VB100 comparative review on Windows Server 2012 R2 64 bit

2015-12-09

John Hawes

Virus Bulletin
Editor: Martijn Grooten

Abstract

There was a pleasingly high pass rate in this server-based VB100 test, and along with it some fairly good stability ratings with no products falling below the ‘Fair’ category. John Hawes has the details.


Introduction

As a server test, this month’s comparative sees the return of some of our more technical performance measures, which we recently dropped from our desktop tests. Windows 2012 Server remains Microsoft’s latest and greatest for servers, with the server equivalent of Windows 10 not expected to become available until early 2016 at the earliest. The usual core group of regular participants appear in this test, along with a scattering of less familiar products. Unfortunately, testing was hampered by a number of complications which, along with some other urgent work which kept the test team busy, contributed to the late release of this report.

Platform, test sets and test components

We have tested on Windows Server 2012 R2 a number of times over the last few years, and find it generally fairly dependable and simple to operate. Test images were recycled from previous tests, with a few minor tweaks and updates made to the standard set of scripts and tools used to facilitate the testing process.

Test sets were locked down on the 22 April test deadline, and the latest WildList available on that date formed the core of our certification sets. Following standard practice, our sets of clean files were purged of older and less significant items and updated with a selection of new packages, most of which were business tools as befits a server-grade test.

Results

Agnitum Outpost Security Suite Pro 9.1

Main version: 9.1

Update versions: 4652.701.1951 build 45, build 57, build 63, build 69

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

Agnitum’s test record of late has been strong, with a good string of passes over the last two years, and good workmanlike performances in all our tests over that time. The product interface looks modern and professional with a good range of controls, and it operated smoothly throughout testing.

Scanning speeds were nothing too special initially, but soon became very fast indeed on repeat runs, with file access slowdowns showing similar improvements after some initial familiarization. RAM use was below average, with a rather heavy impact on the runtime of our suite of activities.

Detection was distinctly average, but the core certification sets were handled well, earning Agnitum another VB100 award and continuing its run of success.

avast! Business Security

Main version: 2015.10.2504

Update versions: 150421-1, 150505-0, 150511-0, 150518-0

Last 6 tests: 5 passed, 1 failed, 0 no entry

Last 12 tests: 9 passed, 2 failed, 1 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

With just a couple of blips for Avast in the last few years’ worth of tests, it has a long and mainly excellent string of test results overall. The vendor’s latest business edition looks polished and serious, providing the usual comprehensive set of fine-tuning options in an accessible fashion. It maintained good stability throughout our tests, the only issue noted being a long-standing problem with the adjustment of logging settings.

Scanning speeds were decent on demand, and as usual appear very light in our file access lag measures, thanks to minimal on-read protection by default – our measures with all settings turned up should be more directly comparable with other solutions which provide more thorough protection out of the box. RAM use was low, and our set of tasks was not too heavily impacted.

Detection was decent if not stellar, and with no issues in the WildList or clean sets a VB100 award is easily earned.

Avetix PRO

Main version: 5.0.0

Update versions: 5.0.140/5.0.106, 5.0.145/5.0.107, 5.0.147/5.0.108

Last 6 tests: 1 passed, 2 failed, 3 no entry

Last 12 tests: 1 passed, 2 failed, 9 no entry

ItW on demand: 99.85%

ItW on access: 99.85%

False positives: 0

Stability: Fair

As we approached the end of this comparative we received word from Avetix that the company was changing direction and would no longer be producing an anti-malware product, rendering these results somewhat academic. Over the last year or so the Bitdefender-based solution has put in some decent performances, but has struggled somewhat maintaining certification standards.

The product itself looked decent and well-made, but had a range of stability issues. Scanning speeds were decent, overheads a little on the heavy side, with RAM use a little high and a lightish impact on our set of activities.

Detection was strong, as we’d expect from Bitdefender, but once again a couple of missed items in the WildList set were enough to deny Avetix a VB100 award on its last attempt.

