Berkeley Logic

Friday, June 4, 2010

Small Business Antivirus Evaluation

Detailed Antivirus Product Comparisons for Small Business Clients

By Robert Crabbs
4-27-2010

INTRODUCTION

One of our larger clients just had an Avast! license expire. Because of the wide range of malware threats found on the internet, having a current antivirus subscription is imperative for all computers running Windows.

Unfortunately, Avast’s product fell far short of Berkeley Logic’s expectations. The product was not easily managed from an IT standpoint, and thus took time away from other tasks at the client. In addition, Avast’s technical and sales support staff responded slowly to help requests, and often failed to understand the basic nature of the requests themselves. Their support structure was clearly disorganized and ineffective.

Because of the shortcomings of the client's current security software, Berkeley Logic is replacing it with a competing product. We put substantial effort into searching for suitable replacements, evaluating various offerings based on three primary criteria:

Low performance overhead. The client has a significant number of older computer systems in place in its network. Antivirus software we use should not impair system speed and usability, especially for these older machines.
Strong technical support. Quality product support reduces the overall costs of deploying and managing software, and allows Berkeley Logic to focus on other IT needs of the client.
Low yearly cost. Naturally, reducing operating costs is desirable. Security software should be within budget without sacrificing performance or quality of support.

Berkeley Logic investigated products from sixteen major vendors: Avast!, AVG, Avira, BitDefender, CA, CoreTrace, ESET, F-Secure, G-Data, Kaspersky, McAfee, Microsoft, Panda, Sophos, Symantec, and TrendMicro. This report covers the five antivirus suites that satisfied all three criteria above; the other eleven were found lacking in at least one major aspect. The finalists were:

• Avira Antivir Professional
• AVG Antivirus Business 9.0
• BitDefender Small Office Security
• F-Secure Antivirus
• G-Data Business Antivirus

PRODUCT: Avira Antivir Professional

WEBSITE: http://www.avira.com

Avira’s business antivirus software was one of the fastest security products we evaluated. Performance was minimally impacted, even on the older Dimension 2400 computers at out client. The centralized management software operates smoothly and is generally straightforward.

PROS

Remote deployments proceeded quickly and smoothly
Centralized console is clean and simple
Antivirus engine is known to be quite effective
Software uses little memory and CPU time
Generates custom reports of security status
Can easily configure client software settings en masse or individually

CONS

Somewhat expensive for 1-year licensing
Cannot send alerts or notification emails to Berkeley Logic
Server locates all network computers, but cannot perform mass deployments

PRODUCT: AVG Antivirus Business 9.0

WEBSITE: http://www.avg.com

AVG offers a strong security suite which is both fast and effective. Though somewhat slower than Avira’s Antivir, AVG’s engine also does not affect system speed much. The ability to control individual components of each installation is quite useful, and allows a large degree of performance tweaking. Virus-scan reports can be generated and saved on a schedule. In addition, the AVG server can send email alerts to Berkeley Logic in case of a critical security issue.

PROS

Remote deployments proceeded without errors
Centralized console is clean and simple
Antivirus engine is known to be quite effective
Software uses little memory and CPU time
Generates custom reports of security status
Can send alerts or notification emails to Berkeley Logic
Can easily configure client software settings en masse or individually

CONS

Somewhat expensive for 1-year licensing
Server locates all network computers, but cannot perform mass deployments
Installations take a long time to finish (expensive deployment)

PRODUCT: Bit Defender Small Office Security

WEBSITE: http://www.bitdefender.com

Bit Defender’s software stands out for two reasons. First, it had almost no performance impact, even on very old Dell Dimension 2400 computers. Second, the license pricing is the least expensive of any of the 15 major antivirus products we reviewed. Its centralized management is quite streamlined and easy to use. But despite its simplicity, it also contains many powerful administrative tools beyond the scope of normal antivirus software.

