Battle ESS 9 vs EIS 11 vs KTS 2016

Status
Not open for further replies.

soccer97

Level 11
Thread author
Verified
May 22, 2014
517
I have a laptop (it's 5 years old and will need to be replaced soon (I am waiting for Wifi 802.11ac and the newer/improved Intel chips to be released), plus I am a broke college student, so I want to run it until it breaks, battery is failing as well). I know that these factors will affect it.

System Specs:
-Windows 7 SP1 64-bit
-4GB RAM
-AMD Turion II P 540 Dual-Core Procesor (2.4 Ghz)
-AMD Mobility Radeon HD 4150 Graphics Card
-750GB WD HDD 5400 RPM

Goals:

-Performance: Laptop tends to get really hot, Good battery life (doesn't use too much power)
-Protection: I am on a university Wi-Fi w/ 5000+ other people (and some definitely don't use the best security practices. I have been hit w/ port scans before).
-Vendor Reliability (issuing patches, securing their software when vulnerabilities are discovered, not ruehing out releases w/o going through QA)
-Good Customer Support (ESET's Support is awesome if you haven't experienced it). Kaspersky offers good protection, but customer support is IMHO awful (no offense).
-Privacy

-It will be running side-by-side with HitManPro.Alert, and RollbackRx Professional. Sticky Password and Heimdal Pro

Other software: Dragon Naturally Speaking Premium 13, Office 2013/2016

The software(s) will be transferred to a new PC when I can afford it.


Thank you all in advance, it is much appreciated!!!
 

Infamous

Level 1
Verified
Dec 20, 2015
34
The choices you left are really hard for me to decide upon since all three vendors produce powerful and useful security software. While I cannot single out one of the choices for my recommendation, I will give you some personal opinions and an insight into different features in the different products, as well as providing some suggestions to other vendors you may potentially be interested in which were not on the original choices.

To start off, Kaspersky is a very popular vendor and they have millions of customers - both enterprise customers and home customers. Kaspersky Total Security and Kaspersky Internet Security contain more than enough features to protect you in different ways. For example, you have the web protection which will block malicious websites, real-time protection which will scan programs as they are ran, files as they are written to, etc. The real-time scanning will consist of signatures in a database (which is updated every day) to catch known malware, as well as the heuristics. Alongside this, there is a cloud which is integrated with Kaspersky for file reputation and in both Kaspersky Total Security and Internet Security, you have behavioural zero-day protection components to help safeguard you from malware which was not detected by the real-time scanner. Some of the zero-day protection components included in the Internet Security will be listed: online banking protection; identity protection; spam protection; two-way firewall (both in and out connection monitoring); application control (I'll explain this further below).

The Application Control feature in Kaspersky Internet Security and Total Security will only function correctly if enabled from a clean state on the system. It will allow you to restrict programs from performing certain actions; it works a bit like a sandbox in the sense that it can "redirect" actions the program is trying to do if those actions were restricted. It has the ability to auto-categorize the program in a category (e.g. if its safe or suspicious), and using these categories auto-decide which restrictions should be in place. The cloud is integrated with this feature, meaning reputation of the running program is also taken into account in decisions for the category. It's a clever feature and it's proven to work well and help protect the user from malware infections.

However, I would give performance a miss with Kaspersky when put to comparison with other security software such as ESET or Emsisoft; I find ESET and Emsisoft to both work better (I've found Kaspersky to be heavier in the past) - please note that performance will differ between me and you. Therefore, don't automatically assume Kaspersky is bad with performance based on my experience.

Moving on from Kaspersky, next up is ESET. I personally believe that one of the biggest strengths that ESET have would be in the category for malware detection (both for malicious URLs and files). I find their signatures/heuristics to be very well done and their real-time protection should feel to be light (in all my time of testing or using ESET products, I don't believe I've ever felt a system slowdown due to the real-time protection or web protection). They are very quick to release updates for their databases and engines (just as Kaspersky and Emsisoft are).