AVG CloudCare AntiVirus

Main version: 2015.0.5863

Update versions: 4334/9597, 4342/9701, 9749, 2015.0.5941/9807

Last 6 tests: 6 passed, 0 failed, 0 no entry

Last 12 tests: 12 passed, 0 failed, 0 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

AVG’s performances in the last couple of years have been exemplary, with passes in every available comparative. The latest ‘CloudCare’ solution has a fairly similar design to previous versions, with a dark and brooding colour scheme and a clear, usable layout. Stability was excellent throughout this month’s tests, with no issues to report.

Scanning speeds were decent from the off and improved significantly in the warm runs, with file access lag times not too heavy at first and barely detectable later on. Resource usage was around average and our set of tasks ran through in good time.

Detection was very strong indeed in the reactive sets, a slight drop in the proactive sets was probably due to increased use of cloud technologies, as the product’s name suggests. The core sets were handled perfectly, earning AVG another VB100 award.

Avira Server Security

Main version: 14.0.9.130

Update versions: 8.03.30.22/7.11.225.30, 8.03.30.28/7.11.229.188, 8.03.30.32/7.11.231.128, 14.0.10.96/8.03.30.34/7.11.233.196

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Fair

Avira also maintains an excellent record in our tests, with no fails in over five years and very few tests missed, apart from our annual Linux comparatives. The company’s server solution is a proper business product, with its interface using the standard MMC as a base; the layout is a little quirky but with a little exploration quickly becomes intuitive and provides a comprehensive set of controls. Stability was good for the most part, however we did note a number of scans of larger sets of malware failing to complete properly, an issue we have been investigating along with the product’s developers.

Scanning speeds were decent and very consistent across multiple runs, while file access overheads were barely perceptible thanks to an absence of on-read protection by default. Resource usage was just a fraction above the average for this month’s set of scores, while our set of activities ran through in very good time.

Detection rates were very strong indeed, with only the last section of the proactive test showing any drop in coverage, and only a slight one at that. The core certification sets were once again handled very well with no issues to report and another VB100 award is earned by Avira.

Bitdefender Endpoint Security

Main version: 5.3.20.642

Update versions: 7.60238, 7.60447, 7.60562, 7.60671

Last 6 tests: 6 passed, 0 failed, 0 no entry

Last 12 tests: 12 passed, 0 failed, 0 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

Bitdefender maintains a spotless record of VB100 passes, with no issues and no tests missed in close to five years. The current business solution is typically minimalist with only basic controls, but it ran smoothly with no signs of stress even under the heaviest of loads.

Scanning speeds were good, with some smart optimization evident in the warm runs. File access overheads were distinctly heavy over some file types, notably executables, but again they sped up considerably after initial settling in. Resource use was low, and our set of activities ran through pretty quickly.

Detection was excellent, as usual, with very little missed and only a slight downward trend through the sets, and with no issues in the certification sets a VB100 award is comfortably earned by Bitdefender.

BluePex AVware

Main version: 1.5.0.28

Update versions: 7613, 7844, 7891, 7943

Last 6 tests: 4 passed, 0 failed, 2 no entry

Last 12 tests: 4 passed, 0 failed, 8 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

After just a year of regular VB100 appearances BluePex has become a familiar name to the test team, with a run of good performances but still a few headaches which have led to the product not making it to the final report on a few occasions. The GUI is bright and shiny with a simple layout and a basic set of configuration options. Stability was reasonable, with some errors reported during installation and occasional scan crashes.

Scanning speeds were not the fastest, although some file types were handled a little more rapidly the second time around, but overheads were very light indeed with the default settings and still fairly low with everything turned all the way up. Resource use was low, but our set of tasks took a noticeable speed hit.

Detection, aided by the VIPRE engine, was very good indeed, and with no problems observed in the core sets, another VB100 award goes to BluePex.

