular enterprise that the administrator most wants to keep an eye on. To get you started there are several predefined dashboards as well.

A useful function of the tool is its rogue detector. This function watches the enterprise for computers that connect that it doesn't know about. While this is not a full-function network access control tool, it does pinpoint unknown devices.

Further, groups can be defined as static or dynamic, meaning that the membership changes or doesn't, and scanning for threats gives excellent, detailed drill-down reporting. As to reporting, there is a complete report creation function on the administrator device. Although there are a lot of predefined reports, you can create your own and to help you along ESET provides over 1,000 templates. Once a report is defined it can be programmed to be sent out to a list automatically. So management can get a quick-read status report every morning and IT can get a detailed remediation report at the same time.

Of course, the endpoint can be configured remotely by the administrator and the granularity for that task is excellent. There is a solid mobile device management piece to this remote configuration that does such standard tasks as anti-theft actions, operating system updates, and device enrollment. Similar to reporting, actions on the endpoint can trigger some sort of notification. There are quite a few provided but you also can roll your own. These alerts/notifications can be detailed if necessary.

The usual functions on the endpoint also are present, such as managing access rights, licenses and users. User rights are role-based and there is, again, excellent granularity. With this tool you can have multiple administrators, each covering a different set of tasks so that no one administrator has full control.

Exploit blocker focuses on the most vulnerable aspects of the endpoint - Java, for example - and takes extra measures to protect it. These weaknesses are in applications and the product watches for any attempt to exploit the application based on its prior knowledge of vulnerabilities for that app.

There is a lot more to this product than space here allows us to detail, but we liked it for its completeness and its ease of use and deployment.

Product title
ESET Endpoint Security
Product info
Name: ESET Endpoint Security Description: ESET Endpoint Security is one of the products that does a lot of different functions. Price: Varies, 100 users for three years is about $17 per user per year.
Strength
Completeness, ease of use and deployment, documentation much improved.
Weakness
None that we found.
Verdict
For a complete endpoint security product, this one really is worth noting.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.