ESET Smart Security does have HIPS (Host Intrusion Prevention System) included. A Host Intrusion Prevention System is basically a feature which will monitor the behaviour of programs and allow you to decide/block actions the program being monitored is allowed to make. These actions can include from registry modifications to dropping a file to a specific directory. I believe a downside to ESET would be the HIPS by default, however once you've tweaked the HIPS it can perform very well and be of great help. In the end, it's a plus to malware protection and HIPS is a zero-day behavioural protection component.

Of course, ESET Smart Security contains other features. An example of another one would be exploit mitigation; I'll stop with ESET there and move on to Emsisoft, the above should be a quick insight to some features in the security software.

Now we can move on to Emsisoft... Who do an extremely good job as well as Kaspersky and ESET (in my opinion). The shields included in their Internet Security product consist of: file guard; web guard; behaviour guard. The file guard is the real-time protection and can scan files on the go or only when a new process is started. The web guard is very quick with performance based on my experience and is effective at blocking malicious URLs (or privacy-risk related URLs). A positive towards the detection ratio with Emsisoft is that their scanner has a second opinion, it's a dual engine scanner and it will also scan with the Bitdefender engine. Updates for the databases are released quickly as well.

One of the big advantages in Emsisoft would be the behaviour guard (in my opinion). It is customizable in the sense you can tweak it to only look for rootkit activity, backdoor activity, worm activity, etc. and it does tend to work very well. Emsisoft also have a cloud with a reputation for programs; this is integrated into the behaviour guard. The behaviour guard works more or less as both a behaviour blocker and a HIPS integrated into one feature - the differences to a behaviour blocker and a HIPS is where with a behaviour blocker, the behaviour is indeed found to be malicious and a program should not be performing this action, whereas the HIPS will just alert and ask/auto-decide for an action which may or may not be suspicious, but may be performed by both malicious and non-malicious programs. The Emsisoft behaviour guard is both in one; it can look for rootkit activity (as an example), but also alert you and let you decide on auto-run modifications. They have more than enough for the behaviour guard as it is, it works quite well with the cloud.

No matter which security products out of the choices you left, you should be protected very well. Just remember that its down to you just as much as the security product - depending on your browsing habits for example will depend on the chances of you visiting a malicious URL which isn't blocked by the vendor.

I highly recommend you test out the different products from different vendors and then decide which one fits best for you personally - my personal opinions and experiences with security products will differ from yours (especially with performance side of things).

If you are looking for a free security product, you may be interested in: Avast Free Antivirus. It includes real-time protection and web protection at the minimum.

Hopefully this helped a bit. ;)
 

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
Comodo IS could be the next best alternative if you wish not to fork out any $$ for the security software.
It's high configurable and comes in sandbox mode as well. In terms of protection, if tweak properly, matchable with those you security software you mentioned.
 

soccer97

Level 11
Thread author
Verified
May 22, 2014
517
The choices you left are really hard for me to decide upon since all three vendors produce powerful and useful security software. While I cannot single out one of the choices for my recommendation, I will give you some personal opinions and an insight into different features in the different products, as well as providing some suggestions to other vendors you may potentially be interested in which were not on the original choices.

To start off, Kaspersky is a very popular vendor and they have millions of customers - both enterprise customers and home customers. Kaspersky Total Security and Kaspersky Internet Security contain more than enough features to protect you in different ways. For example, you have the web protection which will block malicious websites, real-time protection which will scan programs as they are ran, files as they are written to, etc. The real-time scanning will consist of signatures in a database (which is updated every day) to catch known malware, as well as the heuristics. Alongside this, there is a cloud which is integrated with Kaspersky for file reputation and in both Kaspersky Total Security and Internet Security, you have behavioural zero-day protection components to help safeguard you from malware which was not detected by the real-time scanner. Some of the zero-day protection components included in the Internet Security will be listed: online banking protection; identity protection; spam protection; two-way firewall (both in and out connection monitoring); application control (I'll explain this further below).

The Application Control feature in Kaspersky Internet Security and Total Security will only function correctly if enabled from a clean state on the system. It will allow you to restrict programs from performing certain actions; it works a bit like a sandbox in the sense that it can "redirect" actions the program is trying to do if those actions were restricted. It has the ability to auto-categorize the program in a category (e.g. if its safe or suspicious), and using these categories auto-decide which restrictions should be in place. The cloud is integrated with this feature, meaning reputation of the running program is also taken into account in decisions for the category. It's a clever feature and it's proven to work well and help protect the user from malware infections.