Cyren Command Anti-Malware

Main version: 5.1.31

Update versions: 5.4.11

Last 6 tests: 1 passed, 4 failed, 1 no entry

Last 12 tests: 2 passed, 7 failed, 3 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 2

Stability: Fair

Cyren’s Command solution has a venerable history, much of it under different company names, and has mixed results in our tests, with spells of consistent success somewhat short and dispersed. The product interface reflects its age, remaining little changed after many years and providing the same fairly basic experience, but with the most important configuration options covered reasonably well. Stability was dented by a handful of crashes of the interface, mostly during the scanning of large malware sets but also when handling larger logs. However, these incidents didn’t seem to affect the provision of protection.

Scanning speeds were reasonable, and very consistent, while overheads were quite light and resource use also fairly low. Our set of tasks, on the other hand, showed a distinct slowdown.

Detection was very strong in the reactive sets, significantly less so in the proactive sets, highlighting the importance of the product’s cloud-based components. Our core sets showed good coverage of the WildList, but once again there were a small number of false alarms in the clean sets, meaning a VB100 award remains just out of reach for Cyren.

Defenx Security Suite 9.1

Main version: 9.1

Update versions: 4559.701.1951 build 45, build 57, build 63, build 69

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 8 passed, 0 failed, 4 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

Defenx is another solution that is steadily building up a good string of passes, having achieved a clean sweep in the last year with just our annual visit to Linux missed out. The product looks pretty similar to that of partner firm Agnitum, with the same decent set of configuration options, and the same solid stability under pressure.

Scanning speeds were pretty slow first time around, but blazing fast on repeat runs, while file access lag times were reasonably light. Memory consumption was fairly light, while our set of activities was significantly slowed.

Detection was somewhat below par but far from terrible, showing a fairly steep decline through our sets, but there were once again no problems with the WildList or clean sets and Defenx earns another VB100 award to add to its collection.

Emsisoft Anti-Malware

Main version: 6.1.2222.0

Update versions: 11515, 11578, 11613, 11643

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 9 passed, 1 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

Emsisoft’s products have put in some good performances in our tests over the last couple of years, showing a strong improvement over previous incarnations of what used to be known as ‘A-Squared’. The current version has a clean and slick look, nicely laid out and with a decent set of configuration options. Stability was not perfect, with a number of scan jobs falling over or failing to complete and some logging oddities which rendered gathering the data rather difficult.

Scanning speeds were pretty zippy, and overheads high to start off with but barely noticeable once the product had settled into its surroundings. Memory consumption was around average, with a fairly low impact on our set of activities.

Detection, aided by the Bitdefender engine that is included in the product, was predictably strong in the offline parts of the RAP test, while the numbers for the response sets are less than perfect thanks to a number of issues with scanning large filesets. The WildList and clean sets presented no difficulties however, and Emsisoft earns another VB100 award.

eScan Internet Security Suite (Server)

Main version: 14.0.1400.1746 DB

Update versions: N/A

Last 6 tests: 6 passed, 0 failed, 0 no entry

Last 12 tests: 11 passed, 1 failed, 0 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Fair

Barely a VB100 comparative review goes by that doesn’t include a solution from the eScan range – the vendor has not skipped a test since 2009, and has built up a strong record of passes over the years. This month, the product looks its usual serious self, with dark grey tones enlivened by a little more colour on the home screen. Stability was a little shaky, with a few scan crashes, some logging issues and a few other minor oddities adding penalties to the stability score.

Scanning speeds started pretty well and showed some strong improvements in the warm runs, while on-access overheads proved a touch high initially but soon got significantly better. Resource usage wasn’t excessive, and our set of tasks ran through in good time.

Detection, once again helped by a contribution from the Bitdefender engine, was very strong indeed, and with another clean sweep over the certification sets, eScan’s recent string of VB100 passes continues unabated.

ESET Endpoint Antivirus

Main version: 6.1.2222.0

Update versions: 11515, 11578, 11613, 11643

Last 6 tests: 6 passed, 0 failed, 0 no entry

Last 12 tests: 12 passed, 0 failed, 0 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

ESET maintains an impressive run of success in the VB100 tests, with passes in all tests going back into the distant past. The company’s current business solution has its usual look and feel, with a sombre grey colour palette reflecting the more serious surroundings of the workplace. Once again it held up impeccably throughout our suite of tests, with no stability issues to report.