PROS

Remote deployments proceeded quickly and smoothly
Centralized console is clean and simple
Software uses almost no memory or CPU time
Generates custom reports of security status
Can send alerts or notification emails to Berkeley Logic
Supports deployment to any of number of workstations at a time
Can easily configure client software settings en masse or individually
Includes many tools for IT users to manage networked computers
Lowest cost of all antivirus products reviewed

CONS

Antivirus engine effectiveness is somewhat of an unknown to Berkeley Logic

PRODUCT: F-Secure Antivirus

WEBSITE: http://www.f-secure.com

F-Secure’s biggest strength lies in its centralized management interface. Of all the antivirus products we reviewed, F-Secure had the cleanest, most well-organized front-end. Performance impact was noticeable but by no means excessive. We did have an issue using the remote installation tool, though it may simply be a limitation of the trial version we downloaded.

PROS

Centralized management user interface is best-in-class
Generates custom reports of security status
Can send alerts or notification emails to Berkeley Logic
Supports deployment to any of number of workstations at a time
Can easily configure client software settings en masse or individually

CONS

Antivirus engine effectiveness is somewhat of an unknown
Yields somewhat slower performance than the other offering
Could not use remote deployment with the software package we downloaded

PRODUCT: G-Data Business Antivirus

WEBSITE: http://www.gdatasoftware.com

G-Data’s antivirus product is unique in that it employs two separate scanning engines (Kaspersky and BitDefender) to search for viruses. While we expected this approach to make a larger drain on computer resources, G-Data actually impacted performance less than most of the other antivirus suites. The centralized console is well-organized and relatively easy to use, though it does not generate on-demand reports like many other products do.

PROS

Remote deployments proceeded quickly and smoothly
Centralized console is clean and simple
Software uses little memory or CPU time
Can send alerts or notification emails to Berkeley Logic
Supports deployment to any of number of workstations at a time
Can easily configure client software settings en masse or individually

CONS

Does not generate custom reports of security status

EVALUATION CRITERIA

Each antivirus product was evaluated based on the following:

Ability to install and uninstall on network computers via a server-end application
Ease of client management (updating, changing settings, etc.) after installation
Quality of client status monitoring and virus reporting
Performance impact on workstations (i.e. startup times, file access, internet browsing)
Support of Windows Server 2003 and Server 2008
Effectiveness of scanning engine at detecting/preventing/eliminating threats
Yearly licensing cost

CONCLUSIONS

The table below shows the relative rankings of each product in several categories, with 1 being best and 5 being worst.

	Avira	AVG	Bit Defender	F-Secure	G-Data
Yearly Cost	5	4	1	3	2
Performance	2	3	1	5	4
Ease of Deployment	2	3	1	1	1
Ease of Client Management	2	1	2	2	2
Reporting and Alerts	2	1	1	1	3
Effectiveness	Good	Good	Unknown	Unknown	Good
OVERALL RANK	3	4	1	5	2

All five of the finalist security suites proved to be strong candidates; there is no clear “best” antivirus product. For example, it is true that BitDefender ranks top in most of the categories. However, the differences were often small. Other differences in features were not readily quantifiable; each central interface had advantages the others did not.

Each offering’s centralized management interface seemed polished and easy to use, though F-Secure’s stood out among the rest. There were a few caveats as well. Some of the products did not seem to support mass network installations, which increases their total cost of deployment. Others, like Avira, did not have advanced notification and alert tools to inform Berkeley Logic of possible virus threats.

Performance is important, naturally, but less so as older Celeron and Pentium computers are gradually replaced by newer Intel and AMD processors. Still, not all of the aging workstations have been replaced. Fortunately, every one of the antivirus suites ran smoothly on 6-year-old Dell Dimension 2400 Celeron systems. F-Secure was somewhat slower than the others, and BitDefender appeared to barely impact performance.

Because all of the offerings are strong, perhaps yearly cost is the deciding factor. Berkeley Logic happened to get a good deal since we signed up as new reseller for BitDefender.

For other organizations looking to pick a new antivirus solution, we hope these notes will provide you with some insight into your research and help you make a good choice.

-- Robert Crabbs (rcrabbs@berkeleylogic.com)

Back to Blogging

Well, it's been a looooong time since my last posting on the Berkeley Logic blog. I could make up some excuses, but I'll just cop to laziness!

But, we have some new and fairly interesting things going on at Berkeley Logic, so we're going to step up our blogging and social media efforts.

We have some interesting blog posts coming up, including Robert Crabbs comprehensive look at antivirus products for small businesses, our picks of the best new computers, and a look at digital signage with cloud-based services.

