02 03 04 05 06 08 09 17 / - - / GREYCORTEX MENDEL / 10 / 11 18 18 20 21 22 24 25 26 27 ENDPOINT SECURITY ENDPOINT ANTIVIRUS FILE SECURITY MAIL SECURITY REMOTE ADMINISTRATOR VIRTUALIZED SOLUTIONS SHARED LOCAL CACHE AGENT-BASED FOR VMware VIRTUALIZATION SECURITY FOR VMware MOBILE DEVICE SECURITY ANDROID ENDPOINT SECURITY FOR ANDROID ios MOBILE DEVICE MANAGEMENT FOR APPLE ios 49 28 29 31 32 33 34 35 36 38 39 40 41 42 44 47 50 50 51 51 52 52 53 54 GATEWAY SECURITY V7( ) BUSINESS SECURITY PACKS BUSINESS SOLUTIONS SCHOOL SITE LICENSE - - ENDPOINT ENCRYPTION SECURE AUTHENTICATION SAFETICA ENTERPRISE INSPECTOR THREAT INTELLIGENCE SERVICE GREYCORTEX MENDEL DYNAMIC THREAT DEFENSE NOD32 ANTIVIRUS INTERNET SECURITY MULTI-DEVICE SECURITY SMART SECURITY PREMIUM CYBER SECURITY (FOR macos) CYBER SECURITY PRO (FOR macos) MOBILE SECURITY (FOR Android)
AV-Comparatives AV-Comparatives PC / Mac AV-Comparatives AV-Comparatives 2017 2 AV-Comparatives - AV-Comparatives 12 Microsoft Outlook AV-Comparatives Smart Security Outlook 99.96 Virus Bulletin Virus Bulletin / 1989 Virus Bulletin www.virusbulletin.com 02 NOD32 100 Virus Bulletin VB100 NOD32 1998 5 VBSpam certification VBSpam VBSpam VBSpam Virus Bulletin 18 Mail Security for Microsoft Exchange Server( ) 17 99.999 26 18 VBSpam + About SE Labs SE Labs Dennis Technology Labs AMTSO.org Simon Edwards SE Labs SE Labs https://selabs.uk/ Smart Security 9 SE Labs AAA 100 ComputerDIY Linux & OSS NOVA PCDIY
NOD32 2016 70 7 Endpoint Protection Standard SPAM 90% / MOMENT Endpoint Protection Standard PC Branded Lifestyle Branded Lifestyle NOD32 Branded Lifestyle HANG TEN Arnold Palmer H:CONNECT LEO Roots Windows Server/ Client MAC OS Linux Android MIS POS Windows XP IT Windows XP USB Endpoint Security ( ) 03
Version 2 Limited 04 Version 2 Version 2 V2 IT Version 2 Version 2 1000
1992 NOD32 Antivirus Internet Security Rootkits Business Security Solutions 30 Virus Bulletin 100 500 Deloitte's Technology Fast 500 1 180 GREYCORTEX MENDEL GREYCORTEX MENDEL 05
LiveGrid Cyber Kill Chain UEFI UEFI UEFI UEFI *UEFI PC DNA DNA DNA 06 Machine Learning Augur LiveGrid LiveGrid LiveGrid LiveGrid HIPS HIPS Host-based Intrusion Prevention System
1995 ( Flash Java ) 07 - - / DNA
08 1 180 30 Virus Bulletin 100 LiveGrid
10 11 12 13 14 15 VS. VS. VS. VS. Sophos VS. McAfee 09
10 AV-Comparatives 2017 AV-TEST 2017 (for macos) AV-Comparatives www.av-comparatives.org AV-Comparatives AV-T www.av-test.org/en AV-TEST IT AV- Test
產品比較 / VS. 趨勢 為何選用 ESE T 11
產品比較 / VS. 卡巴斯基實驗室 為何選用 ESE T 12