Scanning speeds started off at average pace over binaries and archives and very fast over other file types, and quickly became super-quick after the initial familiarization runs. On-access overheads showed a similar pattern: a little slow to start with but very light indeed later on. Resource use was somewhat above average on all measures, but our set of activities completed in pretty good time.

Detection was solid, maintaining a very consistent level across the sets with only the slightest of dips into the later parts of the sets. No surprises cropped up in the certification sets, and another flawless run continues that epic streak of VB100 awards for ESET.

ESTsoft ALYac

Main version: 3.0.0.4

Update versions: 13.3.21.1/551174.2015042215/7.60238/5663976.20150422, 13.3.21.1/557276.2015050716/7.60449/5987931.20150507, 13.3.21.1/557874.2015051416/7.60569/5685828.20150514, 13.3.21.1/558422.2015052022/7.60670/5523255.20150520

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

ESTsoft’s ALYac is another product that has maintained a good record of late, helped once again by that ever-present Bitdefender engine. The interface remains busy and bustling with the usual cute cartoon adornments, but provides a decent set of controls across a wide range of components. Stability was decent too, although we did note some oddities with the updating system, which seemed to report successful updates when none had in fact been applied.

Scanning speeds were somewhat sluggish to start with but blasted through repeat runs over the same sets of files, while on access there was a noticeable slowdown opening executables on first visit, but not much to report elsewhere, with warm runs barely distinguishable from our baseline measures. Resource use was low, but this may be in part due to the rather lengthy time spent completing our set of standard activities, suggesting that at least some of the additional time was spent idly waiting for input from elsewhere.

As expected, detection was excellent with only the gentlest of downward trends through the sets, and with no issues in the certification sets another VB100 award is ably earned by ESTsoft.

Fortinet FortiClient

Main version: 5.0.9.1349

Update versions: 5.158/25.434, 25.618, 25.665, 25.752

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 9 passed, 1 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

Fortinet achieved a clean sweep of passes in the last year (barring our annual Linux test, which it didn’t enter), and it has a strong record in the longer term too. The product is plain and simple, with most of the controls presumably operated remotely from a central management system and not much available to the local user, but the basic options are all in place and simple to use. Stability was reasonable, with a few update issues and a single repeat of an old problem that occurred when the system was overtaxed.

Scanning speeds were reasonable and nicely consistent across test runs, while overheads started out fairly light and grew even lighter. Resource use was a little higher than for many, with an average length of time taken to complete our set of tasks.

Detection was once again very strong indeed, challenging the very best this month, and the core certification sets were handled admirably, comfortably earning Fortinet another VB100 award.

G Data Security Client/Administrator

Main version: 13.1.0.224

Update versions: AVA 25.1218/GD 25.4988, AVA 25.1428/GD 25.5055, AVA 25.1549/GD 25.5091, AVA 25.1653/GD 25.5126

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 9 passed, 0 failed, 3 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

G Data has managed to pass every VB100 comparative it has entered since the middle of 2011, with very few tests not taken part in. The latest server edition looks very slick and glossy on this month’s platform, with the admin tool nicely laid out and simple to operate despite offering a complete range of controls for the demanding administrator. The local client is, by contrast, simple and clean with only limited access allowed to local users, although more control can be granted with ease. Stability was good, with only a minor issue handling unusually large logs.

Scanning speeds were pretty good from the off and as usual repeat jobs completed in a flash, while file access lag times were a little high over executables at first but very light elsewhere and barely detectable after an initial settling-in period. Resource use was low, although our set of activities did take a little extra time to complete.

