“The detection rate of McAfee is not at the top level, although it is still one of the better ones,” he added. “Corporate administrators are looking for features like very few false positives because they can be as bad or worse than an infection in terms of the disruption they cause,” Stelzhammer said.
That’s a key feature in an enterprise environment, said the organization’s co-founder, Peter Stelzhammer. DeepSAFE is currently offered only in McAfee’s Deep Defender product.Īccording to independent anti-virus testing organization AV-Comparatives, Endpoint Protection Suite’s strength is its low rate of false positives. DeepSAFE is a hardware-assisted security platform that operates below the operating system level, similar to a hypervisor, to protect against rootkits and other stealthy malware. Somewhat surprisingly, Endpoint Protection Suite does yet not leverage the DeepSAFE kernel monitoring technology that McAfee has developed with parent company Intel, which acquired McAfee for $7.7 billion in August 2010. Sandboxing technology allows unknown applications to run in an isolated environment similar to a virtual machine, so that any actions they take can’t affect the rest of the system.
#MCAFEE COMPLETE ENDPOINT PROTECTION SUITE DOWNLOAD#
Administrators can configure the level of protection from blacklisted files they can be blocked, quarantined, or downloaded.īehavioral analysis also monitors the activities of files at run time, blocking or providing a warning when files attempt to carry out suspicious or unexpected actions on your computer - such as modifying certain parts of the registry, altering core operating system components, or attempting to download other files. Endpoints check this blacklist before opening any file, offering protection against these malicious files within a few seconds of their first being encountered, well before a specific signature for the file has been developed.
The information is sent back to McAfee, which maintains a blacklist of malicious files. In common with similar networks operated by the likes of Symantec, Trend Micro, and Kaspersky, GTI collects information about malware encountered by its sensors - which include business and consumer endpoints using McAfee security software. McAfee also operates a malware data-gathering network called McAfee Global Threat Intelligence (GTI,) which it uses to identify emerging threats as they break out around the world. Using EPS, your endpoints can download new signature files directly from McAfee, or you can host a proxy server which downloads the signatures and passes them on to endpoints over your local area network. Signature-based virus protection is an area in which McAfee is highly experienced. It is aimed at small to mid-sized and larger enterprises with between 1 users, but can be used in even smaller organizations or scale to many thousands of users. McAfee’s Endpoint Protection Suite (EPS) relies on standard anti-virus technologies to protect Windows-based desktops, laptops, and servers.
0 kommentar(er)