But, on a daily basis we'll try to give out some quips and other tech tidbits on the Berkeley Logic Facebook page. Come on by the page and give us a Like to keep up on the daily IT buzz from a Berkeley Logic perspective.

Vern

Sunday, March 8, 2009

Windows 7 -- Boy am I pissed!

I downloaded the Windows 7 preview DVD a while back. And, with my lab now back into shape I decided to load it on one of my bench computers. Well, after I got a look at how much better the user interface became, how much faster and simpler the installation process had become, and all of the other little refinements, I wasn't happy that they had finally gotten closer to fixing it.

No, I was pretty pissed that Microsoft has perpetrated another multi-billion dollar fraud on the public and got people to pay through the nose just to once again be test subjects!

I would say the difference between Vista and Windows 7 is significant. It is significant enough that you should wait until Windows 7 becomes available before doing any significant Windows XP-to-Vista upgrade projects. In my view, Microsoft came clean at the last developer conference where they published their roadmap for Windows 7 and released the beta. They have clearly given up on Vista and so should you if you are planning what to do with a Windows XP sites a few years from now.

Let's face it, we'll have to upgrade old corporate XP computers eventually. They will start to wear out. But, given what Microsoft said at the last PDC you'd be crazy to say that Vista is the way to go and then start buying new systems with Vista. I am sure there are millions of sites around the world that have stumbled into the Vista upgrade path by blindly buying new systems and now they are stuck with a dead-end OS. Seems like the Windows Millennium debacle all over again.

So, this puts a real squeeze on the computer manufacturers. After facing up to the fact that smart people are going to wait for Windows 7, now the computer makers are facing a worldwide recession. I suppose the industry can look forward to a "Windows 7 bump" sometime in 2010, but that seems like a long way off in March 2009.

-- Vern

Review - MSI Wind U100 Netbook

Just like everybody else, I am intrigued with the new "netbook" class of computers. I am curious if it will be useful to small businesses as a way for a worker to easily connect back to their desktop and access applications. Using Microsoft's Remote Desktop Connection (RDC) one should be able to run specialized applications from a netbook without actually installing the software on the netbook.

So, I undertook a "chore" that most computer geeks like me actually cherish: a review of a new IT hardware product. Unfortunately, no one is sending me free netbooks for review, so I needed to pick the one I thought was the best and give it test run in some of my customer sites.

The main thing that distinguishes the netbook is the use of the new Intel Atom processor, which comes in a package smaller than a child's fingernail. Besides using a platform built around the Atom chip, netbooks are less than 3 pounds in weight, don't have an optical drive, have from 512Mb to 1Gb of RAM, and 120 Gb of hard drive space. The screens range in size from 8 to 10 inches in size using a widescreen pixel layout (1024 by 600). Most have webcams. All of the viable netbooks run Windows XP Home. The sweet spot price for a well-equipped netbook seems to be $400.

These are clearly kid computers. Some adults will have a hard time seeing the densely-packed pixels on the small screens. Optimized for email and web surfing, netbooks also support real time video chat. I think they will amp up the already frenetic pace at which kids adopt technology.

Perfect for high school or even going off to college, they are affordable enough so that if they are lost or destroyed then it isn't a huge disaster. Netbooks aren't quite fast enough to handle business chores, like Office 2007, so I don't think that IT departments are going to care too much about them at this time.

ASUS is credited with shipping the first netbooks, and they also pioneered the use of flash memory for hard drives and the use of Linux as a desktop OS. Many of the other competitors matched the use of flash hard drives and Linux, but that now appears to be a dead end in the netbook market.

After sleuthing around I settled on the Lenovo Ideapad S10 mainly because, as an old fart, I needed the biggest screen possible and the Ideapad had a superior keyboard layout. They are also a leading global vendor, and my distributor had supplied this product in late 2008.

Much to my dismay, the channel was sold out so I had to make an alternative selection. I eventually settled on the MSI Wind U100 (model 432US). Mine is black and has a six-cell Lithium-ion battery, 1.6 GHz Atom N270 CPU, 1 GB RAM, 120 GB HD, Intel GMA 950 video with a VGA-out port, Ethernet 10/100, Wi-Fi 802.11b/g/n, 10" widescreen (1024x600), 1.2 megapixel webcam, and a built-in microphone. The retail price is about $409. You can get this exact unit on Amazon.com for less than $400.

