Avast! Free Vs FortiClient + OSArmor

[Kuttz]

Thank You.

 

[Chimaira]

If he has some time to answer, @ForgottenSeer 58943 would be the best to answer anything FortiClient related.

 

[Sunshine-boy]

Avast free+OSarmor.

 

[Electr0n]

Avast free+OSarmor.

I second this.

 

[ForgottenSeer 58943]

FortiClient would offer better Web Filtration (by far), Better signatures, and be much lighter on the system. When combined with OSArmor which would close up any gaps in FortiClient and give you incredible protection. Voodooshield is a very popular combination with FortiClient for this reason as well.

But in the end, if you value your privacy, you'd use this combination as your telemetry and logging outbound would be ZERO. If that's important to you, then that should help drive your decision.

 

[212eta]

FortiClient + OSArmor

 

[Evjl's Rain]

I found avast after tweaking is much lighter
I personally use Avast with hardened mode aggressive + Syshardener + disabling java and WSH. I think this is more than enough

I think my combo is far better than Fortinet because forti disappointed me in my malware hub test, both protection and performance
besides great web and file signatures, it didn't do anything. The exploit protection let a lot of malwares pass through via wscript, powershell and java

on my PC, avast isn't compatible with OSA. Otherwise, it will be a great combo

https://malwaretips.com/threads/mixed-threats-16-02-2018-20.79975/#post-711851
https://malwaretips.com/threads/12-2-2018-18.79838/#post-711224
https://malwaretips.com/threads/mixed-threats-09-02-2018-15.79759/#post-710676

 

[ZeroDay]

FortiClient + OSArmor all day long.

 

[ZeroDay]

In fact the level of protection is so different that I don't think comparing it to just Avast free is fair, even if Avast is tweaked.

 

[mekelek]

I found avast after tweaking is much lighter
I personally use Avast with hardened mode aggressive + Syshardener + disabling java and WSH. I think this is more than enough

I think my combo is far better than Fortinet because forti disappointed me in my malware hub test, both protection and performance
besides great web and file signatures, it didn't do anything. The exploit protection let a lot of malwares pass through via wscript, powershell and java

on my PC, avast isn't compatible with OSA. Otherwise, it will be a great combo

https://malwaretips.com/threads/mixed-threats-16-02-2018-20.79975/#post-711851
https://malwaretips.com/threads/12-2-2018-18.79838/#post-711224
https://malwaretips.com/threads/mixed-threats-09-02-2018-15.79759/#post-710676

this is exactly why malware testing is so important.

 

[ForgottenSeer 58943]

FortiClient + OSArmor all day long.

Interesting thing on the malwarehub results, the same files that infected FortiClient VM's, also infected big players like Bit Defender and Emsisoft. So what's the conclusion? None really. Limited sample testing isn't really a good predictive evaluation of a product because no product is going to stop every threat which is why I personally feel there is a limited benefit of individual sample malware testing in terms of product selection. Unless you are testing the same products on the same samples day after day, the results aren't definitive because the same products aren't being evaluated on the same threats which won't really result in any statistics that are usable over a period of time.

Let's examine something important;

In the second link, FortClient missed and got infected. But so did Emsisoft, Quick Heal, Panda and Bit Defender.
In the third link, FortiClient missed, but so did F-Secure, Emsisoft, Kaspersky, and Avast.

So be careful utilizing very limited, selective testing without controls to evaluate any product. Nevertheless, FortiClient w/OSArmor should product near absolute protection from virtually anything your computer could face. Some prefer FortiClient+VoodooShield, it's a popular combo for similar reasons. FortiClient exploit protection is a new and immature edition, it will improve over time. 6.0 arrives soon.

Personally, I don't even think Avast Free would compare in protection to FortiClient+OSArmor. Without any testing of those combinations we can't say for certain, but I'd put some bets on it not being close. Would I use FortiClient alone? Nope. I wouldn't feel totally confident about that.

 

[Evjl's Rain]

Interesting thing on the malwarehub results, the same files that infected FortiClient VM's, also infected big players like Bit Defender and Emsisoft. So what's the conclusion? None really. Limited sample testing isn't really a good predictive evaluation of a product because no product is going to stop every threat which is why I personally feel there is a limited benefit of individual sample malware testing in terms of product selection. Unless you are testing the same products on the same samples day after day, the results aren't definitive because the same products aren't being evaluated on the same threats which won't really result in any statistics that are usable over a period of time.

Let's examine something important;

In the second link, FortClient missed and got infected. But so did Emsisoft, Quick Heal, Panda and Bit Defender.
In the third link, FortiClient missed, but so did F-Secure, Emsisoft, Kaspersky, and Avast.

