Home
Products
Suppliers
Markets
Real-Time Analysis
Subscriptions
Sample Reports
About Us
IT Connection Product Assessment Product Assessment Click here
Product Assessments
- Choose Different Market
Application Infrastructure
Business Network Services - U.S.
Business Telecom Services - Europe
Collaboration and Conferencing
Contact Center Solutions
Data Center
Enterprise Communications
Enterprise Mobility - Europe
Enterprise Mobility - U.S.
Enterprise Network Systems
Enterprise Security
Managed IT Services
Mobile Devices
Telecom Services - Asia
Home Page
More Information | Products | Suppliers | Markets | Real-Time Analysis |
Integrated Client Security
Report Information | Contents | Buying Criteria | Product Metrics |
Check Point Endpoint Security
Cisco Security Agent (CSA)
IBM ISS Proventia Desktop Endpoint Security
McAfee Total Protection for Endpoint
Symantec Endpoint Protection 11.0
Top
Report Contents
Current Perspective Rating
Product Strengths & Weaknesses
Product Buying Criteria
Product Metrics
Top
Integrated Client Security Buying Criteria
Detection and Response
Methodology of detecting, preventing, alerting and auditing events; data analysis and correlating capabilities.
Management Features
Management features, including tools for helping administrators centrally manage individual desktops and reporting capabilities.
Architecture
The structure of the product, including OS requirements, integration and pre-configuration notations, and performance.
Vendor Support
The support customers can expect to receive during and after system set-up, in regard to routine signature updates and emergency response.
Top
Integrated Client Security Product Metrics
Firewall Features
Block or limit ICMP traffic
Block or limit IPv6 traffic
Block or limit Raw Ethernet traffic
Block or limit IPX traffic
Block or limit PPP traffic
Block or limit EAP traffic
Block or limit by Adapter Type
Block or limit Wireless traffic
Block or limit VPN traffic
Block or limit Dial-up traffic
Block or limit by Adapter Name
Block or limit by Screensaver Status
Block or limit by Time
Unlimited number of locations
Location Definition
Define location by IP Address
Define location by connection to management server
Define location by DHCP and DNS server
Define location by DNS lookup
Define location by Wireless SSID
Define location by connection type
Define location by registry key / value
Application level security control
Application level security control by Name
Application level security control by Application
Stateful inspection
Provides “zero-day” protection
Maximum throughput
Quarantine Mode
Connection Isolation
Traffic Log Blocked Traffic
Packet Log Blocked Traffic
Traffic Log Allowed Traffic
Packet Log Allowed Traffic
Log Upload
Syslog Support
Hot Spot Solution
Driver Level Protection
IDS/IPS Features
Supports network signature-based threat detection
Custom network IPS signature creation
Vulnerability-based threat detection
Safe Mode behavioral analysis
Embedded shell code protection
Filters cookies
Detects malicious e-mail scripts
Maximum throughput (IDS and IPS)
Block USB port (binary)
Specify blocked USB devices
Specify allowed USB devices
Block Bluetooth (Binary)
Specify blocked Bluetooth devices
Specify allowed Bluetooth devices
Removable Media - Allow/Block read
Removable Media - Allow/Block write
Removable Media - Specify file types
Block other devices (infrared, printer, etc.)