As usual, detection was very strong with not much missed, only the very latest set of samples showing any drop in detection, and then only a minor one. The WildList and clean sets were dealt with perfectly, earning G Data another VB100 award.

iSheriff Security from the Cloud

Main version: 5.5.2.0420

Update versions: 5.5.1/3.7.1

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

The iSheriff solution is another product that incorporates the Bitdefender engine, and another with a long string of VB100 passes over the last few years. This solution is a fairly complex platform with multiple components, but with some experience, digging out the endpoint installation package from the online portal is a fairly quick and easy task, and set-up and operation – mainly through a series of browser-based interfaces – is also reasonably simple. Stability was pretty good too, with the only issue noted being some oddities with language selection after install, which seemed to correct themselves after a short time.

Scanning speeds were pretty decent, with minimal attention paid to archives by default. Overheads were fairly light too, with only executables taking a significant amount of time and then only on first visit. Resource use was on the low side, with a good time taken to complete our set of tasks.

Detection was as solid as expected with only the last part of the proactive sets showing much of a decline, and with the core certification sets handled well, iSheriff earns another VB100 award without any trouble.

K7 Internet Security

Main version: 14.2.0266

Update versions: 9.203.15674, 14.2.0267/9.203.15839, 9.203.15880, 9.204.15942

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 7 passed, 1 failed, 4 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

After a spell of patchy submissions a couple of years ago, K7 has managed to pass all tests entered in the last year, skipping only our Linux test, and has done so with some style. The familiar military-themed interface remains rugged and solid, providing a decent set of controls in easy-to-access form and maintaining rock-like stability throughout our suite of tests.

Scanning speeds started pretty well and got better, while overheads went from a touch high to fairly low once warmed up. Memory use was a touch below this month’s average, with a decent pace through our set of tasks.

Detection was pretty decent too with just a gentle downward trend through the sets, and with no issues in the core sets a VB100 award is comfortably earned by K7.

Kaspersky Endpoint Security 10 for Windows

Main version: 10.2.2.10535

Update versions: N/A

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 6 passed, 0 failed, 6 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

This test saw a trio of solutions submitted by Kaspersky Lab, with the company’s Endpoint edition – a product with a good string of recent success behind it – up first. The traditional green Kaspersky colour scheme marries nicely with a pale silvery tone to give the interface a serious, businesslike look without becoming dull or drab, and the design and layout is excellent with a comprehensive set of controls.

Scanning speeds were not the fastest in initial runs but became very fast indeed after warming up to the test system, while overheads shrank to almost zero once settled in, from a fairly high starting point. Resource use was very low, and our set of tasks got through in excellent time.

Detection measures were somewhat complicated by a long-running issue with the KSN cloud system interacting with our test network and procedures, once again making our results somewhat unreliable, to the extent that none are reported this month. However, with perfect WildList coverage and no false alarms, Kaspersky earns its first VB100 award of the month.

Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition

Main version: 8.0.2.213

Update versions: N/A

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

Our test records show a clean sweep over the last two years for Kaspersky’s standard anti-virus product, with only a couple of tests not entered. This enterprise version uses an MMC-style interface, making good use of colour to lighten things up but remaining very clear and orderly for a proper business admin. Controls are provided in complete depth and proved simple to find and operate. Again, issues with the cloud system meant there were no RAP scores, but the only other problem noted was a sporadic crashing of scan jobs under heavy stress.

Scanning speeds were again a little slow first time around but blindingly fast after that, with file access barely hindered after that initial settling-in period. RAM use was a shade above average for this month but a decent time was recorded through our set of activities.

With no detection scores to round out our data, there are just the certification sets to discuss. These were well covered, with no issues to report and another VB100 award is easily earned by Kaspersky’s enterprise-grade solution.

Kaspersky Small Office Security 4 File Server

Main version: 15.0.2.361

Update versions: N/A

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 6 passed, 0 failed, 6 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

The third offering from Kaspersky Lab this month is a small business one. The S.O.S. solution has become a fairly regular VB100 participant over the last year or so and has already picked up a nice string of passes. The design of the GUI is akin to home-user solutions, but with more sombre and businesslike colours, and once again a splendidly thorough set of options is provided in an intuitive format. Other than the cloud issues, which relate closely to the requirements of the VB test lab, no stability problems were noted.

