H
hjlbx
Thread author
Hello,
This is a mini-review of ESET Smart Security 8.
Pros:
Cons:
Impression:
ESET Smart Security 8 is a very polished product.
There's a lot to like about it.
Now I understand why ESS is so popular here at MT. Perhaps only Comodo Internet Security and Malware Defender can rival its "toy factor." It's huge.
However, along with it's comprehensive features and extreme configurability comes complexity. With complexity comes numerous opportunities for the user to make mistakes. That's why I find the Learning Mode to be a real asset for the user in creating rules. It makes the classical HIPS much more manageable in the beginning.
Straight-up, I am not a fan of classical HIPS. However, ESS HIPS is the best incarnation of this protection model that I have used.
To a large extent the built-in automation features make ESS much more user friendly. The user can set ESS to be minimally interactive or send it right over the top. However, the overall focus is on heavy user configuration. So not so good for the absolute novice. The sheer amount of infos alone, I think, could give a novice a panic attack. Very technical.
One warning... only use Learning Mode on a clean system, lest you set up "malware-rules" on your system.
Maxing-out ESS settings will significantly improve its protection - at the expense of much greater user interaction and decisions... to the point where it starts to negatively impact user experience.
Against the recent JS.Downloader/BAT.Encoder posted on MT's Malware Hub (disabled ESS' real-time protection), HIPS alerted to a whole slew of cmd.exe and wscript.exe actions making clear something was amiss, but that's only because I had not set up any access rules for either. (Hint: It's a good idea to scrutinize HIPS rules created during an infection; delete those that are infection-related.) Had "Allow" access rules been previously created by me to the resources then, oh boy, trouble. However, ESS had a back-up plan; ESS' web filter (http scanner) stopped all the live action by blocking access to the malicious URL download-attach.com. Same thing was done by Emsisoft while the BB missed it all.
If anything, interpreters (cmd.exe, wscript.exe, cscript.exe, java.exe, powershell, etc) and scripts remain a big challenge for all AV, but ESS did good... still HIPS Interactive Mode is best for greatest protection though it may require heavy user interaction.
All the controls are well laid-out and provide for good navigation flow. Information to assist the user is a nice touch. I think ESS has a high learnability factor... with my dedicated time and effort. Through dedicated experimentation and use, ESS will teach the user a whole bunch.
I recommend disabling UAC at least initially until you get the configuration adjusted to your liking.
On my W8.1 system it is very stable, gets along with other software and bug-free. One of the best so far.
ESS has a reputation for being light on the system. That is a bit mis-leading. Crank-up the protection settings to maximum, and on my system you will eventually notice an impact. I notice some delay in extracting files and browser responsiveness.
Bottom line on this one... ESS is not suited to the novice. However, it is a great option for the intermediate user. Advanced users just might reach nirvana. It is best suited to the die-hard system watcher.
Of all the security softs I have used, it is without a doubt, the most flexible and adaptable. Network scanning capabilities are a rarity, but ESS has it as a standard feature. Another +1 for ESS.
If you want very high automation, then BitDefender will probably meet your expectations. Emsisoft and Kaspersky are somewhere in the middle with each having its own approach.
I recommend a "look-see."
This is a mini-review of ESET Smart Security 8.
Pros:
- Very good detection against malware from MT's Malware Hub.
- Exceptionally good user-interface for such a complex security solution.
- Notifications are unobtrusive yet demand attention, informative and easy to respond to.
- Very low system impact on my W8.1 system (not while scan running, but scanner is less of a hog than typical) under normal workload.
- Learning and Automatic Modes for both Firewall and HIPS.
- Extremely high configurability, flexibility, adaptability.
- User can easily figure out what actions ESS 8 has made to protect/clean system; logging is clear and informative.
- No system cleaner/optimizer.
- High learnability.
- Default settings sufficient for typical use.
- Real-time protection is snappy.
Cons:
- Built-in Task Manager (Running Processes Monitor) is very limited.
- Uses file rating/heuristics; lacks a true Behavior Blocker (less concrete decisions to be made by user).
- Highly skilled use demands experience and knowledge (but that is OK since typical user is power user...or one in the making).
- New user should expect long and steep learning curve (ESS is designed to assist in this regard, but really you have to "put in your time" just like everyone else).
Impression:
ESET Smart Security 8 is a very polished product.
There's a lot to like about it.
Now I understand why ESS is so popular here at MT. Perhaps only Comodo Internet Security and Malware Defender can rival its "toy factor." It's huge.
However, along with it's comprehensive features and extreme configurability comes complexity. With complexity comes numerous opportunities for the user to make mistakes. That's why I find the Learning Mode to be a real asset for the user in creating rules. It makes the classical HIPS much more manageable in the beginning.
Straight-up, I am not a fan of classical HIPS. However, ESS HIPS is the best incarnation of this protection model that I have used.
To a large extent the built-in automation features make ESS much more user friendly. The user can set ESS to be minimally interactive or send it right over the top. However, the overall focus is on heavy user configuration. So not so good for the absolute novice. The sheer amount of infos alone, I think, could give a novice a panic attack. Very technical.
One warning... only use Learning Mode on a clean system, lest you set up "malware-rules" on your system.
Maxing-out ESS settings will significantly improve its protection - at the expense of much greater user interaction and decisions... to the point where it starts to negatively impact user experience.
Against the recent JS.Downloader/BAT.Encoder posted on MT's Malware Hub (disabled ESS' real-time protection), HIPS alerted to a whole slew of cmd.exe and wscript.exe actions making clear something was amiss, but that's only because I had not set up any access rules for either. (Hint: It's a good idea to scrutinize HIPS rules created during an infection; delete those that are infection-related.) Had "Allow" access rules been previously created by me to the resources then, oh boy, trouble. However, ESS had a back-up plan; ESS' web filter (http scanner) stopped all the live action by blocking access to the malicious URL download-attach.com. Same thing was done by Emsisoft while the BB missed it all.
If anything, interpreters (cmd.exe, wscript.exe, cscript.exe, java.exe, powershell, etc) and scripts remain a big challenge for all AV, but ESS did good... still HIPS Interactive Mode is best for greatest protection though it may require heavy user interaction.
All the controls are well laid-out and provide for good navigation flow. Information to assist the user is a nice touch. I think ESS has a high learnability factor... with my dedicated time and effort. Through dedicated experimentation and use, ESS will teach the user a whole bunch.
I recommend disabling UAC at least initially until you get the configuration adjusted to your liking.
On my W8.1 system it is very stable, gets along with other software and bug-free. One of the best so far.
ESS has a reputation for being light on the system. That is a bit mis-leading. Crank-up the protection settings to maximum, and on my system you will eventually notice an impact. I notice some delay in extracting files and browser responsiveness.
Bottom line on this one... ESS is not suited to the novice. However, it is a great option for the intermediate user. Advanced users just might reach nirvana. It is best suited to the die-hard system watcher.
Of all the security softs I have used, it is without a doubt, the most flexible and adaptable. Network scanning capabilities are a rarity, but ESS has it as a standard feature. Another +1 for ESS.
If you want very high automation, then BitDefender will probably meet your expectations. Emsisoft and Kaspersky are somewhere in the middle with each having its own approach.
I recommend a "look-see."
Last edited by a moderator: