As you might suspect, no one product does everything. You will have to make compromises, depending on what other security tools you already have installed and the skill levels of your staff. Because of this, we weren’t able to score each product numerically or award an overall winner.
Advanced endpoint protection products
|Vendor/Product Name||Delivery form factor for server||Endpoint agents available||Pricing|
|Comodo Advanced Endpoint Protection||Windows server or SaaS||Windows (XPSP3, Vista, Server, 7, 8, 10), Mac||$31-$54/user/year|
|CounterTack Sentinel||CentOS-based server||Windows (XPSP3, Server, 7SP1, 10), Linux||$50-$125|
|CrowdStrike Falcon Host||SaaS||Windows, Mac, Linux||$30/user/year|
|Cybereason||Linux server or SaaS||Windows (7, 8,10), Mac, Linux||$75/endpoint/year|
|ForeScout CounterAct||Linux Appliance and Windows management server||Windows, Mac, Linux (agents and agentless)||Starting at $5,000|
|Guidance Software Encase Endpoint Security||Windows server||Windows, Mac, Linux||Starts at $44,000|
|Outlier Security||Windows and SaaS||Agentless but Windows only||$40/endpoint/year|
|Promisec PEM||Windows server||Agentless||$25/user/year|
|Sentinel One Endpoint Protect Platform||Windows server or SaaS||Windows, Mac (>10.9), Linux||$45/user/year|
|Stormshield Endpoint Security||Windows server||Windows (XPSP3, Servers, 7SP1, 8.1, 10)||$15/user/year|
Here are the individual reviews:
Comodo Advanced Endpoint Protection (AEP) grew out of the company’s anti-malware line of products. It comes with the broadest collection of agents (including Windows, Mac and smartphones), with support for Linux desktops coming later this year. It is part of an overall software suite called Comodo One, but is still sold separately.
Its consumer focus shows: Comodo has the easiest and one of the fastest setups of any of the products we looked at: you can literally be up and running within 10 minutes. Its Web-based control console is simply laid out, with the sequence of steps you need to accomplish shown right on the front page, and the workflow steps listed on the main menu down the left-hand side of the screen. You can bulk setup your endpoints, or force an MSI package to them once the agent is installed.
That being said, we still needed some help to get our first full install to properly work on a Windows endpoint. However, this could be because the date/time service was not synchronized properly with an Internet time server on our VM. AEP sends out an email with several links embedded for installation on Windows or smartphones. Once your user clicks on the appropriate link, for the most part the installation happens quickly and without a lot of operator intervention.
AEP comes in two different forms: as an online service or as an application running on a Windows server. For the latter you will need a variety of components, including SQL Server and .Net Framework. Once that is up and running, you access its console via a Web browser. The features are the same whether on or off premises.
AEP’s heritage combines an “anti-virus-plus” product with that of a basic mobile device manager for the smartphone set. Most of its controls revolve around setting up a traditional malware prevention product, although there are lots of other features, including a host-based firewall, a set of policies to automatically move any unknown executable or other suspicious file into its cloud-based sandbox to prove its provenance, and a series of host-based intrusion prevention rules. All of these controls are contained in a series of web-based policy menus that can be organized into different policy groups.
Sign up for CIO Asia eNewsletters.