Introduction
Every month we will be publishing the results of our Enex TestLab eThreatz comparative real world test of eight anti-malware products marketed for the SME sector of business.
eThreatz six-month round-up: Malware innovation outpacing security defences, eThreatz testing shows
The products under eThreatz test will be:
- Symantec Endpoint Protection for Small Business
- Sophos Anti Virus
- Kaspersky Small Office Security
- Microsoft Security Essentials
- Trend Micro Worry Free Business Security Standard Edition
- ESET NOD 32 Antivirus
- Panda Security for Business
- McAfee Endpoint Protection Suite
2014 |
2013 |
2012 |
2011 |
April |
|||
March |
|||
February |
|||
We will compare the anti malware products under real world conditions using live malware captured from our own honey pots immediately before the testing is carried out. Proven live threats using active attack vectors and benign internet based files will be sought, subsequently analysed, and reported on as percentages in the context of false positives, false negatives, true positives, and true negatives. All testing will be performed via the HyperText Transfer Protocol (HTTP). Enex TestLab will not manufacture or manipulate any malware samples. While an assessment of the security to performance impact ratio of each product under test is possible by Enex TestLab eThreatz, it will not be carried out as part of this standard testing process. A simplified generic example of the test architecture is shown in Figure 1.
The architecture shown in Figure 1 will include a 'control' channel in addition to product offerings 1, 2, and 3. BASE (Behaviour Analysis System Environment) is used to execute and categorise files based on malicious or benign actions. DNA (Direct Network Automation) ensures that all product offerings under test make near simultaneous HTTP connections to each live website in the test set. The architecture ensures that malware and benign threats are captured, analysed, and compared to provide intelligence on which security component (shown in red text) blocks or allows specific files, and at what point in the security chain, depending on the parameters and purpose of the individual test.
The results will be published every month in summary form, freely available to all readers. In addition, a detailed Enex TestLab eThreatz report will be produced and be available by subscription from Enex TestLab.
For more information on Enex TestLab eThreatz anti-malware testing see http://www.enextestlab.com/web/guest/ethreatz