產品比較 / VS. 賽門鐵克 為何選用 ESE T 13
產品比較 / VS. Sophos 為何選用 ESE T 14
產品比較 / VS. McAfee 為何選用 ESE T 15
18 18 20 21 22 24 25 26 27 28 29 31 32 33 34 35 36 38 39 40 41 42 44 47 ENDPOINT SECURITY ENDPOINT ANTIVIRUS FILE SECURITY MAIL SECURITY REMOTE ADMINISTRATOR VIRTUALIZED SOLUTIONS SHARED LOCAL CACHE AGENT-BASED FOR VMware VIRTUALIZATION SECURITY FOR VMware MOBILE DEVICE SECURITY ANDROID ENDPOINT SECURITY FOR ANDROID ios MOBILE DEVICE MANAGEMENT FOR APPLE ios GATEWAY SECURITY V 7( ) BUSINESS SECURITY PACKS BUSINESS SOLUTIONS SCHOOL SITE LICENSE - - ENDPOINT ENCRYPTION SECURE AUTHENTICATION SAFETICA ENTERPRISE INSPECTOR THREAT NTELLIGENCE SERVICE GREYCORTEX MENDEL DYNAMIC THREAT DEFENSE 17
ENDPOINT SECURITY ENDPOINT ANTIVIRUS ThreatSense rootkit / Endpoint Security Endpoint Security Endpoint Security 18 Endpoint Security HIPS Share Local Cache IE Google PDF JAVA Flash web2.0 Live Grid Windows 10 8.1 8 7 Vista macos 10.121 10.11 10.10 10.9 10.8 10.7 10.6 Linux (Linux Endpoint Antivirus ) Red Hat Mandriva SUSE Debian Ubuntu Fedora (x86 & x64)
1 2 3 4 19
FILE SECURITY Remote Administrator / Live Grid HIPS 20 Web HTTP / HTTPS URL Cluster Hyper-V DC SQL Server IIS Windows Server 2016 2012 R2 2012 2008 R2 2008 2003 SP2 (x86 & x64) Server Core 2016 2012 2008 R2 2008 (x86 & x64) SBS 2011 2008 2003 R2 2003 Linux Server Kernel 2.6.x Glibc 2.3.6 FreeBSD 6.x 7.x 8.x 9.x
/ POP3 SMTP IMAP Web Mail Security VB SPAM + 1070201 3 / 15 35 Mail Security for Exchange Server Microsoft Windows Server 2016 2012 R2 2012 2008 R2 2008 2003sp2 Microsoft Windows SBS 2011 2008 2003 Microsoft Exchange for Server 2016 2013 2010 2007 2003 Mail Security for Linux Linux 2.6.x glibc 2.3.6 FreeBSD 6.x 7.x 8.x 9.x Mail Security for IBM Lotus Domino Microsoft Windows Server 2016 2012 2008 R2 2008 2003sp2 IBM Domino Server 6.5.4 Mail Security for Kerio Microsoft Windows 2016 2012 2008 R2 2008 2003sp2 Microsoft 2011 2008 2003 2003 R2 Kerio Kerio Connect 7.4.x Kerio Control 7.4.0 7.4.1 7.4.2 MAIL SECURITY 21 Web
REMOTE ADMINISTRATOR / Web Remote Administrator ( ) 22 Windows Linux OVA VMware Hyper-V Virtualbox Web IT Web MIS Remote Administrator Proxy Remote Administrator Proxy Rogue Detection Sensor RD Sensor Web / Remote Administrator Remote Administrator Agent Web https://support.eset.com/kb3527 TLS 1.0 Windows Server 2016 2012 R2 2012 2008 R2 2008 2003 sp2 (x86 & x64) Linux Server Redhat CentOS Ubuntu VMWare Workstation VMWare ESXi/vSphere Hyper-V VirtualBox 4GB 40GB 20GHz 1Gbit/s
1 Web 2 3 4 23
