Security software has become a necessary part of running any computer-based business, and it's been evolving almost as quickly as the Internet threats the software is designed to combat. Where anti-virus software once stood as the lone guardian, firewalls and anti-spyware products soon joined the defensive line.
The latest advancement is called hosted intrusion detection systems, or HIPS. This software category adds an additional level of protection that catches many of the digital threats that manage to bypass traditional defenses. The problem, however, is that you're left with a bunch of individual programs that can be difficult to manage and may not always play well together.
"Customers no longer want anti-virus from one company, a firewall from another, and anti-spyware from yet a third," says CJ Desai, director of product management for endpoint security at Symantec. "They want consolidated management function for the various security functions."
American Risk Solutions, a commercial collection agency based in Thousand Oaks, Calif., is one case in point.
"I tried running different Symantec, McAfee and Trend Micro anti-virus tools with a variety of spyware products and ended up trying to keep track of 20 different things," says Richard Kunz, the company's CEO. "But if you can roll products into a suite, it greatly reduces your system administration duties."
Thus a newer class of security suites is now hitting the market from the major security software companies, as well as some emerging security vendors. These tools pull together anti-virus, anti-spyware, personal firewall and HIPS into one software package that can be managed from one screen.
A recent survey by analyst group Forrester Research Inc. found that while security suites still trail individual software solutions, they are gaining popularity and are steadily closing the gap. The top reason people prefer them? Fifty percent cited manageability as the principle factor, not the lower cost.
"Using best-of-breed tools has become a costly choice due to manageability issues," says Natalie Lambert, a Forrester Research analyst. "Integrated suites are a much better approach as the various tools work closely together, provide more comprehensive threat prevention and are a lot easier to manage. When anti-virus contracts come to an end, many companies will buy a suite instead."
For the moment, the anti-virus market continues to dominate endpoint security. According to research firm International Data Corp. (IDC), Symantec has a 64 percent share of the $2 billion per year consumer/SMB anti-virus market. McAfee is next at 15.7 percent. After that come companies such as Trend Micro and Panda Software.
Over the next couple of years, the anti-virus market is going to lose ground as suites rise to the fore. While suite offerings vary from vendor to vendor, the protection of SMB desktops and laptops requires four core technologies — anti-virus (AV), anti-spyware (AS), personal firewall (PF) and hosted intrusion protection systems (HIPS). The products mentioned below include each of these elements in varying degrees.
Symantec offers AV in tandem with AS, PF and some HIPS functionality. Its Norton Internet Security suite costs $250 for five licenses and includes protection against phishing (an online scam where criminals lure you into revealing credit card information by pretending to be an e-mail from your bank, for example).
For larger sites, Symantec Client Security doesn't include phishing but has more robust defenses. It costs $320 for five licenses and $4,000 for 1,000. "Symantec Client Security is a complete solution, including anti-virus, anti-spyware, a personal firewall, and limited HIPS functionality," says Lambert. "It is sort of integrated, but you have to look at two screens."
The McAfee suites are harder to follow due to their moving-target features. At the bottom of the ladder is VirusScan SMB edition at five licenses for $270 and 100 for $3,124. It has AV and a bit of AS. Otherwise, you have a litany of choices depending on whether you go to the consumer or SMB site. These go from 3-in-1 ranging all the way up to 10-in-1 (known as Total Protection). McAfee Total Protection for SMB has AV, AS and PF but no HIPS. It costs $175 for five licenses and $3,000 for 100.
McAfee Total Protection for the home and home office market, on the other hand, seems more comprehensive. As well as the four cornerstones of desktop security, you have options for backup, anti-spam, anti-phishing, parental controls, ID theft and home network protection. But this is pricier, at $80 per license. And it is weighted more toward consumer features that a small business may not ever use. The big plus is integration. "McAfee offers a fully integrated product where the user only sees one screen," says Lambert.
Like McAfee, Trend Micro stresses product integration. Its Client/Server/Messaging Security for SMB includes PF and deals with spam, viruses and phishing at the desktop level. It throws in Microsoft Exchange server e-mail protection, but it does not include HIPS and AS.
The cost is $241.50 for five licenses and $4,620 for 100. To include an AS option, add $105 and $1,785 to those figures respectively. "Trend Micro has very good centralized control, but doesn't have much HIPS functionality," says Charles Kolodgy, an analyst at IDC.
The Panda BusinessSecure suite appears to cast a wider net with its HIPS technology called TruPrevent. The company says it uses a combination of signature-based detection/removal plus a behavioral analysis engine. It checks code for potential malicious intent, offers a rules-policy engine that blocks known illegal behaviors and an event-correlation engine that correlates ongoing activities in real-time as an additional defense level. You have to pay a little more for what appears to be better protection, however. Five licenses cost $400 and 100 sets you back $6,732.
"Panda is extremely strong in technology like TruPrevent, but not as well branded as Symantec," says IDC's Kolodgy. "It is a very complete product that has a single-user point of view."
American Risk Solutions adopted Panda BusinessSecure after trying personal and business products from some of the other vendors. "Performance, security and anti-virus protection in one package differentiate Panda from other suites," says American Risk Solutions' Kunz. "It has done an excellent job at keeping my network, mobile and home PCs protected."
Shooting from the HIPS
The trend toward suites is being driven by fast adoption of anti-virus, personal firewall and, more recently, HIPS. Lambert reports that HIPS is firmly on the radar screen of decision makers. Twenty-eight percent of respondents to a Forrester survey indicated plans to purchase desktop HIPS during the course of this year.
Not surprisingly, security vendors are either developing the technology in-house or are acquiring smaller HIPS vendors. But customers are finding that implementing several different desktop tools may not be such a good idea.
"McAfee was the most prone to conflicts and didn't play well with other security products," says Kunz. That's one of the reasons that people are starting to demand one product to cover all their security needs.
"While individual point products are still more popular, the trend is toward suites," says Lambert. "Integrated suites are a much better approach because the various tools work closely together, threat prevention is more comprehensive and management is a lot easier."
Drew Robb is a Los Angeles-based freelancer specializing in technology and engineering. Originally from Scotland, he graduated with a degree in geology from Glasgow's Strathclyde University. In recent years he has authored hundreds of articles as well as the book, Server Disk Management by CRC Press.
|Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!|