MSI, aka the Taiwanese giant Micro Star International, is a major motherboard and component manufacturer. Like ASUS, MSI is now trying to sell whole systems under their brand.

Basically, I am thumbs up on the MSI Wind netbook. It feels solid, the texture of the interior surfaces is nice, but the shinny outside surface can get a little messy with fingerprints. The trackpad should be bigger. The keyboard isn't perfect, with the comma and period keys being smaller than they rest of the alphabet keys. Power management is good with a pre-set that uses hibernate mode, which is usually more reliable than Windows sleep mode and saves on battery drain. We didn't really do a drain test, but we were able to get 3 hours of use without a charge.

There are no complaints when it comes to performance. With a full gigabyte of RAM, Windows XP works fine. I didn't install any heavy-duty programs, but I did manage to get some image editing programs to run OK. The Wi-Fi networking is reliable, but the range seems a bit limited, probably due to the limited size of the internal antenna. I was unable to test the N networking, so I can't confirm that it makes any difference. The hard drive performance is good, which in the past was a problem with budget portables. I wonder how the constant movement a netbook can experience impacts the reliability of the hard drive.

I think the main thing that concerns me is durrability. How will it survive a drop? When will the hard drive fail? How many power cycles will the battery survive? Does the hinge break or is there a seam that comes loose? Nothing like that has happened to mine, yet. In my personal experience, I have found that MSI motherboards can be overly sensitive to heat, so I suppose that is the source of my concern especially versus a vendor like Lenovo.

I have tried to use the netbook in a few business situations. Remote desktop works good, and one can get at applications running on the desktop. However, the small screen seems to be a problem for using catalog-type applications and looking a diagrams and instructions. So, I don't see a lot of adoption in business, yet.

I'll continue to test this unit at some other customer sites, so perhaps netbooks will find a place at Berkeley Logic customers. But, until then I think they are great little computers for young people. And, it fits nice in my bike messager bag!

-- Vern

Tuesday, August 26, 2008

Welcome to Cal Students!

It's still summer in Berkeley, but the University of California campus is swarming with new students. Berkeley Logic welcomes back returning as well as new students!

Just in case any of you are looking for a job, we are always looking for talented young men and women who are looking for a flexible, interesting gig with our Berkeley and North Oakland customers.

For more information check out our recent fliers seen around campus, our Jobs Page as well as our recent craigslist posting.

-- Vern

Monday, June 9, 2008

Google Apps: Hella IMAP

As the kids say in North Oakland and Berkeley, the IMAP service built into Google Apps and Gmail is "hella good." Why such a strong accolade? It is because Gmail is now the leading mass-market free email system, and adding IMAP to that free offering puts it over the top. With the Google Apps packaging and support for custom domain names, the system is tailor-made to accept the content of other repository-based enterprise accounts. This is an opportunity for Google to grab market share from Microsoft in the elusive small business category. And, it is an opportunity for small business IT specialists like Berkeley Logic to provide the services and support necessary to ensure a smooth transition to what looks like email nirvana in the cloud.

IMAP promotes Gmail into an efficient, standards-based email repository system. With IMAP one may use a client like Thunderbird or Outlook and not even see the Google advertising. This new, freely available IMAP server's feature list is extensive: search (one may "google" ones own email, easily finding old correspondence), carrier-class infrastructure, 6 Gb storage capacity, very large attachments, and the cost is literally zero.

Creating an alternative to Microsoft Exchange is a holy grail in the Open Source and ABM (Anybody But Microsoft) worlds. Thousands of huge enterprises around the world have a crack-like addiction to the email, shared folders, and calendaring functions of Microsoft Exchange and Outlook. There is a continuous churn in companies relicensing Exchange and some big enterprises are looking to avoid the big hardware and software investment to go with an Exchange 2007 upgrade.

There are also thousands of small businesses (5 to 100 employees) in the United States that are using in-house implementations of Microsoft Exchange and Outlook. Google Apps is aimed squarely at those small enterprises who don't use the advanced features of Exchange or could adapt to Google Calendar and Google Docs as a practical groupware solution.