Scanning was a little slow in some areas, at least at first, with some strong improvements later on, and similar optimization was noted in the file access speed measures, dropping from a fairly high initial point to a barely detectable trace. Again, memory consumption was around average with a reasonable impact on our set of activities.

The core sets were dealt with properly despite the cloud issues, and Kaspersky earns its third VB100 of the month.

KYROL Internet Security 2015

Main version: 9.0.6.9

Update versions: 1.1.107.0/91481, 91697, 91751, 91808

Last 6 tests: 0 passed, 3 failed, 3 no entry

Last 12 tests: 0 passed, 3 failed, 9 no entry

ItW on demand: 99.80%

ItW on access: 99.92%

False positives: 0

Stability: Fair

Part of a family of products which have been striving for VB100 certification for a while now, KYROL has yet to achieve its first award, despite having come fairly close. The product looks jazzy and glossy with an orange-on-black colour scheme and large friendly buttons and icons, and provides a decent set of basic configuration options. Alongside some minor scanning issues we noted an ongoing problem (previously recorded and as yet unfixed) with file type coverage, which made a heavy dent in our stability rating.

Scanning speeds were a little slow, speeding up somewhat over media and other miscellaneous file types, but overheads were fairly light with some speeding up in the warm runs. RAM use was a little high, and our set of activities was only slightly impeded.

Detection was decent, trailing off somewhat through the test sets, and there were no issues in the clean sets, but once again a few misses in the WildList mean there is no VB100 award for KYROL this time around.

Microsoft System Center Endpoint Protection

Main version: 4.7.209.0

Update versions: 1.1.11602.0/1.197.52.0, 1.197.1769.0, 1.197.2197.0, 1.197.2856.0

Last 6 tests: 5 passed, 0 failed, 1 no entry Last 12 tests: 10 passed, 0 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

Microsoft’s business product line has picked up a perfect chain of passes over the last couple of years, having only been absent from our annual Linux tests, as one might expect. The product remains its familiar self, fitting in nicely with Windows and providing a decent basic set of configuration options in a reasonably clear way. Once again, stability was impeccable throughout our tests.

Scanning speeds weren’t the fastest but remained solid and dependable, with overheads mostly fairly light but rather heavy over media and document files. Resource usage was fairly close to this month’s averages, and our set of tasks was not significantly slowed down.

Detection was no more than respectable, with a steady decline through the sets, but the certification sets were properly dealt with, with no issues in the WildList or clean sets, and a VB100 award is comfortably earned by Microsoft.

MSecure Internet Security

Main version: 1.1.107.0

Update versions: 91481, 91697, 91751, 91808

Last 6 tests: 0 passed, 3 failed, 3 no entry

Last 12 tests: 0 passed, 8 failed, 4 no entry

ItW on demand: 99.80%

ItW on access: 99.92%

False positives: 0

Stability: Fair

MSecure continues to work towards VB100 certification after a lengthy spell of issues, mainly relating to on-access detection levels. The latest product interface is plain and simple, heavy on text, but it provides a decent baseline level of options. Stability was dented mainly by the ongoing problems with certain file types.

Scanning speeds were a little on the slow side, overheads very light, although ignoring some common files may have had some impact there. Resource usage measures were all a little above the average for this month’s test, but our set of tasks wasn’t slowed down too much.

Detection was very strong in the response sets, declining somewhat into the later parts of the RAP sets, and while the clean sets were handled well, some issues in the WildList sets meant once again there was no VB100 for MSecure.

Norman Security Portal

Main version: 7.60236

Update versions: 5663105, 7.60447/5987594, 7.60562/5696984, 7.60670/5523255

Last 6 tests: 4 passed, 1 failed, 1 no entry

Last 12 tests: 8 passed, 2 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Solid

After a long and illustrious history in the VB100 tests, the participation of the Norman brand seems likely to be nearing its end, with the retirement of the original engine announced while this test was under way; the current product includes the Bitdefender engine, and its future remains hazy since the acquisition of Norman Safeground by AVG. The product looks young and fresh though, with a web-based portal providing most of the controls and the client-side interface simple in the extreme. Stability was very good, with no issues to note.

