McAfee Anti spyware for Enterprise is a simple-to-use and deploy package. Its
'on-access' protection feature scans processes and files running in memory
before they are even installed on to the system. According to McAfee, the
software uses behavioral-based analysis and signature updates to detect known
and unknown spywares. Just like most other Anti spyware, it scans registry
files, compressed files for threats. It can also scan network drives for spy
wares. The software also allows you to prevent McAfee processes from being
terminated and generate alerts, as and when attempts are made to access blocked
items. An interesting feature is Script Scan, which scans JavaScript and VB
Scripts when they are executed by WSH (Windows Script Host). It also lets you
configure user-defined detections based on file name, which can be useful if you
want to block a particular file or even a virus which cannot be detected by the
anti spyware. Talking about its reporting options, it keeps an event log and can
send SNMP alerts.
We installed it on a machine that had all spy wares of our database. Just
after installation, it updated itself and then began scanning and managed to
detect all the spyware. We, then, tried installing latest spy wares directly
from the Internet. The product managed to detect spy wares in real time, as they
were being installed to the system and removed them. The product even managed to
detect key loggers but couldn't identify them as key loggers and tagged them as
potentially unwanted programs. Then we tried scanning network drives for spy
wares and there again, it managed to detect the installed ones. Lastly we tested
it on a few back-door programs, and it managed to pass this test too.
The product managed to detect malware tools and Trojans the moment they began to install themselves on the machine |
Bottom Line: Taking its performance into consideration, the product is
a good buy and price is competitive as well.
|