ESET Smart Security 8 - General Impression

Status
Not open for further replies.
H

hjlbx

Thread author
Hello,

This is a mini-review of ESET Smart Security 8.

Pros:

  • Very good detection against malware from MT's Malware Hub.
  • Exceptionally good user-interface for such a complex security solution.
  • Notifications are unobtrusive yet demand attention, informative and easy to respond to.
  • Very low system impact on my W8.1 system (not while scan running, but scanner is less of a hog than typical) under normal workload.
  • Learning and Automatic Modes for both Firewall and HIPS.
  • Extremely high configurability, flexibility, adaptability.
  • User can easily figure out what actions ESS 8 has made to protect/clean system; logging is clear and informative.
  • No system cleaner/optimizer.
  • High learnability.
  • Default settings sufficient for typical use.
  • Real-time protection is snappy.

Cons:

  • Built-in Task Manager (Running Processes Monitor) is very limited.
  • Uses file rating/heuristics; lacks a true Behavior Blocker (less concrete decisions to be made by user).
  • Highly skilled use demands experience and knowledge (but that is OK since typical user is power user...or one in the making).
  • New user should expect long and steep learning curve (ESS is designed to assist in this regard, but really you have to "put in your time" just like everyone else).

Impression:

ESET Smart Security 8 is a very polished product.

There's a lot to like about it.

Now I understand why ESS is so popular here at MT. Perhaps only Comodo Internet Security and Malware Defender can rival its "toy factor." It's huge.

However, along with it's comprehensive features and extreme configurability comes complexity. With complexity comes numerous opportunities for the user to make mistakes. That's why I find the Learning Mode to be a real asset for the user in creating rules. It makes the classical HIPS much more manageable in the beginning.

Straight-up, I am not a fan of classical HIPS. However, ESS HIPS is the best incarnation of this protection model that I have used.

To a large extent the built-in automation features make ESS much more user friendly. The user can set ESS to be minimally interactive or send it right over the top. However, the overall focus is on heavy user configuration. So not so good for the absolute novice. The sheer amount of infos alone, I think, could give a novice a panic attack. Very technical.

One warning... only use Learning Mode on a clean system, lest you set up "malware-rules" on your system.

Maxing-out ESS settings will significantly improve its protection - at the expense of much greater user interaction and decisions... to the point where it starts to negatively impact user experience.

Against the recent JS.Downloader/BAT.Encoder posted on MT's Malware Hub (disabled ESS' real-time protection), HIPS alerted to a whole slew of cmd.exe and wscript.exe actions making clear something was amiss, but that's only because I had not set up any access rules for either. (Hint: It's a good idea to scrutinize HIPS rules created during an infection; delete those that are infection-related.) Had "Allow" access rules been previously created by me to the resources then, oh boy, trouble. However, ESS had a back-up plan; ESS' web filter (http scanner) stopped all the live action by blocking access to the malicious URL download-attach.com. Same thing was done by Emsisoft while the BB missed it all.

If anything, interpreters (cmd.exe, wscript.exe, cscript.exe, java.exe, powershell, etc) and scripts remain a big challenge for all AV, but ESS did good... still HIPS Interactive Mode is best for greatest protection though it may require heavy user interaction.

All the controls are well laid-out and provide for good navigation flow. Information to assist the user is a nice touch. I think ESS has a high learnability factor... with my dedicated time and effort. Through dedicated experimentation and use, ESS will teach the user a whole bunch.

I recommend disabling UAC at least initially until you get the configuration adjusted to your liking.

On my W8.1 system it is very stable, gets along with other software and bug-free. One of the best so far.

ESS has a reputation for being light on the system. That is a bit mis-leading. Crank-up the protection settings to maximum, and on my system you will eventually notice an impact. I notice some delay in extracting files and browser responsiveness.

Bottom line on this one... ESS is not suited to the novice. However, it is a great option for the intermediate user. Advanced users just might reach nirvana. It is best suited to the die-hard system watcher.

