G Data EndpointProtection Business 11
Strengths: Good value, choice selection of anti-malware, anti-spam and web filtering providers, greatly improved management console
Weaknesses: Unhelpful user manual, basic reporting facilities
Verdict: Reporting needs improving but G Data delivers a good value endpoint security solution with top web filtering, anti-malware and anti-spam performance
There may be plenty of endpoint security solutions on the market today, but G Data has always stood out for value. The latest version of its EndpointProtection Business (EPB) continues this tradition and adds a number of welcome features. Active Directory support was missing in the previous version, but this has now been remedied so you can import computers straight into the EPB console from selected AD containers. The management console gets a new dashboard that's a lot more informative, email alerting is now available and the optional remote web management interface has been poshed up with Silverlight.
EPB offers a good range of endpoint security measures, which starts with dual anti-virus scanning engines. G Data doesn't develop its own anti-virus solution and for EPB has partnered heavyweights Bitdefender and Avast!.
Anti-spam and web filtering are included as standard and these are hosted respectively by Commtouch and Symantec's RuleSpace. There's much more as EPB also provides a client firewall, internet usage controls and access management for removable devices and applications.
We used a Windows Server 2008 R2 system to host the EPB management server and the local console. For testing we used a mix of PCs and VMware VMs to present a range of Windows XP, Vista and 7 systems to EBP and all were correctly identified. To deploy the client you just need to enable them from the console and, once installed, they will receive a default policy, so protection starts straightaway.
We tested AD support by pointing the console at our domain controller and importing all entries from its computer container into a new EPB group. It worked without a hitch, but bear in mind that once a computer is added this way it cannot be deleted or moved to another group.
The new dashboard now has three extra windows showing client connection activity over the past month, the top 10 infected systems and a line graph of infections, errors and EPB activity. The last two can be modified to show activity over any time period, but the dashboard itself cannot be customised with other information or graphs.
All systems are grouped into the console's left pane and a default policy is applied at the root level for all new systems. Each group can also have its own policy as well as individual systems.
You can decide whether users are allowed to interact with the local client and what features they can access. You may permit them to run manual scans, manually download new signatures, modify anti-spam settings and view their local virus quarantine area.
For general anti-virus operations you can opt to use both scanning engines and decide how infections are to be handled. Scanning can also be applied to all web, IM and email traffic.
Anti-spam options are basic as the client can only tag the subject line of suspect and confirmed spam emails. Spam quarantining is not available so you'll need to create rules on users' email clients to deal with any tagged messages. However, in our experience Commtouch delivers excellent spam detection rates with minimal false positives.
If Outlook is already present when the client is deployed it'll also add an extra plug-in. The user manual makes a real hash of explaining this, but essentially users will find a new toolbar with three icons. These allow them to run quick virus scans of selected mail folders or highlight emails and add the sender or domain to personal black and white lists.
Device controls are available for floppy disks, optical media, removable storage and web cams. They aren't as good as products such as DeviceLock but they do allow you to block usage completely, allow read only or read/write access and enforce white lists. The web filtering service provides more than 60 categories to block or allow and different settings can be applied to each group or system. RuleSpace performed very well during testing and with games, gambling and social networking sites blocked, our test clients were unable to access any sites under these categories.
Reporting features though are still a disappointment. The main reason is the data protection regulations imposed in Germany, which is G Data's primary market.
Consequently, EPB doesn't provide any information about general website access. It will only log attempts to access blocked sites, devices or applications if the user requests access from the client's pop up warning window. Furthermore, if you want reporting on email and spam you'll need EndpointProtection Enterprise.