Capable antivirus software is the first step in protecting your company's hardware, data, emails, virtual environments and proprietary information. When we spoke with IT specialists about how they choose a security solution, their biggest concern was control. It doesn't matter if one product scored two points higher than another in a malware detection test when they know they can configure the protection software themselves to manage the level of security they desire. So we looked for products with powerful centralized management controls that can be accessed onsite or remotely to manage and monitor endpoint security.
Historically, antivirus software was one program. Now, however, protections are bundled to provide complete endpoint protection or unified threat management (UTM), so security features are included alongside management functions. Solutions include antivirus software, but they may also include antispam, content filtering, email protection, mobile security, data security, firewall management, intrusion prevention and more. Even consumer products often include additional security elements and, increasingly, mobile security features as well.
If you need to secure just a few PCs or laptops and perhaps a handful of mobile phones, most large internet security companies offer versions that manage smaller operations. In this case, you may want to consider products such as Kaspersky Small Office Security or Bitdefender GravityZone (links go to reviews posted on our sister site Top Ten Reviews). The products reviewed in this Tom's IT Pro article are for larger operations that are also looking for server, email and virtual environment protection.
How We Selected These Antivirus Products
We considered well-known products that provide centralized management features for endpoints that also scored high on third-party antivirus tests. The applications that made our list protect all types of endpoints, including virtual, mobile devices, Mac machines, servers and PCs. Most versions also protect Linux and Unix machines as well email servers. These products can manage large volumes of endpoints.
Features often provided by these products, which you may not see in consumer versions, include:
- Centralized management console
- Remote deployment, patch management and updates
- Policy and application control
- Website URL and category blocking
- Advanced reporting
- Change monitoring and file control
- Resource leveling and scan throttling
- File, folder and disk encryption
- Exchange server (Outlook) email scanning
- Internet gateway protection
- Compatibility with Active Directory, Citrix XenServer or VMware vCenter
- Mobile and email incident alerts
Deployment & Pricing
In terms of deployment, most are a mixture of on-premises and cloud-based technologies. Often a small client install is required but can be deployed remotely. Online elements are often included, even with on-premises versions, to support updates, remote management functions and for protecting mobile devices.
Most pricing is subscription-based and may charge per endpoint or per endpoint type, and it may charge a different fee for the management console. Often, paid support plans are also available. If a program provides backup services, that would be an additional charge as well. As with most business services, volume and multi-year discounts are often available. To discover what your exact costs are going to be, you'll need to request a custom quote in most cases.
Information Needed to Obtain a Quote
To get an accurate quote, you'll need a list of all devices you want to protect, including virtual environments, websites, remote or mobile devices, servers, connected devices, PC and Mac machines, file servers, removable media devices, web gateways, hardware filters, and so on. You'll also need to know the technologies employed, such as operating systems and hardware configurations. A network map will also help.
Other considerations include access control, policy management, deployment preferences, resource availability, encryption needs, disaster recovery and backup protocols. You likely already know this information well, but collecting actual quantities and such speeds the quote process.