Of all the security softs I have used, it is without a doubt, the most flexible and adaptable. Network scanning capabilities are a rarity, but ESS has it as a standard feature. Another +1 for ESS.

If you want very high automation, then BitDefender will probably meet your expectations. Emsisoft and Kaspersky are somewhere in the middle with each having its own approach.

I recommend a "look-see."
 
Last edited by a moderator:

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Amazing review, thanks.

Could you do it for Norton Security (2015)?
 

Piteko21

Level 18
Verified
Top Poster
Well-known
Sep 13, 2014
874
as a happy ESET NOD32 user I just say that your reviews are amazing and show the truth
thanks for this greats reviews;)


...waiting by Norton review:D
 
D

Deleted member 2913

Thread author
Thanxx for the review.

You mentioned "not suited to the novice".
I have read it provides very good protection & no popups to answer with default settings.
Do you mean, it gives popups i.e allow/block with default settings?
 

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
You mentioned "not suited to the novice".
I have read it provides very good protection & no popups to answer with default settings.
Not for the novice user on Max settings.Default settings will work for the novice (typical home) user.
@hjlbx Nice Review!!! Pretty thorough review for "mini-review" :D Short,unbiased and to the points that matter.
 
H

hjlbx

Thread author
Not for the novice user on Max settings.Default settings will work for the novice (typical home) user.
@hjlbx Nice Review!!! Pretty thorough review for "mini-review" :D Short,unbiased and to the points that matter.

Thanks for the review compliment.
 
H

hjlbx

Thread author
Thanxx for the review.

You mentioned "not suited to the novice".
I have read it provides very good protection & no popups to answer with default settings.
Do you mean, it gives popups i.e allow/block with default settings?

For typical use default settings are sufficient. At default settings you will get some notifications but they are somewhat helpful... give you some clues. But don't fear alerts even If you are just starting out, then most of it will be meaningless IT-jargon. You have to start somewhere.

Maximum settings is like carrying a 150 lb sledge-hammer all day long.

I would only change HIPS to max settings right before unloading an unknown, untrusted, dodgy file on my system. If it checked out as trustworthy, I would switch back to Automated with rules.

You will learn that HIPS rules do not really protect your system if you do not actively monitor and edit them...which can be quite a task. If user relies only upon static HIPS rules then it is very likely the user will allow the system to be infected.

For example, if you create rule allowing cmd.exe to legitimately access wscript.exe, then the next time if a malicious script using cmd.exe accesses wscript.exe, then HIPS will allow it to do so since an allow rule already exists for cmd.exe to access wscript.exe. HIPS cannot tell difference between legitimate and malicious actions. For it to work, it is all user dependent. An allow rule is an allow rule.

The above example is a special, dodgy case...but it illustrates one of HIPS' main limitations.

File xyz.exe accessing wscript.exe for very first time would generate alert and also all subsequent access if you create no permanent rule.
Not creating permanent rules basically creates an over-the-top Interactive Mode; not recommended.

Through dedicated use you will learn how and when to create rules of all types until it becomes second nature. It requires time and effort.

Use ESET. You'll see what I mean.

It will be alright for you...
 
Last edited by a moderator:

sunrise

Level 2
Verified
Aug 2, 2014
61
How about battery life consumption? Planning to get NOD32/KIS2015/Q360IS for my new acer e3-112m
 

securon

New Member
Mar 29, 2015
2
Good Afternoon! Reasons as to why I use Eset... I just re-installed ESS on my system...and it's light and nimble...although admittedly everyone's set-up reacts differently. And Eset has always shunned collaboration with providers of Marketing incentives that promote the install of Toolbars and Pop-Up Ads...and Nag Screens...that's why I'm sticking with Eset. And it's the one app I've experienced that's Rock Solid in reacting with other apps on my system...it avoids asking the user too remove existing apps during install...that In my mind signals that it's assured of it's engineering, in providing the user with a peace of mind factor...very important in terms of useage. Sincerely...Securon
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top