Block Application Installation
Block Application Removal
Block Application from being turned off
Block Application from being executed
Prevent file write/delete per application
Application shielding and enveloping
Web server and database server protection
Pre-defined HIPS reports
Audit/Learn function
Audit/Learn function by rule
Multiple event actions
Custom host IPS signature creation
Integrated host IPS rule editor
Customize client UI options
Anti-virus Features
Real-time AV file system scanning
On-demand AV file system scanning
Scheduled AV scanning
Real-time AV scan for Lotus Notes/Microsoft e-mail
Real-time AV scan for incoming/outgoing POP3/SMTP
In-memory scanning
Outbound e-mail worm blocking
Network Server anti-virus protection
Scan individual file, folder and drive
Forced restart of real-time protection if disabled
Heuristic scanning
Includes scan throttling options
Initiates scheduled events that are missed
Identify host that dropped threat on machine
Submit suspicious files for analysis
Detect and remove Adware and Spyware applications
Defend against zero-day attacks by HIPS rules
HIPS rules enabled by default
Protect against zero-day attacks by generic (N)IPS
NIPS Signatures enabled by default
Zero-day protection by analysis of behavior
Behavior enabled by default
Quarantine suspicious files
Silent install
Password protect client UI
Compressed file scanning
Client system roam to another management server
Missed event handling
Laptop battery optimization
Maximum throughput
On-access caching
Rootkit memory scanning
Rootkit disk scanning
Integrated buffer overflow protection
Access protection rules
File, folder or share lockdown
Self-protection
Per-process scanning
Integrated anti-spyware (PUP) protection
Client UI control
Infection trace
Automatic Updating
Security policies
Firewall rules
IDS signature
Anti-virus signature and engine updates
Expanded threat definitions (adware and spyware)
Man. server “pushes” content updates to client
Administrator can choose between "push" and "pull"
Centralized content update server
Master repositories
Distributed repositories
Any client can act as distribution point for peers
Management Features
Central console can manage client AV, FW & IDS
Uninstall third-party AV software
Web-based management UI
Role-based administration
Integration with Active Directory
Integration with LDAP
Can manage third-party AV software
Deploy from management console
Deploy with elevated privileges
Define anti-virus/spyware policy based on location
Define HIPS policies based on location
Define (N)IPS rules based on location
Define content updated policies based on location
Define anti-virus/spyware policy using connection
Define HIPS policies based on connection type
Define (N)IPS rules based on connection type
Define content updated policy based on connection
Automatic reporting and push
Central quarantine of suspicious files
Internet-based sub./response of suspicious files
Single response mechanism for updating definitions
Custom query builder
Save custom queries/filter
Actionable queries
Multi-server roll-up querying
Policy enforcement
Service provider support
User or computer-based policies
Technology Integration
Integrates with network IPS
Application-based network prioritization (QoS)
NAC enforcement on endpoint
Support Cisco NAC
Support Microsoft NAP
Support Trusted Computing Group TNC
Supports 802.1x
Other enforcement options (DHCP, in-line, gateway)
Wireless network security policy controls
Client firewall runs virus scan on outgoing files
Firewall instructed to block offending IP address
Remote Policy Compliance
Real-time heuristic virus scanning enabled
Real-time AV to scan specified types of access
Content update complete within specified # of days
A specified scan ran within the last (n) days
Exchange/Outlook plug-in scanner installed/enabled
Lotus Notes plug-in scanner installed/enabled
Auto remediation if virus defs out of date
Auto remediation if real-time protection off
Auto remediation if firewall disabled
Registry entry on client machine
File on client machine by name, version, location
File on client machine by checksum
Application on client machine is running
Control access to sensitive data files
Removable media controls (CD, USB, Floppy)
Clipboard (cut and paste) controls
Application inventory analysis
Acceptable usage controls
Remediation options
Remediation by: modify registry
Remediation by: modify files
Remediation by: download files
Remediation by: install software/patches in system
Remediation by: install software/patches for user
Remediation by: inform user
Remediation by: query user
Remediation by: start applications/service
Remediation by: stop applications/service
Remediation by: run scripts
Remediation by: run applications
Alerts
Customizable text in alert message
E-mail
SNMP trap
Pager
Run a program
Write to system event log
Tray icon shows alerts and disables
Notification aggregation and throttling
Logging and Reporting
View detailed logs from console
Logs date and severity of attacks
Logs hack attempts
Logs network information
Logs malicious activity
Real-time network status information
Historical reports
Can trace back to hacker’s origin
Customizable, real-time summary dashboards
Various dashboard charting options
Export logs in various formats
Automated log export
Audit logging
Platform Support: AV Client and Network Server
Windows list
Linux list
Unix list
Platform support: client firewall
32-bit and 64-bit support
Vendor Backend Response
Dedicated worldwide security research and response
Regular security protection updates
365x24x7 outbreak protection updates
Response centers worldwide
Professional and Managed Services Available
Security policy development
Network security consulting
Security architecture design and integration
Incident handling and response planning/forensics
Early warning service
Education services – Deployment and Management
Managed services
Remote installation service
Pricing & Licensing Options
Pricing (base)
Sold on a per-node basis
Includes one-year technical support
Includes one-year upgrade insurance
2nd year extended maintenance available
3rd year extended maintenance available
Support Features
7X24X365 extended hours available
Number of dedicated contacts – Level 1
Number of dedicated contacts – Level 2
Number of dedicated contacts – Level 3
Additional dedicated contacts available
Proactive alerting available
Product notification service available
Technical account manager available
Top
Product Landscape Chart