However, I would give performance a miss with Kaspersky when put to comparison with other security software such as ESET or Emsisoft; I find ESET and Emsisoft to both work better (I've found Kaspersky to be heavier in the past) - please note that performance will differ between me and you. Therefore, don't automatically assume Kaspersky is bad with performance based on my experience.

Moving on from Kaspersky, next up is ESET. I personally believe that one of the biggest strengths that ESET have would be in the category for malware detection (both for malicious URLs and files). I find their signatures/heuristics to be very well done and their real-time protection should feel to be light (in all my time of testing or using ESET products, I don't believe I've ever felt a system slowdown due to the real-time protection or web protection). They are very quick to release updates for their databases and engines (just as Kaspersky and Emsisoft are).

ESET Smart Security does have HIPS (Host Intrusion Prevention System) included. A Host Intrusion Prevention System is basically a feature which will monitor the behaviour of programs and allow you to decide/block actions the program being monitored is allowed to make. These actions can include from registry modifications to dropping a file to a specific directory. I believe a downside to ESET would be the HIPS by default, however once you've tweaked the HIPS it can perform very well and be of great help. In the end, it's a plus to malware protection and HIPS is a zero-day behavioural protection component.

Of course, ESET Smart Security contains other features. An example of another one would be exploit mitigation; I'll stop with ESET there and move on to Emsisoft, the above should be a quick insight to some features in the security software.

Now we can move on to Emsisoft... Who do an extremely good job as well as Kaspersky and ESET (in my opinion). The shields included in their Internet Security product consist of: file guard; web guard; behaviour guard. The file guard is the real-time protection and can scan files on the go or only when a new process is started. The web guard is very quick with performance based on my experience and is effective at blocking malicious URLs (or privacy-risk related URLs). A positive towards the detection ratio with Emsisoft is that their scanner has a second opinion, it's a dual engine scanner and it will also scan with the Bitdefender engine. Updates for the databases are released quickly as well.

One of the big advantages in Emsisoft would be the behaviour guard (in my opinion). It is customizable in the sense you can tweak it to only look for rootkit activity, backdoor activity, worm activity, etc. and it does tend to work very well. Emsisoft also have a cloud with a reputation for programs; this is integrated into the behaviour guard. The behaviour guard works more or less as both a behaviour blocker and a HIPS integrated into one feature - the differences to a behaviour blocker and a HIPS is where with a behaviour blocker, the behaviour is indeed found to be malicious and a program should not be performing this action, whereas the HIPS will just alert and ask/auto-decide for an action which may or may not be suspicious, but may be performed by both malicious and non-malicious programs. The Emsisoft behaviour guard is both in one; it can look for rootkit activity (as an example), but also alert you and let you decide on auto-run modifications. They have more than enough for the behaviour guard as it is, it works quite well with the cloud.

No matter which security products out of the choices you left, you should be protected very well. Just remember that its down to you just as much as the security product - depending on your browsing habits for example will depend on the chances of you visiting a malicious URL which isn't blocked by the vendor.

I highly recommend you test out the different products from different vendors and then decide which one fits best for you personally - my personal opinions and experiences with security products will differ from yours (especially with performance side of things).

If you are looking for a free security product, you may be interested in: Avast Free Antivirus. It includes real-time protection and web protection at the minimum.

Hopefully this helped a bit. ;)


@Infamous
Wow, that was possibly the most thorough, detailed and accurate response that I have received for a similar question. I wish I could repay the favor. If you ever have a question that I can answer, I will do my best.

The info about TAM in KIS/KTS is important. I wouldn't have known to use it on only a clean system. You could have saved me a lot of time. I agree about ESET, I am using it at the moment. Huracan(?) has a tutorial on how to optimize HIPS, I will tweak it when time allows.

From your post, and corresponding info I have read, Emsisoft has really improved over the past 2 or so years. I am grateful for the information.


Thank you again for your post. Best wishes and Happy Holidays!
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top