Scanning speeds were pretty good, with file access times slow at first but reduced almost to zero once settled into place. RAM use was average and our set of tests completed rapidly.

Detection was splendid, with excellent coverage across the board, and with the core sets dealt with well, with another VB100 award goes to Norman.

Panda EndPoint Protection

Main version: 6.81.11

Update versions: 7.00.00, 7.20.0

Last 6 tests: 5 passed, 0 failed, 1 no entry

Last 12 tests: 8 passed, 2 failed, 2 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Fair

Panda’s performances in VB100 tests have been strong over the past year, with passes in all but our Linux tests (which were not entered). The current business version has the usual pared-down, minimalist interface with only the most basic of options. Stability was fairly decent, with just an odd error during one install, which did not recur, and a lockup in the on-access system under heavy stress.

Scanning speeds weren’t the quickest, but overheads were fairly light and got even better later on. RAM use was fairly average, although our set of tasks did take quite some time to complete.

Detection was strong in the reactive sets, with no figures for the offline proactive sets thanks to the product’s heavy reliance on the cloud. The certification sets were well handled, with no problems to report, and another VB100 award is earned by Panda.

SecuraLive Internet Security

Main version: 9.0.6.9

Update versions: 1.1.107.0, 91481, 91697, 91751, 91808

Last 6 tests: 0 passed, 3 failed, 3 no entry

Last 12 tests: 0 passed, 3 failed, 9 no entry

ItW on demand: 99.92%

ItW on access: 99.92%

False positives: 0

Stability: Fair

Another member of the MSecure family still hoping for its first certification, SecuraLive’s product looks bright and cheery with large buttons, plenty of clear information and a good basic level of configuration. The product’s stability rating is heavily dented by ongoing issues with file type coverage.

Scanning was on the slow side, with overheads very light thanks to the product ignoring some important files, while resource consumption was low and our set of activities completed rapidly.

Detection was very strong, although coverage declined a fair bit through the sets. The clean sets were handled without incident, but some problems in the WildList sets mean there is still no VB100 award for SecuraLive.

TeamViewer ITbrain Anti-Malware

Main version: 10.0.41459

Update versions: N/A

Last 6 tests: 3 passed, 0 failed, 3 no entry

Last 12 tests: 3 passed, 0 failed, 9 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

ITbrain is a relative newcomer to the VB100 tests, but has done well in its first few appearances. The product is closely integrated into the rest of the TeamViewer line-up, and is mainly controlled from a web-based portal, which seems fairly clear and responsive. Stability at the client side was decent, but we did see a few scans crashing out.

Scanning speeds weren’t too bad from the off and quickly became very fast indeed, while overheads were distinctly heavy with little sign of later improvements. Resource use was decidedly high as well, but the run time of our set of activities was not badly affected.

Detection, which is aided by the integrated Bitdefender engine, was very strong in the reactive sets, but there are no proactive figures to report thanks to the product’s reliance on web connectivity. The core sets were handled well, and ITbrain earns another VB100 award without problems.

TrustPort Antivirus 2015

Main version: 15.0.2.5426

Update versions: N/A

Last 6 tests: 3 passed, 0 failed, 3 no entry

Last 12 tests: 7 passed, 0 failed, 5 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

TrustPort has been a regular in the VB100 tests for quite some time now, although several tests have been skipped over the last year or so. Things seem to be back to normal now though, with a new string of passes building up nicely along with some more impressive detection scores, assisted as ever by the combination of engines from Bitdefender and AVG. The product retains some familiar touches, although the 2015 version has a much glossier and smoother interface than previous editions. Stability was reasonable, although a few scans did lock up or crash out.

