G Data EndpointProtection Business
Strengths: EPB is a low-cost, easy to deploy, intuitive management console, offering good anti-virus, anti-spam and web filtering performance
Weaknesses: Basic removable device controls, minimal reporting features, no AD support
Verdict: G Data's new endpoint protection solution performs extremely well, with top anti-spam and web filtering scores. Looks very good value
Founded 25 years ago, G Data Software has focused on the German market. It has now decided the time is right to target the UK and is using this opportunity to unveil the endpoint protection software under review.
At its heart is G Data's anti-virus solution, but EndpointProtection Business (EPB) teams this up with controls for managing removable media, IM apps and general applications. It offers a client firewall, anti-spam, URL filtering and internet usage controls, while the enterprise edition also includes G Data's MailSecurity component.
EPB comprises a central server, a remote management console and client agents. The server can run on Windows from XP on and G Data provides client support for Windows 2000 and upwards.
The EPB server easy to install on a Windows Server 2008 R2 system and the routine also offers to load the administration console. The setup utility provides options for loading the console on another system, installing a remote web browser console and manually deploying the client.
Although somewhat pedantic in places, the documentation is generally very good.
A wizard helps configuration and client deployment and all discovered systems are displayed in the left console pane, with icons indicating their current status. For testing, we used a mix of PCs and VMware VMs to present multiple Windows XP, Vista and 7 systems.
All systems are initially placed in the console's root group so you can apply a default policy as soon as the client has been deployed. New groups can be created with their own policies.
Systems must be enabled first from the console, then the client can be automatically deployed. You can also push it manually to selected systems or create an installation package that can be pulled from a shared location, but AD is not currently supported.
AV scanning ops are configured from the Settings tab, where you select a group or system in the left pane and choose in the right pane how you want EPB to function. G Data provides dual scanning engines and this is one area where it differs substantially from other endpoint security products.
Rather than develop its own AV solution, G Data partners with established names in this field. EPB sports the BitDefender and Avast! engines and so has good credentials. The client is easy on resources during normal activity, barely registering any CPU usage.
We ran an on-demand scan using both engines on a dual 3GHz Xeon X5560 system. It took 15 minutes to scan 60,000 files and the Task Manager reported average CPU usage of 20 per cent to 25 per cent. Fairly high, but then you can easily schedule these jobs for out of hours.
Inbound and outbound mail can be checked for viruses and you can allow users to run local scans. Web and IM content can also be scanned and the EPB client can tag the subject line of suspect and confirmed spam emails.
The PolicyManager defines web content filtering and internet access schedules plus application and removable device controls. G Data provides an impressive selection of over 60 URL categories and you can have different permissions applied to systems and groups.
The web filtering service is provided by RuleSpace and delivered excellent results. With the games, gambling and social categories blocked, our users found their days of online bingo, poker and social networking were over, as EPB blocked access to all of the test sites visited.
Device controls are basic, with options for removable storage, optical media, cameras and floppy disks. You can only block their usage or allow read only or read/write operations and create white lists. However, it worked well, with the client blocking access to a variety of USB sticks and drives.
To test the anti-spam component, we placed test clients in a group with a policy that required all suspect and confirmed emails to have their subject line tagged. We left Outlook running for a number of days downloading live email from multiple accounts and saw G Data deliver a perfect 100 per cent spam-catching score, with minimal false positives.
This didn't surprise us as G Data uses the extremely effective Commtouch service. No spam quarantining is available, but EPB will apply this to any mail attachments found to be harbouring an infected payload.
General reporting tools are minimal, as the console will not show any details of blocked websites, devices or applications unless a user specifically requests access to them from the pop-up warning window.
No anti-spam reporting is provided, so if you want this you'll need EPB Enterprise and its MailSecurity component.
For application controls you enter into the policy the name of the program you want to block. EPB can examine executables and generate a checksum for them - thereby foiling users who think they can circumvent this by changing the filename.
Compared with other endpoint protection solutions, G Data's EPB looks particularly good value. Reporting and device controls are basic, but it's easy to use and puts in a strong performance for AV, anti-spam and web filtering duties.