VIRTUALIZED SOLUTIONS SHARED LOCAL CACHE AGENT-BASED Shared Local Cache Shared Local Cache Remote Administrator 6 ( ) 20%~70% Windows Windows Server macos X Endpoint Antivirus 6 For Windows macos Endpoint Security 6 For Windows macos File Security 6 For Microsoft Windows Server 24
VIRTUALIZED SOLUTIONS FOR VMware VIRTUALIZATION SECURITY FOR VMware VMware NSX VMware Virtualization Security 1070201 3 / 16 35 VMware NSX AV storms VMware VM Unilicense Guest Windows XP SP3 (32 bit) ~ Windows 10 (32 & 64bit) Windows Server 2003 SP3 (32bit) ~ Windows Server 2016(32 & 64bit) VMWare vsphere vsphere 5.5+ NSX Manager 6.3 Remote Administrator 6.5+ Virtual Agent Host deployed as VM ESXi CPU 64-bit CPU Xeon E5-2690 v3 2.50 GHz 64 GB local 551 GB shared 650 GB 1~63 64~127 128~255 256~511 512~1024 CPU 1 2 4 8 16 1GB 2GB 2GB 2GB 2GB 1~1024 CPU 1 1GB 25
MOBILE DEVICE SECURITY ANDROID ENDPOINT SECURITY FOR ANDROID Remote Administrator ThreatSense : Android 4.0 SIM SMS 26 SIM
MOBILE DEVICE SECURITY ios MOBILE DEVICE MANAGEMENT FOR APPLE ios ios Remote Administrator Safari itunes YouTube ios - Exchange Wi-Fi VPN iphone ipads ios 8.0 icloud 27 ios 6.3+
GATEWAY SECURITY HTTP FTP / rootkit Gateway Security for Linux/BSD/Solaris Linux 2.6.x glibc 2.3.6 FreeBSD 6.x 7.x 8.x 9.x HTTP FTP Gateway Security for Kerio Microsoft Windows 2016 2012 2008 R2 2008 2003 Microsoft 2011 2008 2003 2003 R2 Kerio Kerio Connect 7.4.x Kerio Control 7.4.0 7.4.1 7.4.2 28 ICAP IP ThreatSense
1. Windows Linux Web 2. UI 3. / Ransomware V 7 V 7 7. Ransomware Shield HIPS Host-based Intrusion Prevention System 8. Dynamic Threat Defense Enterprise Inspector V 7 ( ) 4. Windows macos Linux 29 5. WYSIWYG 170 6. Virtual Desktop Infrastructure VDI
V6 / V7 ERA6.x V7 Web Console ( ) Web console ( ) Java 8 Web Console Proxy Rogue Detection Sensor Apache HTTP Proxy ( ) ERA Proxy SNMP Trap VDI ERA 6.x 7 ( HIPS ) Dynamic Threat Defense Dynamic Threat Defense 7 - Dynamic Threat Defense 30 hypervisor ( ) VDI Web Console Management ERA ERA Proxy Management Proxy Enterprise Inspector ERA 6.5 Enterprise Inspector ESMC Web Console Enterprise Inspector EEI ESMC ERA 6.5 MDM Android ios ios DEP Security Management Center MDM 7 Android Device Owner
31
BUSINESS SECURITY PACKS 5-20 ( ) 1060204 3 / 5 34 32
25 1060204 3 / 1 2 3 6 34 1070201 3 / 13 14 35 BUSINESS SOLUTIONS 33
SCHOOL SITE LICENSE 1060204 4 / 1 2 3 33 1070201 4 / 13 33 34
106 ( :1060204) 106/10/16-107/10/15-35 107 ( :1070201) ( - : bit.ly/2qqwy9i )
- 106 ( :1060204) 106/10/16-107/10/15 36
( :1070201) ( - : bit.ly/2qqwy9i ) 107 37