So be careful utilizing very limited, selective testing without controls to evaluate any product. Nevertheless, FortiClient w/OSArmor should product near absolute protection from virtually anything your computer could face. Some prefer FortiClient+VoodooShield, it's a popular combo for similar reasons. FortiClient exploit protection is a new and immature edition, it will improve over time. 6.0 arrives soon.

Personally, I don't even think Avast Free would compare in protection to FortiClient+OSArmor. Without any testing of those combinations we can't say for certain, but I'd put some bets on it not being close. Would I use FortiClient alone? Nope. I wouldn't feel totally confident about that.

the point is I can make avast almost impenetrable except I'm targeted by a hacker while I can't do the same with Forticlient. Forget about the privacy thingy
for example, if I have a .exe malware which is not detected by signatures by any vendor, forticlient+OSA will be likely to fail because there is no proper behavior blocker in Forti and OSA is weak against executable malwares

while with Avast, .exe malwares can be blocked by hardened mode aggressive. If they are safe, they will be whitelisted automatically hours or days later. In 1 occasion, I saw avast's HM was bypassed by a .exe PUP
other common vectors such as windows script host and java, which avast is known to be weak and easily bypassed, HM doesn't cover .exe files downloaded via scripts, can be blocked by Syshardener and use windows's built-in SRP to deny execution of wscript, cscript, powershell, java and javaw.exe

so in my system, only avast is installed. Everything else are one-time/portable/set-and-forget tools

about web protection, I have google chrome's safebrowsing, avast web shield, avira browser safety, ublock origin with a few malware filters and norton DNS.

I don't really see how this combo can be bypassed by regular malwares unless it is hacked

 

[ZeroDay]

Interesting thing on the malwarehub results, the same files that infected FortiClient VM's, also infected big players like Bit Defender and Emsisoft. So what's the conclusion? None really. Limited sample testing isn't really a good predictive evaluation of a product because no product is going to stop every threat which is why I personally feel there is a limited benefit of individual sample malware testing in terms of product selection. Unless you are testing the same products on the same samples day after day, the results aren't definitive because the same products aren't being evaluated on the same threats which won't really result in any statistics that are usable over a period of time.

Let's examine something important;

In the second link, FortClient missed and got infected. But so did Emsisoft, Quick Heal, Panda and Bit Defender.
In the third link, FortiClient missed, but so did F-Secure, Emsisoft, Kaspersky, and Avast.

So be careful utilizing very limited, selective testing without controls to evaluate any product. Nevertheless, FortiClient w/OSArmor should product near absolute protection from virtually anything your computer could face. Some prefer FortiClient+VoodooShield, it's a popular combo for similar reasons. FortiClient exploit protection is a new and immature edition, it will improve over time. 6.0 arrives soon.

Personally, I don't even think Avast Free would compare in protection to FortiClient+OSArmor. Without any testing of those combinations we can't say for certain, but I'd put some bets on it not being close. Would I use FortiClient alone? Nope. I wouldn't feel totally confident about that.

That's why I said I'd choose FortiClient+OSArmor all day long. An AV such as Avast free even with Hardened mode aggressive just isn't going to stand a chance against pretty much any free AV with OSArmor if we take all OSAromors mitigations into account. I'm just basing my opinion on basic logic. Unless Avast can lock a system down to the same level as OSArmor which we all know it can't then like I say my choice here would be any free AV plus OS Armor. If it was Avast free VS FortiClient free then I'd choose the opposite, I'd pick Avast over FortiClient. I tried the latest FortiClient with a tweaked confit on AMTSO's testing site and it didn't do well at all. At the time it didn't even stop the AMTSO phishing test page. I do like FortiClient AV but no chance on God's green earth I'd put just FortiClient on someone's PC. I would use an anti exe alongside it or Comodo firewall, but that's only because it's mainly a signature AV. I understand it has all these new extra features but having those features is completely different to having those features and them actually performing as you'd expect. I'm not too sure why you quoted my post I never mentioned testing. It's just basic logic - If someone knows the capabilities of OSArmor they can't just team it up with a free AV then compare it to a free AV alone it's simply not a fair fight, is it? In my eye's it's not much different to comparing a free AV with tweaked Comodo firewall to a free AV alone. The saying ' Bringing a knife to a gun fight' fits perfectly here. Unless Avast can do everything OSArmor can do and in such a simple manner we're comparing a single free AV to another Free AV plus an Anti Exploit program.

