Cloud-based antivirus products can provide several benefits: centralized management, simpler PC deployments and less reliance on users. But how well do these products protect your systems?
This review compares three cloud-based antivirus services with a traditional antivirus product -- as well as with one another. Find out if it's a good idea to move your endpoint protection services to the cloud.
The products tested
The following cloud antivirus products were tested for this review:
- McAfee Total Protection Service v5.0.0
- Trend Micro TRVProtect v8 SP1
- Panda Cloud Office Protection v5.04.01
These three products work only on Windows PCs since they each install software on the desktop.
To put these offerings into perspective, we compared them with Symantec Endpoint Protection Small Business Edition v12.0.1. In this traditional client/server antivirus product, a central server manages the various endpoint desktop clients. (While Symantec doesn't have a comparable cloud-based antivirus service, its MessageLabs division has a cloud-based email protection.)
Note: Microsoft offers two free cloud-based antivirus services: Security Essentials and Intune. However, since both these products are designed for single PC installations, they weren't reviewed for this article.
The testing process
We focused on how to prevent malware such as spam and viruses from being transmitted around your network, how to protect desktops from phishing and other attacks that can be launched from a browser window, and ways to beef up the supplied Windows firewall to detect and repel intrusions.
Our test PCs ran Windows XP with Service Pack 3 and Internet Explorer 8. On each, the C: drive was reimaged with Acronis True Image Workstation to return it to a virgin state without antivirus software installed. On one PC, we purposely installed Metasploit -- a common hacking tool that contains all sorts of mischief -- to see how each product's scanner would react.
How cloud antivirus products work
Cloud antivirus services all work the same way -- a small agent or client piece of software runs on each desktop and makes a connection to the central monitoring server in the cloud. As long as you have an Internet connection, updates to the virus signatures are automatic. In terms of protection and processing, most of the heavy lifting happens in the cloud, and as a result, the client needs little memory footprint. The central server's console is where you keep track of infections, users and other reports, and it can be viewed from an ordinary Web browser.
Benefits for moving your endpoint protection to the cloud include the following:
- You don't have to worry about users turning off protection software or forgetting to install the latest virus signatures.
- You can instantly see what is happening across your network and which PCs are protected.
- PC deployment is simplified because there is less software to install.
- In some cases, you can even initiate antivirus scans through the cloud service and, once again, not have to depend on individual user behavior.