AV-Comparatives - Real world AV Test for March 2018

[Deleted Member 3a5v73x]

We defend what security solutions we like personally, it's not like everyone is comfortable using what we think is best for them from our perspective and experience. Security combos varies and so does each individual PC user needs.

 

[Deleted member 178]

Oh, he didn't get infected, he 'almost' did and the vector was actually when he took the gaming rig to a lan party, outside of the network.

i thought you would secure his rig better than that...network security is meaningless if the workstation is weak.

Sorry your career was so incredibly short lived.

Not a career, a contract. anyway pure marketing/sales isn't my favorite field; so no big deal to me.

 

[RoboMan]

Remember when AV-Comparatives was a reliable source of information?

Lol me either

 

[ZeroDay]

With VoodooShield in a setup even ClamAV can protect a machine very well.

I was about to say you can add Voodooshield to any free AV and have amazing protection. You beat me to it.

 

[Deleted Member 3a5v73x]

You know that debates will always go hard when you see new independant AV test Labs report posted in forums.

 

[Deleted member 178]

Remember when AV-Comparatives was a reliable source of information?

Lol me either

LOL, AV Test-Labs = youtuber with bigger wallets

 

[mekelek]

I've always recommended people run FortiClient with VoodooShield. (this combo is actually a powerful pairing in our tests, try that combo in the hub) I suppose one could run it alone because it's sigs are decent, it has anti-exploit, and the web filtration is good. But I wouldn't suggest it for clickers or newbs in that configuration.

FortiClient is designed specifically as a managed, controlled endpoint solution tied to specific pieces of hardware as part of a protection fabric. If any of those pieces are missing the product is degraded and the fabric is compromised. Which is why I've always encouraged those that run it pair it with something like VoodooShield to seal up any gaps in it.

FortiClient alone, with average-joe's or clickers will universally end up with discouraging results. It's just not going to go well. It's missing too many pieces of the puzzle, there is no fabric, it's not backed by the hardware that's supposed to be backing it. I'd actually expect poor results in the hub given a solo configuration. Remember, even AVC (where Fortinet scores pretty well) has a FortiGate Controller for the Client, they are still missing a few pieces of the puzzle, but just having the gate there improves results quite nicely.

FortiClient Solo (no hardware, no adjunct support) = RISKY unless you are somewhat savvy. (but even I wouldn't roll with this config)
FortiClient w/Hardware, EMS, Sandbox = Incredibly strong.
FortiClient w/VoodooShield = What I personally believe is one of the strongest free setup without system drag.

combining with VS is kind of cheating tho, when VS alone will handle all the threats.

 

[ZeroDay]

combining with VS is kind of cheating tho, when VS alone will handle all the threats.

Exactly. WD Tweaked + SUA+SRP+SS+UAC+Voodooshield = Solid!

 

[mekelek]

Exactly. WD Tweaked + SUA+SRP+SS+UAC+Voodooshield = Solid!

you don't need WD at all, you need a good Web sig(Forticlient would come in handy if the god damn UI would function properly) and you're good to go.

guys, guys, you went personal there, no need to jump on necks and make passive aggressive insults
Umbra, stuff you do and use are not viable to 99% of the people either, so it's not that different from Forticlient requiring hardware.

 

[MeltdownEnemy]

my antivirus F-secure is the king of FP wow, gruesome

 

[mekelek]

my antivirus F-secure is the king of FP wow, gruesome

to be fair FSecure's Deepguard always caused FPs, it's too aggressive, effective, but too aggressive.
it's not a bad AV tho.

 

[ZeroDay]

you don't need WD at all, you need a good Web sig(Forticlient would come in handy if the god damn UI would function properly) and you're good to go.

guys, guys, you went personal there, no need to jump on necks and make passive aggressive insults
Umbra, stuff you do and use are not viable to 99% of the people either, so it's not that different from Forticlient requiring hardware.

I think WD is amazing these days especially when used with all the extra's.

 

[Lord Ami]

to be fair FSecure's Deepguard always caused FPs, it's too aggressive, effective, but too aggressive.
it's not a bad AV tho.

It just does not have good whitelist to back it up. Many updated programs are blocked because vendor/digital signature is not in the whitelist.
But I would say FPs are rather rare for me. I'm yet to see signatures/heuristics FPs

 

[ZeroDay]

We can all get along if those of us that disagree with each other just agree to disagree. It's just a conversation on security.

 

[Deleted member 178]

Umbra, stuff you do and use are not viable to 99% of the people either, so it's not that different from Forticlient requiring hardware.

That is different, every piece of software i use can offer strong security by itself alone. They don't need another one to be effective.
Take Appguard, ERP, OSA, Sandboxie or ReHIPS; each one alone offer strong protection, and they are not a suite.
No need forti-this or forti-that , it is why i said Forti is useless for people here.

 

[mekelek]

That is different, every piece of software i use can offer strong security by itself alone. They don't need another one to be effective.
Take Appguard, ERP, OSA, Sandboxie or ReHIPS; each one alone offer strong protection. no need forti-this or forti-that , it is why i said Forti is useless for people here.

Yea i can't really disagree with those softwares separately being powerful.

 

[ForgottenSeer 58943]

i thought you would secure his rig better than that...network security is meaningless if the workstation is weak.

Network security is everything, regardless of the workstation. You see, network security 'assumes' any endpoint would be infected or potentially compromised and a properly secured network assumes such.

So in this case, it was planned out. His access is restricted to an orange zone on it's own subnet or vlan, with it's own VDOM. The VDOM ensures his own little world is running on his own little virtualized Fortigate appliance. So even if by some miracle, his Fortigate was compromised, it would still be isolated from everything else. He's an adult, he can use his brain and install whatever he wants. I just make sure it cannot impact me or the rest of the network.

 

[Janl1992l]

my antivirus F-secure is the king of FP wow, gruesome

atleast its a king in something.

 

[Deleted member 178]

Yea i can't really disagree with those softwares separately being powerful.

now combine them

He's an adult, he can use his brain and install whatever he wants. I just make sure it cannot impact me or the rest of the network.

This is where we are different, i decided that people not educated in cybersecurity must have their workstation locked, they just get the minimum vital needed for their personal usage.
I prevent them to mess up their system, i have no time to fix or cure.
There is no such thing as happy clickers or install-holics in my world.

 

[ForgottenSeer 58943]

they just get the minimum vital needed for their personal usage.
I prevent them to mess up their system, i have no time to fix or cure.
There is no such thing as happy clickers or install-holics in my world.

There is a fine line between secure and usable for Windows IMO.

He's a Helpdesk L1 Technician where I work and studying engineering. It's a good experience for him. If I handed him a fully secure, impregnable system he might not learn some valuable lessons. Since he's isolated, I am enjoying watching him progress in his awareness.

I don't touch systems outside of work and my home though, so I am with you there. I have zero time or desire to even lay a hand on my relatives/inlaws systems. These days, I point them to a Chromebook and never hear back from them. None of them need Windows or the theater around the results of their clicking.