ENDPOINT ENCRYPTION MSI 38 AES 256 Microsoft Windows 10 8.1 8 7 Vista XP SP 3 Microsoft Windows Server 2003 2008( 64 ) Microsoft Windows 10 8.1 8 7 Vista XP SP 3 Microsoft Windows Server 2003 2008( 64 ) 2012 Microsoft Windows RT ios 8.0 (iphone ipad ipod)
Microsoft Exchange 2007 2010 2013 Outlook Web Access / App OWA Exchange Control Panel 2010 Exchange Administration Centre 2013 RADIUS API SDK PCI-DSS / HIPAA 2FA-OTP VPN Microsoft SharePoint Microsoft Dynamics CRM VMware Horizon View Microsoft Windows Server 2003 2003 R2 2008 2008 R2 2012 2012 R2 x64 & x86 2016 Windows Small Business Server 2008 2011 Windows Server 2012 Essentials Windows Server 2012 R2 Essentials Windows Server 2016 Essentials Windows 7+ ios 6 ~ 11 iphone Android 4.0 ~ 8.0 Windows Phone 7 ~ 10 Windows Mobile 6 BlackBerry 4.3 7.1 10 Symbian J2ME J2ME SECURE AUTHENTICATION Windows AD UAC 39 Microsoft ADFS 3.0 / IP
SAFETICA Safetica (DLP) ( / ) ( HTTPS )- ( ) ( ) Safetica ( ) 40 Safetica USB FireWire SD / MMC / CF SCSI ( ) ( SMTP POP IMAP Microsoft Outlook / MAPI ) SSL / HTTPS ( ) - ( ) / IR / LPT / COM / Parallel CD / DVD / ( Agent) Microsoft Windows 7 8 8.1 10 Professional (32/64 ) Windows Server 2016 Microsoft Windows Server 2008 2008 R2 2012 2012 R2 x64 & x86 2016 ( ) MS SQL 2008 R2+ MS SQL EXPRESS 2012+
ENTERPRISE INSPECTOR APT ENTERPRISE INSPECTOR ENTERPRISE INSPECTOR ENTERPRISE INSPECTOR ENTERPRISE INSPECTOR ENTERPRISE INSPECTOR 41
THREAT INTELLIGENCE SERVICE API STIX / TAXII SIEM API YARA YARA / 42 C & C Hash
DNA LiveGrid LiveGrid LiveGrid LiveGrid DNA DNA LiveGrid LiveGrid DNA 43 LiveGrid DNA
GREYCORTEX MENDEL GREYCORTEX MENDEL GREYCORTEX MENDEL ( ) ( / ) ( / ) NetFlow NetFlow NetFlow/IPEIX 44 ( ) APT RAT DNS SSH HTTP / S ICMP DNS SSH HTTP / S ICMP DoS DDoS
/ / 45
1 GREYCORTEX 2 ( ) 3 4 46
5 5 DYNAMIC THREAT DEFENSE APT (Advanced Persistent Threat) APT ( Security Management Center) ( LiveGrid ) 47 Endpoint Antivirus ( 7 ) Endpoint Security ( 7 ) Mail Security ( 7 ) File Security for Windows Server ( 7 ) Proxy Windows Apache 2.4.33 Windows XP Windows Server 2003 250
50 50 51 51 52 52 53 INTERNET SECURITY MULTI-DEVICE SECURITY SMART SECURITY PREMIUM CYBER SECURITY (FOR macos) CYBER SECURITY PRO (FOR macos) MOBILE SECURITY (FOR Android) 54 NOD32 ANTIVIRUS 49
AV-Comparatives 2017 50 NOD32 ANTIVIRUS 30 ThreatSense INTERNET SECURITY NOD32 ANTIVIRUS ( ) ( ) ( )
51 SMART SECURITY PREMIUM INTERNET SECURITY ( )
52 Mac macos Mac ( ) ( ) Mac macos CYBERSECURITY Mac
53 MOBILE SECURITY ( Android ) NOD32
54