AntiVirus Research and Testing

The internet has changed since we first started using it in the late 1980's.  In today's internet there are those who either want to track everything you do on the internet and fill up your mailbox with unwanted junk to those who want to misuse your computer for their bad intentions.  Even the corporations who produce products that say that they are protecting your computer are seeming to rely on their brand names that they established in the past to state that they can protect your computer.  Lorimer Network Research, Inc. has taken an approach to constantly test antivirus and anti-spam products.  What we found was disturbing.  Of the major antivirus products on the market none of them appear to protect the everyday user, this does not mean that they are bad products  but that their default installation parameters are poor and update process are not easily configured by the user and are often a day late and a dollar short with a filter to catch the latest virus. 

Updates themselves are confusing to the user and do not realize that the manufacturer's are expecting the user to provide a recurring revenue stream by the user buying yearly updates to keep their systems protected.   I have watched as a new company was getting started and did not have a dedicated line set up yet connect into a major ISP and had one of the popular antivirus products on their system be attacked and had a virus within 10 minutes of being online.   Waiting a day to check for an update is often to late for today's internet.   The bottom line is you can not afford to catch a virus or inadvertently spread one. 

We have often been called to deal with virus outbreaks on systems "protected" by the other vendors so in 2007 be aware that sometimes it pays to research small companies.  If you are unsure of your system Trend Micro provides a free online scanner.  We have often used this tool to provide proof to a computer owner that their system was infected even though they had one of the big commercial products installed.  For small number of licenses you can purchase these products online.  Also do not forget to protect your Instant Messenger product.    If you want to hook up with a reseller send us an email and we will provide you with a quote to get the best pricing for multiple licenses (info@lornet.com).

Products we have tested and ranked: Rating's are achieved by total product coverage across enterprise platforms (Gateways, UNIX/LINUX, Windows Servers and Desktops, Mail Systems) on catching and removing not necessarily cleaning.

Anti-Virus (Note:  All the products below detect and clean)

  • NOD32 (Excellent Detection - Fast response to Zero Day Exploits - Checkmark and ICSA Certified)

  • Kaspersky Labs (better product - Fast response to Zero Day Exploits)

  • BitDefender (Better Product - Fast response to Zero Day Exploits)

  • Avast! (Better Product - Fast response to Zero Day Exploits)

  • AntiVir (Better Product - Fast Response to Zero Day Exploits)

  • Norman (better product)

  • ClamWin  (Better Product - Free and Open Source)

  • CA's eSafe (good product) or ZoneAlarm (both use Checkpoint/Zone Lab's Firewall and the CA antivirus and antispyware decent catch rate)

  • Trend Micro (covers the most applications and systems with good detection and removal but catch rate is dropping)

  • VirusBuster (better product)

  • Command Antivirus (better product)

  • F-Prot (good product, wide spectrum systems coverage - Fast response to Zero Day Exploits but not always full exploit coverage )

  • Panda (good product really bad tech support, enterprise version: desktop users can uninstall without password prompt, no auto deployment, exceedingly difficult to uninstall)

  • AVG  (Very slow to react completely to zero day exploits: As of 1/1/2006 covered 13 of 73 variants to the WMF exploit)

  •  McAfee (High rates of infection using this product, catches after infection but can not clean)

  • Earthlink Antivirus (In the field shows high rates of infection)

  • AOL Antivirus (In the field shows high rates of infection)

  • Norton (has the least detection of all tested, often machines with infections have this product installed)

  • Microsoft Live One Care (The worst product we have ever tested.)

Email Antivirus Only Products (specifically Exchange)

  • NEMX (good product has anti-spam features we like email only)

  • GFI (good product, email only)

 

Online Scans we recommend, provided you can get to it in an emergency:

Trend Micro Housecall

Lorimer Network Research, Inc is an Information Technology Consulting Company based in Ouray County Colorado and serves clients in Ouray, Ridgway, Telluride, Montrose, Denver, Colorado Springs.  Our local service covers Ouray County, Montrose County, Delta County, San Miguel County with highly qualified engineers who care deeply about our clients.