Scanning speeds were dependable if not super quick, with rather high lag times opening files, especially executables. Resource consumption wasn’t excessive though, and our set of tasks completed in reasonable time.

As usual, detection was the highlight, with some extremely high scores across the board. This extended to the core sets where everything went well, easily earning TrustPort another VB100 award.

Wontok SafeCentral Security Suite

Main version: 1.0.881.0

Update versions: 1.0.910.0

Last 6 tests: 2 passed, 0 failed, 4 no entry

Last 12 tests: 3 passed, 0 failed, 9 no entry

ItW on demand: 100.00%

ItW on access: 100.00%

False positives: 0

Stability: Stable

Last on the list this month is another multi-engine product from Wontok, which we have seen a few times over the last year or two, always with impressive detection levels. The product looks clean and straightforward, but with big colourful icon buttons and a decent level of configuration. Stability was very good, the score dented only by a single minor activation error during installation.

Scanning speeds were pretty good, overheads a little high but showing signs of some optimization during the warm runs. RAM use was on the high side but processor use not too heavy, and our set of tasks was noticeably slowed down, but not to an excessive degree.

Detection was once again superb with very little missed, and with a good showing in the certification sets too another VB100 award is well deserved by Wontok.

Results tables

(Click for a larger version of the table)

(Click for a larger version of the table)

(Click for a larger version of the table)

(Click for a larger version of the table)

(Click for a larger version of the table)

Performance graph 1.

Performance graph 2.

(Click for a larger version of the table)

On-demand throughput graph 1.

On-demand throughput graph 2.

(Click for a larger version of the table)

On-access lag graph 1.

On-access lag graph 2.

(Click for a larger version of the table)

(Click for a larger version of the chart)

(Click for a larger version of the chart)

Untested products

As usual, a few solutions were excluded from this report for various reasons; this month these included products from Qihoo and Tencent.

Conclusions

There was a pleasingly high pass rate in this test, and along with it some fairly good stability ratings with no products falling below the ‘Fair’ category. Our server tests are always a little more demanding, so it’s good to see a wide range of high-quality solutions are available, from both familiar and new providers.

As usual, a few products did not quite make the grade, but even they did pretty well in general, with only some minor glitches standing in the way of certification. Next up is another desktop test, on Windows 7, and we expect to see a somewhat larger selection of products and, most likely, a rather higher level of shakiness. As ever, we welcome feedback and comments.

Technical details

Test environment. All tests were run on identical systems with AMD A6-3670K Quad Core 2.7GHz processors, 4GB DUAL DDR3 1600MHz RAM, dual 500GB and 1TB SATA hard drives and gigabit networking, running Microsoft Windows Server 2012 R2.

Any developers interested in submitting products for VB's comparative reviews, or anyone with any comments or suggestions on the test methodology, should contact john.hawes@virusbtn.com. The current schedule for the publication of VB comparative reviews can be found at http://www.virusbtn.com/vb100/about/schedule.xml.

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest reviews:

VBSpam Comparative Review - March 2019

All 11 full solutions participating in this test obtained a VBSpam award, and four of them performed well enough to earn a VBSpam+ award. However, it is important to look beyond the spam catch rates: block rates of malware and phishing emails, though…

VB100 Certification Report - February 2019

Users are right to expect anti-malware products to satisfy a minimum standard of blocking malicious executables that have recently been seen in the wild, while blocking few to no legitimate programs. This report details the performance of 30…

VBWeb Comparative Review - Winter 2019

In the Winter 2019 VBWeb report we detail the performance of two web security products against live web threats and look at the current state of the web-based threat landscape.

VB100 Certification Report - December 2018

For more than two decades, Virus Bulletin has set a minimum standard for anti-virus (or anti-malware) products, checking whether products live up to expectation and providing those that do with the VB100 ‘stamp of approval’. This report details the…

VBSpam Comparative Review - December 2018

In this test – which forms part of Virus Bulletin’s continuously running security product test suite – 11 full email security solutions and eight blacklists of various kinds were assembled on the test bench to measure their performance against…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.