ESET Endpoint Security
September 01, 2015
Varies, 100 users for three years is about £11 per user per year.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Completeness, ease of use and deployment, documentation much improved.
- Weaknesses: None that we found.
- Verdict: For a complete endpoint security product, this one really is worth noting.
ESET Endpoint Security is one of the products that does a lot of different functions, including anti-malware, anti-spam, web control, firewall, cloud-assisted scanning, anti-phishing, botnet protection, exploit blocker, memory scanner and vulnerability shield, an extension of the firewall. In a virtual environment, this tool scans a virtual machine built as an exemplar or gold machine and then puts the known clean VM into "deep freeze." When the VM is cloned in the future, all clones also will be clean.
There are two components for the ESET Endpoint Security product: the endpoint and the management console. The management console, in addition to operating on the usual PCs, is mobile device friendly. We really like that as there are many times that managing an event from a mobile device is most convenient.
The endpoint sets up nicely and has a very good user interface. Policies are easy to set up and there are 27 categories and 140 subcategories that come with the product. These are for web filtering, which arguably is the most dangerous source of threats to endpoints.
The remote administrator opens to a familiar-looking dashboard. The administrator can be installed on Windows, Linux or as an appliance on VMware, HyperV or Virtual Box. The endpoint piece uses an agent to communicate with the administrator. It can be installed through the remote administrator or a third-party tool. There also is a live installer that can be run on the endpoint itself.
Going back to the administrator, the drill-down from the main dashboard is reminiscent of typical reports. There is a lot of good information for the administrator and, at the detailed level, the tool has what ESET refers to as an actionable dashboard. One of the things we liked was the ability for the administrator to create custom dashboards. These dashboards can be representative of those things in a particular enterprise that the administrator most wants to keep an eye on. To get you started there are several predefined dashboards as well.
A useful function of the tool is its rogue detector. This function watches the enterprise for computers that connect that it doesn't know about. While this is not a full-function network access control tool, it does pinpoint unknown devices.
Further, groups can be defined as static or dynamic, meaning that the membership changes or doesn't, and scanning for threats gives excellent, detailed drill-down reporting. As to reporting, there is a complete report creation function on the administrator device. Although there are a lot of predefined reports, you can create your own and to help you along ESET provides over 1,000 templates. Once a report is defined it can be programmed to be sent out to a list automatically. So management can get a quick-read status report every morning and IT can get a detailed remediation report at the same time.
Of course, the endpoint can be configured remotely by the administrator and the granularity for that task is excellent. There is a solid mobile device management piece to this remote configuration that does such standard tasks as anti-theft actions, operating system updates, and device enrollment. Similar to reporting, actions on the endpoint can trigger some sort of notification. There are quite a few provided but you also can roll your own. These alerts/notifications can be detailed if necessary.
The usual functions on the endpoint also are present, such as managing access rights, licenses and users. User rights are role-based and there is, again, excellent granularity. With this tool you can have multiple administrators, each covering a different set of tasks so that no one administrator has full control.
Exploit blocker focuses on the most vulnerable aspects of the endpoint - Java, for example - and takes extra measures to protect it. These weaknesses are in applications and the product watches for any attempt to exploit the application based on its prior knowledge of vulnerabilities for that app.
There is a lot more to this product than space here allows us to detail, but we liked it for its completeness and its ease of use and deployment.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime