AVLab.pl Comparison of protection solutions - for home users and small companies

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

Adrian Ścibor

From AVLab.pl
Verified
Apr 9, 2018
56
Dear Users!

Feel free to comment our new comparison!


Several weeks of hard work, consultations and translations, and we are ready to show the latest and always updated comparison of antivirus solutions.

We publish it for all those interested who want to better protect their personal data and files stored on computer disks from ransomware and malware, as well as finances stored in the form of cryptocurrencies, as well as electronic money, ready for trading through banks and online payment systems.

We took into account several features:
  • Protection with selected modules (anti-ransomware, anti-exploit, online session protection, banking, IoT devices, etc.).
  • Level of privacy and data security (encryption of disks, files, folders; digital identity protection - data leak notifications; enhanced system privacy).
  • Additional components including e.g. program and system updates, backup, password manager - i.e. productivity.
  • Other features considered was the additional value each user and small business receives after purchasing a license (and the final verdict from AVLab).
Moreover, please help us with update by submitting your suggestions for changes - not just the features, mistakes, but also suggestions for adding other columns, i.e. the security suite features or reorganizing the proposed features by criteria (which we can also modify): security, privacy, productivity, other features.

Website: Comparison security pakages - AVLab
 

Attachments

  • Screenshot 2021-09-02 at 20-22-11 Comparison security pakages - AVLab.png
    Screenshot 2021-09-02 at 20-22-11 Comparison security pakages - AVLab.png
    227.1 KB · Views: 140

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,152
If the comparison includes small business products, then the table can be corrected for Microsoft Defender.
The administrators in small businesses can activate many ATP features by using:
  • Microsoft Endpoint Manager (which now includes Microsoft Intune and Microsoft Endpoint Configuration Manager)
  • Group Policy
  • PowerShell cmdlets
These methods are suggested to administrators by Microsoft, so one should not ignore them, even if they are not included in Windows Security Center. PowerShell is an official configuration management framework created by Microsoft for administrators and it is commonly used in small businesses. It is available in all Windows editions (also in Windows Home).
There exists detailed Microsoft documentation about configuring Defender via PowerShell. The Windows Security Center is dedicated to non-administrator users (like home users) and some advanced Defender features are intentionally hidden there.

Usually, some ASR rules and Network Protection are activated in small businesses. Several ATP features work also (unofficially) on Windows 10 Home (can be activated via PowerShell). They work unofficially because only Windows Pro, Enterprise, and Education can have commercial licensing. In addition to ASR rules and Network Protection, also Microsoft Defender Application Control (MSDAC) policies work on Windows Home, but the policy file must be created on a machine with installed Windows 10 Pro (can be done in small businesses). Compared to ASR rules and Network Protection, the MSDAC policies are probably not so convenient and popular in small businesses.

If the comparison would include only the Home AVs, then skipping these ATP features would be acceptable (no administrator to use them). Furthermore, other AV testing labs also skip these features for AV Home versions.
 
Last edited:

woodrowbone

Level 10
Verified
Dec 24, 2011
485
@ Adrian
Thank you for another interesting test (y)
The most interesting part of this test (as I see it), is the the IoT section.

Is there any plans to test home/SMB network protection products like Avast Omni, F-Secure Sence, Firewalla, Gryphon etc to name a few?
Tests on products like this would be much appreciated, as they are very hard to find, if they even exist?
Like it is now, it is very hard to know what to buy, you simply do not know if the product is any good at what it says it does, much like the AV:s you test..

My crystal ball tells me that this must be the next big "thing" in security , as more people then ever work from home, due to the pandemic, and all unprotected "IoT" devices exposed to the internet.

/W
 

Adrian Ścibor

From AVLab.pl
Verified
Apr 9, 2018
56
@ Adrian
Thank you for another interesting test (y)
The most interesting part of this test (as I see it), is the the IoT section.

Is there any plans to test home/SMB network protection products like Avast Omni, F-Secure Sence, Firewalla, Gryphon etc to name a few?
Tests on products like this would be much appreciated, as they are very hard to find, if they even exist?
Like it is now, it is very hard to know what to buy, you simply do not know if the product is any good at what it says it does, much like the AV:s you test..

My crystal ball tells me that this must be the next big "thing" in security , as more people then ever work from home, due to the pandemic, and all unprotected "IoT" devices exposed to the internet.

/W

Hi! Such of products that you described is not available in Poland, unfortunately. I can add to this list a Bitdefender BOX (available in USA only, as I know). Except F-Secure SENSE, please use some translator: F-Secure SENSE — mocne strony routera, który przez dwa tygodnie zabezpieczał naszą sieć Wi-Fi - AVLab (a review from 2018, so I do not know what has been changed since that ime).
 
  • Like
Reactions: Nevi and Correlate

Adrian Ścibor

From AVLab.pl
Verified
Apr 9, 2018
56
If the comparison includes small business products, then the table can be corrected for Microsoft Defender.
The administrators in small businesses can activate many ATP features by using:
  • Microsoft Endpoint Manager (which now includes Microsoft Intune and Microsoft Endpoint Configuration Manager)
  • Group Policy
  • PowerShell cmdlets
These methods are suggested to administrators by Microsoft, so one should not ignore them, even if they are not included in Windows Security Center. PowerShell is an official configuration management framework created by Microsoft for administrators and it is commonly used in small businesses. It is available in all Windows editions (also in Windows Home).
There exists detailed Microsoft documentation about configuring Defender via PowerShell. The Windows Security Center is dedicated to non-administrator users (like home users) and some advanced Defender features are intentionally hidden there.