I think a better comparison here is Avast free with OSArmor and FortiClient+OSArmor

 

[ZeroDay]

That's why I said I'd choose FortiClient+OSArmor all day long. An AV such as Avast free even with Hardened mode aggressive just isn't going to stand a chance against pretty much any free AV with OSArmor if we take all OSAromors mitigations into account. I'm just basing my opinion on basic logic. Unless Avast can lock a system down to the same level as OSArmor which we all know it can't then like I say my choice here would be any free AV plus OS Armor. If it was Avast free VS FortiClient free then I'd choose the opposite, I'd pick Avast over FortiClient. I tried the latest FortiClient with a tweaked confit on AMTSO's testing site and it didn't do well at all. At the time it didn't even stop the AMTSO phishing test page. I do like FortiClient AV but no chance on God's green earth I'd put just FortiClient on someone's PC. I would use an anti exe alongside it or Comodo firewall, but that's only because it's mainly a signature AV. I understand it has all these new extra features but having those features is completely different to having those features and them actually performing as you'd expect. I'm not too sure why you quoted my post I never mentioned testing. It's just basic logic - If someone knows the capabilities of OSArmor they can't just team it up with a free AV then compare it to a free AV alone it's simply not a fair fight, is it? In my eye's it's not much different to comparing a free AV with tweaked Comodo firewall to a free AV alone. The saying ' Bringing a knife to a gun fight' fits perfectly here. Unless Avast can do everything OSArmor can do and in such a simple manner we're comparing a single free AV to another Free AV plus an Anti Exploit program.

I think a better comparison here is Avast free with OSArmor and FortiClient+OSArmor

I'd actually like to see a video comparison between Avast free alone and forticlient+OSArmor all at default settings. If this comparison was as I mentioned above with both Avast free and Forticlient free both teamed up with OSArmor my choice would be Avast all day long.

 

[ForgottenSeer 58943]

At the time it didn't even stop the AMTSO phishing test page. r

It won't pass that synthetic test because they don't participate in blocking it and never will.

FortiClient usually scores 98.5-99.5% range at the testing houses, including AV Comparatives. So it's probably more than sufficient for anyone that isn't risky. But quite honstly, I'd pair it with VoodooShield or OSArmor just to be safe, as FortiClient scores at the lower end (98.5%) on Real World Protection tests. (about 0.5% less than Emsisoft, ESET and McAfee).

FortiClient by design is 'intended' for Corporate clients using FortiGate Hardware and the EMS (Endpoint Management System). If you actually link it with a FortiGate Appliance and FortiSandbox with the EMS system, the security fabric would offer a near-absolute protection level. Obviously that's out of reach of most of the public but we need to realize that it's the stated purpose of FortiClient. OSArmor would essentially pick up the slack of not having those adjunct technologies boosting it.

I'd LOVE to see a real test with those combined in that fashion. I'd bet some coin it would be phenomenal, and light as hell.

 

[ZeroDay]

It won't pass that synthetic test because they don't participate in blocking it and never will.

FortiClient usually scores 98.5-99.5% range at the testing houses, including AV Comparatives. So it's probably more than sufficient for anyone that isn't risky. But quite honstly, I'd pair it with VoodooShield or OSArmor just to be safe, as FortiClient scores at the lower end (98.5%) on Real World Protection tests. (about 0.5% less than Emsisoft, ESET and McAfee).

I completely agree with you. I would install some solid zeroday day protection alongside any free AV and even some paid AV's *Cough AVIRA PRO Cough*

 

[Antimalware18]

I would pick Forticlient + OsArmor.

Thats hard for me to say considering I used to be a avast fanboy for quite a few years but everytime I try Avast! nowadays it just feels heavy (Even with only basic components) and buggy. I really can't recommend it anymore.

On the opposite side. I tried Forticlient for awhile and besides some browsing slowdown (fixed with the help of ForgottenSeer 58943) it did feel quite strong and quite a bit less buggy.

 

[Chimaira]

It won't pass that synthetic test because they don't participate in blocking it and never will.

FortiClient usually scores 98.5-99.5% range at the testing houses, including AV Comparatives. So it's probably more than sufficient for anyone that isn't risky. But quite honstly, I'd pair it with VoodooShield or OSArmor just to be safe, as FortiClient scores at the lower end (98.5%) on Real World Protection tests. (about 0.5% less than Emsisoft, ESET and McAfee).

FortiClient by design is 'intended' for Corporate clients using FortiGate Hardware and the EMS (Endpoint Management System). If you actually link it with a FortiGate Appliance and FortiSandbox with the EMS system, the security fabric would offer a near-absolute protection level. Obviously that's out of reach of most of the public but we need to realize that it's the stated purpose of FortiClient. OSArmor would essentially pick up the slack of not having those adjunct technologies boosting it.

I'd LOVE to see a real test with those combined in that fashion. I'd bet some coin it would be phenomenal, and light as hell.

Wouldn't applying the custom tweaks you've mentioned in other threads improve Forticlient's protection levels?

 

[ForgottenSeer 58943]

Wouldn't applying the custom tweaks you've mentioned in other threads improve Forticlient's protection levels?

Indeed, there are many tweaks to boost detection. You can ramp heuristic sensitivity up 4 levels on real-time protection, heuristics default to OFF on real-time. You can also enable extreme database (ZOO) signatures to effectively triple the size of the signature database. These are all CONF settings that need to be made, not GUI.