Strengths: Solid malware protection without the need for signature updates
Weaknesses: Difficult to configure
Verdict: Needs a bit of work on configuration, but this feature-rich product has good support to back up administrators
Invincea Enterprise takes a unique approach to stopping and controlling malware infection at the endpoint. With this software deployed, virtually all malware can seamlessly be detected, contained and prevented without any need for user interaction. This protection is accomplished through allowing applications that may come in contact with malicious code or malware to run in a virtual container, which can easily contain an infection, before it spreads or becomes a more serious problem.
We found this product to deploy easily throughout our environment. The client application can be deployed to endpoints manually as an executable installation or through Microsoft Active Directory Group Policy using an extracted MSI Installer. To use this, it must first be extracted from the executable installer. While we did not find this process difficult, to simplify the process we would have liked to see a downloadable version. Also, this solution uses preferences files for setting up the client applications remotely. We found this deployment technique to be confusing and required a lot of work on the frontend of the deployment. We would prefer a more automated way of deploying settings, such as a central management console that can communicate with clients.
Invincea does offer a management console of sorts, but it is more geared toward analysis and reporting, rather than overall management of the client applications. However, we found this console, which is known as the Threat Analyzer, to be quite good for what it is intended. It can be deployed as a virtual or physical appliance on the customer site or be hosted in the cloud. Regardless of how it is deployed, it can provide an excellent amount of threat analysis, while integrating directly with other threat analysis tools for a deeper forensic-based examination.
Documentation included administrator and user guides in PDF format. The administrator guide provided an excellent amount of detail on how to deploy the client applications through Group Policy, as well as other deployment means. Also included in this guide were configuration examples for the preferences file and many screen shots. The end-user guide outlines various tasks that the end-user can do within the client and protected applications. Both guides were well detailed and easy to follow.
Invincea includes support with the cost of the subscription. Options include access to eight-hours-a-day/five-days-a-week phone- and email-based technical aid, along with a customer portal on the website that includes a knowledgebase and FAQs section. Customers can also purchase additional services, such as installation support across the enterprise, as well as for custom integrations with other security tools.
At a subscription cost starting at £26.75 per seat, plus additional expense for the Threat Analysis server licence, we found Invincea Enterprise to be good value for money. While it was somewhat difficult to deploy and configure, we found it provided solid malware protection at the endpoint.