Usually, some ASR rules and Network Protection are activated in small businesses. Several ATP features work also (unofficially) on Windows 10 Home (can be activated via PowerShell). They work unofficially because only Windows Pro, Enterprise, and Education can have commercial licensing. In addition to ASR rules and Network Protection, also Microsoft Defender Application Control (MSDAC) policies work on Windows Home, but the policy file must be created on a machine with installed Windows 10 Pro (can be done in small businesses). Compared to ASR rules and Network Protection, the MSDAC policies are probably not so convenient and popular in small businesses.

If the comparison would include only the Home AVs, then skipping these ATP features would be acceptable (no administrator to use them). Furthermore, other AV testing labs also skip these features for AV Home versions.
Small business? Do you mean small business in Europe / USA? As you know a small business in Poland is rather more smaller that in the world, therefore this compariosn contain official Microsoft product without Active Directory integration and only for Windows 10 Home/Pro. We do not consider unofficial solutions/tips and tricks.
 
  • Like
Reactions: Nevi and Correlate

Andy Ful

Level 72
Verified
Trusted
Content Creator
Dec 23, 2014
6,152
Small business? Do you mean small business in Europe / USA? As you know a small business in Poland is rather more smaller that in the world, therefore this compariosn contain official Microsoft product without Active Directory integration and only for Windows 10 Home/Pro.

Does AVLab make tests only for users in Poland? Do you have any reliable statistics about using Defender and using ASR rules in small businesses in Poland?
I think that your definition of a small business is rather close to a home business. If so, then a current description of Defender in the comparison table is probably OK.
The ASR rules and several advanced Defender settings do not require Active Directory and work well on Windows 10 Pro (and Home).

We do not consider unofficial solutions/tips and tricks.

Using PowerShell for configuring Defender is an official way, recommended by Microsoft for administrators. Microsoft Intune, MDM, and Microsoft ECM are recommended for Enterprises. Also, some medium businesses can afford to use them. But, for small businesses, those solutions are too expensive.

You can enable attack surface reduction rules by using any of these methods:

https://docs.microsoft.com/en-us/mi...-attack-surface-reduction?view=o365-worldwide

I share the viewpoint that using Defender free on default settings in small businesses does not make much sense. People use in daily work MS Office, Adobe Acrobat Reader, etc. For such an environment, the ASR rules are recommended by Microsoft.

My suggestion is to add the note about the possibility of configuring Defender's advanced settings by PowerShell and also :
  • Add a short explanation about why they are not enabled in AVLab tests.
or
  • Perform 2 different tests for Defender (with and without advanced settings).
I think that AV tests for businesses should be done after contacting AV vendors. That is a way followed by most AV testing labs. The vendor usually suggests what settings should be applied. Furthermore, small business users can see if they use the optimal AV setup.

The recommendations for Defender (ASR rules):

1630861723595.png

 
Last edited by a moderator:

woodrowbone

Level 10
Verified
Dec 24, 2011
485
Hi! Such of products that you described is not available in Poland, unfortunately. I can add to this list a Bitdefender BOX (available in USA only, as I know). Except F-Secure SENSE, please use some translator: F-Secure SENSE — mocne strony routera, który przez dwa tygodnie zabezpieczał naszą sieć Wi-Fi - AVLab (a review from 2018, so I do not know what has been changed since that ime).
@Adrian

I was under the impression that companies of these products would send you a test sample if requested.
Like when hardware test sites gets their sampels for testing.
Testing methodology you already have the foundation for, from testing AV solutions.

You mention Bitdefender Box, they also use their tech in some of the Netgear routers: Netgear Armor

Then you have D-link use McAfee, and Gryphone, Avast Omni, Firewalla, ASUS and TP-link use TrendMicro, Avira SafeThings and I there is more out there.
There are already a few organisations testing AV solutions, but none testing these product, maybe you could be the first one?

I do not understand what you mean that nothing has changed since 2018, on the threat front or the hardware?

From reading your test of F-secure Sence, I would say it was very impressive that the router stooped all the test samples.

A test like that with more contenders, including infected sites, exploits, fishing etc I bet you will make some serious waves on the sea of security.

/W
 
  • Like
Reactions: Nevi and Correlate

Adrian Ścibor

From AVLab.pl
Verified
Apr 9, 2018
56
@Adrian Ścibor except for Microsoft, all the vendors that you test pay you for testing, correct? You are not operating on a "free" AV lab testing model, are you? :unsure:

You use Microsoft as the baseline.
This comparison was completely free for each vendors. As for another security tests - we do not hide information from community that the fee is required, regardless you are invited to public or private testing: How to get certificate? - AVLab because we have to maintain servers, honeypots and developing tools for testing. It's very simple. You as a member can download or read summary without any costs, besides we don't brag about improving your safety by reporting bugs and security issues in anti-malware products. Only this year our tests will improve some security modules in different products.
 

plat1098

Level 25
Verified
Sep 13, 2018
1,455
I was on Wilders just now in a discussion thread concerning a new type of storage device that contains built-in measures to detect ransomware. Then I got to thinking: we are comparing one software to another (in controlled environments) but would it be feasible and ultimately useful to compare hardware mitigations against software mitigations under the same test conditions? Could one make a reliable leap of faith in that case for his/her use scenario?

These SSDs are quite expensive and therefore its cost would be a factor in anyone's setup. Starting cost for a certain brand of SSD with this protection starts at 299USD for a 480 GB storage device. 😬

Source

If one would say: it's apples and oranges, I would respond by saying the end expectation would be the same: to detect various malicious activities on the drive and how well. It could theoretically become part of a layered approach, it seems but would lower-cost options be as "effective."
 
Top