I think the IMAP feature for Gmail released in late 2007 might just be the pixie dust needed to accelerate the advance of Google Apps for small businesses. With the availability of the feature-rich IMAP protocol for Gmail, it and Exchange now share a critical set of features that enables a smooth migration to Google Apps. Using a scripting language like Python or PHP, several developers, including Google, have already deployed web-based tools that transfers an email repository from Exchange to Google Apps using the IMAP protocol.

At Berkeley Logic we use a Linux-based tool called imapsync to write shell scripts that transfers cpanel-based IMAP email repositories to Gmail. Our imapsync server runs in the LMi.net data center directly connected to a high-speed Internet backbone. While this hot connection makes transfers go a lot quicker, we have found that one needs to be careful not to overload any IMAP server with multiple simultaneous transfers.

For home and small business users I think the greatest feature of Gmail is the fact the data is stored in the Google global "cloud" which is backed up by one of the world's most extensive data networks. This means that all that valuable personal and business data locked in personal hard drives doesn't have to be vulnerable to the eventuality of hardware failure. And, all of that old data all of a sudden becomes useful once again.

I became sold on this technology after I used Gmail IMAP to upload my old mail archives. I have managed to keep an email archive dating back to 1997. Using Thunderbird I was able to upload 57,000 old email messages into my All Mail and Sent folders. I should have used imapsync, which was thankfully found later, but this exercise helped me get used to the nuances of IMAP Gmail, such as the fact it doesn't store duplicate messages.

The ability to quickly find any old email is a stunning productivity-enhancer. Not only is much time saved looking for a critical document, but I have begun to use the feature to look for things I wouldn't have bothered with in the past. It definitely has made keeping that 57,000 message archive intact worth the effort.

We are definitely very excited about the possibilities that Gmail, Google Apps, IMAP and Thunderbird gives Berkeley Logic and our customers. We are now actively looking for more small businesses who want to switch over to what we believe is email nirvana in the cloud. We believe the safety, speed, search power, and the flexibility of Gmail and Google Apps provides a compelling solution for thousands of small businesses in the East Bay.

Tuesday, May 13, 2008

Berkeley Logic sells computers

Good news! Berkeley Logic is authorized to resell Dell computers. I know what some of you are thinking: "Yuck, you like Dell?" Well, we actually are not ashamed of reselling Dell computers, and here is why.

Let's face it, there are only three or four major PC makers left in the world: Dell (USA), HP-Compaq (USA), Lenovo (China), and Acer (Taiwan). When judging what brand is better in terms of reliability, it is always best to look at industry statistics rather than one's personal experiences. Based on my research, all of the these vendors are putting out a good product that should last for at least three years and maybe as long as five years. The "Lemon Rate" for these vendors is way below 1%.

Besides, if you are buying basic box-type computers then most of the components are just a commodity and all of the manufacturers put out essentially identical boxes that differ slightly in performance, price and support options. All of the manufacturers have speciality products, such as small form factor designs. Laptops is certainly an area where the vendors differ significantly.

Given the fact the PC industry is highly commoditized, what made Berkeley Logic choose Dell for our recommended PC maker? First of all, Dell's online configuration tool is the best in the industry and saves a lot of headaches, especially when it comes to buying servers. Also, I have had good experience with onsite Dell service technicians where they will replace parts readily (including laptop parts that have been abused by a user). Finally, Dell is a little less anonymous for me because Berkeley Logic has our own real person sales team that sits in an office in Oklahoma City. So we have real people and phone number we can use to escalate problems or get quick answers.

Also, Dell is making an effort to get rid of the bloatware present in many pre-installed systems. They have a new line (Vostro) that is specifically designed for the small business user who doesn't want to wade through a bunch of junk to get going with their new PC.

So, for Berkeley Logic these factors push Dell past the others, but race is very close at the finish line. Since the products are largely commodities we are always looking at the competition and occasionally choosing non-Dell solutions. We like the small form factor designs from Acer, and I have had some pleasant experiences with HP's business-class laptops.

In any case, if you are looking to upgrade or buy some new systems, the Berkeley Logic will be able to meet your needs with a cost-effective, well integrated solution.

Vern