Over the past six or more years I've ran comparisons between (usually three) AV engines against files.


"Not having issues" is not the same as knowing a product has a ninety-nine-point-seven detection rate.


IIRC the av-comparatives.org (standalone ClamAV test of 2007 IIRC) test suggested running ClamAV behind another AV engine.


That's exactly what I was hinting at.

It strikes me there are enough virus & worm files and enough people under attack to make a good collection if the posters put them together. Then this 'megavirus' collection could be tested by what virus testers you people have installed, and the results collected. I have no virus removal installed whatsoever, & use webmail. But I do have some & some spam with attachments from 2003-5 to throw into the collection. If there's an interest in this I will provide an upload link.

I have now been testing F-Secure and ESET's Smart Security with remote administrator for a couple of days, so as promised, I'll give a bit of an update.

I can't comment on the antivirus engine, as I haven't been able to roll these out to enough clients yet. I can however, comment on the install and the management consoles.

F-Secure:
The install of F-Secure was simplicity its self. It set its self up on a Debian server using the provided .deb file (.rpm also included), and the remote install managed to kick Symantec off the client PCs then install the F-Secure client.
The interfaces looked nice and clean and everything was laid out nicely. The remote management console allowed me to view programs that had tried to access the network on the client machines and select what to do with them. It also gave me the options you'd expect, such as starting scans, creating policies, updating definitions etc.
It wasn't until the scans picked up on some spyware that I started to think the sun didn't shine out of its rear end. I found that I couldn't drill down and find out what had been found, and worse still, I couldn't find out what had been done about it (nor tell it to do something about it).
I got the feeling that there were some critical features missing, so I tried out ESET's offering.

ESET Smart Security:
The server install went smoothly on a Windows XP virtual machine. ESET tell me that they're working on a Linux version of their server daemon.
The client install was nowhere near as smooth as F-Secure. The remote install did not have the option to remove any conflicting software, and gave a cryptic error message consisting mainly of numbers which I then had to google before I could find out that it had encountered some and wouldn't install. On an XP machine I turned off the quiet install, and pushed the installer out again. I then continued the install on the client machine and ticked the box to ignore the conflicting software (I had already uninstalled F-Secure, but it thought it was still there).
I installed the client on a Windows 7 box entirely manually as the remote install did not work at all. F-Secure had a problem with this machine as well, but not on my colleague's Win7 machine.
My first impressions weren't great, but after getting the clients installed and receiving data from them, it all started to make more sense. I was presented with all the information I could ever want. Unfortunately, the management console was a bit cumbersome and counterintuitive (helped slightly by getting the latest version).
After playing around with the management console, I got to understand the way things were done, and I found that information was much easier to come by than F-Secure's offering.


To sum up my findings so far:
F-Secure looks nice, has a great installer, excellent first impressions but then is let down by the lack of information and administrative features.
ESET Smart Security doesn't look so great, has to run on Windows, has a crap installer, but once you get used to it, it should prove to be more powerful than F-Secure.

Being a bit of a FOSS fanboy, I'm used to things being cumbersome, fiddly to set up and looking a bit shabby, but then being able to produce amazing results. This means I'm much more inclined to use ESET over F-Secure.

Hope that's of use to someone.
Cheers

1 members found this post helpful.

Perhaps something is missing on your install?

In my experience with F-Secure you can't tell it how to handle an infection, since it takes whatever action you set up, (delete, ask user . . .) but you do get a report that shows what it has done. It is found on the "Reports" tab (Lower Frame) as well as in the "Alerts" Tab (lower Right Frame) The report is based on HTML, can be viewed in a browser and normally will link to more specific information about that infection on F-Secure's website. Perhaps your resolution screen resolution was too low, there was some other problem rendering the report, or maybe a permissions issue is preventing the report from being written / viewed.

Yes, I'm sure it's possible to do, but it just didn't seem particularly forthcoming.

ESET just gives me all of the information, all of the time, without having to run off reports. I like to be able to see things at a glance for when I'm in a hurry, or when I've got a lot to do.

My resolution is 1680x1050