monkeylove

Level 5
If the ave. user of PCs in your household is a novice, i.e., won't check or know anything about what's in the system tray, does not know anything about making backups, doesn't know anything about addons in browsers, and so on, and will assume that you will maintain the systems, then you are probably better off using the best AVs and whatever backup and other software you can find for partial set-and-forget systems, especially if you don't want to spend more time repeating what you did for your PC for every other machine you're maintaining.
 
F

ForgottenSeer 823865

Kaspersky and many others like Emsisoft realized that sophisticated components are useless if the basic user can't even handle them...
And those components are more likely to be sources of wasted time and increased costs for companies because of the incessant support tickets and personnel required.

Home users advanced tools are destined to die, they can't afford regular incomes since only a niche of users can use them and most won't even pay for them.
 

cliffspab

Level 3
Yes, it is/was a great module but They always set it disabled by default, probably because not so used by users in general and also due to performance issues They are removing it...

What will differentiate the paid version from the free version?

Given the great results I see in test results from KSC Free and the ease of using WFC, there doesn't seem to be much left to justify paying for it.
 

cosmos

Level 1
Oh boy, don't know what/who to address/respond/ask first :D

@Gandalf_The_Grey @Robbie

Indeed, but these still require configuration. Either K or Bitdefender Free. It has one setting: Protection On/Off.

To the OP: I fail to see why using WD, installing ConfigureDefender with one simple setting > High, is not a set and forget solution for friends and family. Frankly speaking, even WD @ default is advised to noobs on TenForums, BleepingComputer, etc.*
The question is whether WD+configuredefender is better than Kaspersky free in terms of robustness/performance. Defender is heavy. Plus, suppose a WD update/upgrade on a remote system breaks whatever ConfigureDefender has installed, how can I reach the user then? Some answers below have posted excellent why-nots (IMHO).

*but of course not here on MT. We are all either hyper-vigilant or paranoids! :LOL:
Geeks! :D

It won't work. Just look at @Evjl's Rain 's results with it. Sorry, but any product that requires a user to respond to any notification is going to result in the wrong decisions being made across that user-group.
Exactly, users can not be trusted! They can't remember that Ctrl+c is copy for heaven's sake...

Just to make sure, have you tried Kaspersky Cloud Free not Kaspersky Free?[/quote[

It needs to be customized a bit and it is not exactly top-notch, but it should do, if you have fairly-safe users as you have mentioned.
First time I've heard about that, thanks! How do these two compare? (Decent) benchmarks and reviews?

Why did they decide to release yet another free product? Performance reasons?

EDIT: Actually they've replaced the free av product with the cloud one, What happened to Kaspersky Free antivirus ?

....
2. Kaspersky Cloud Free - do not install Password Manager, uninstall Kaspersky Secure Connection afterwards and disable Web-Protection
Always do the same (ie, uninstall the VPN and disable web protection).

Kaspersky web-protection can cause serious slow-downs and problems with certificates it replaces, see screenshot.
I've experienced this first hand, bad thing for stability. Good thing it was configurable. But I was under the impression this issue got solved.
 

imuade

Level 12
Verified
Again, criteria are rock-solid stability, excellent performance without sacrificing much on av detection, for users with fairly-safe habits and low-to-medium powered rigs.
You can try Forticlient.
V. 6.0 is free, quite light, great detection and top notch web protection.
You can save its configuration, deeply customize it (even with settings not available in the GUI) and then import it in any computer you installed it on
 
Last edited:

TairikuOkami

Level 29
Verified
Content Creator
V. 6.0 is free, quite light, great detection and top notch web protection.
I had no idea, that the free version is back, thanks. It is a great install & forget AV, not to mention an excellent web filter, both malware/porn wise.
It is only a signature based AV, but that makes it perfect for certain setups, no need to worry about false positives and it is as light as a feather.
 

Attachments

  • capture_02082020_151825.jpg
    capture_02082020_151825.jpg
    245.6 KB · Views: 71

cosmos

Level 1
It simply won't happen. ConfigureDefender is simply a GUI front-end for WD. It uses Powershell commands to enforce settings. th@Andy Ful is the master, and I'm quite certain he will back up this statement.
To my defense, not having English as the native tongue does not help :)

What I meant is that by setting up defender today, tuning some hidden options, might present issues after the system I've prepared leaves my work desk. After a year, defender might be updated/upgraded with new options/changed uses to current ones, or dropping stuff altogether. Notice how much it has changed over the last 4 years.

On the same system, a year or more from now, the tuned settings by ConfigureDefender might lose their merit or, worse, present incompatabilities. I understand that the author has thrown in a lot of personal work.

No disrespect here though, but personally I always avoid these hacks, especially when I'm not around to fix things up when they break. :)

@imuade: for some reason I had the worst opinion for the forticlient AVs (must say I did like their UTMs and transparent filtering bridges). Are the AVs that good and light?
 
The question is whether WD+configuredefender is better than Kaspersky free in terms of robustness/performance. Defender is heavy. Plus, suppose a WD update/upgrade on a remote system breaks whatever ConfigureDefender has installed, how can I reach the user then? Some answers below have posted excellent why-nots (IMHO).

Whether or not Defender will be "heavy" depends upon the system.

If you set Windows Defender via Configure Defender to "maximum" settings, then yes - it is going to block stuff that some users may want to use or do. Also, there will be a longer delay due to increasing the cloud query time.

Yes, you are correct, in a certain respect. There is no way to lock a user out of Configure Defender. So they can go in and make changes to the settings that you've enabled.

As far as disabling remote desktop or SSH, then no... Configure Defender shouldn't break any of that. However, there is a more serious question of how you are configuring their firewalls so that you can remote into them. Using a Private profile, for example, is a no-no. Plus keeping remote access enabled on their systems so you can administer them only exposes those systems to a higher probability of network attack. You just shouldn't do it. However, that's a debate you can have with someone else.

It simply won't happen. ConfigureDefender is simply a GUI front-end for WD. It uses Powershell commands to enforce settings. @Andy Ful is the master, and I'm quite certain he will back up this statement.

However, even @Andy Ful cannot guarantee that Microsoft will not come along and make some changes to Windows Defender or Windows Security and cause a breakage. Actually, you cannot make that guarantee for any security solution.
 
Last edited:

imuade

Level 12
Verified
@imuade: for some reason I had the worst opinion for the forticlient AVs (must say I did like their UTMs and transparent filtering bridges). Are the AVs that good and light?
V. 6 was a great step forward compared with V. 5.
You can have more details here Update - FortiClient 6.0.0 (Windows)
The web filtering is the best part, but the AV itself is not bad, they add signatures quite quickly and you can tune the heuristic to catch more malware (with possibly more false positives)
 

oldschool

Level 57
Verified
Actually, you cannot make that guarantee for any security solution.

Of course, it goes without saying. M$ can screw up anything with its updates, but ConfigureDefender will have no bearing on such an event one way or the other.
The bottom line is that the OP wants a set and forget solution, and WD is certainly one of them. ConfigureDefender on High is as well. Guaranteed!!!:LOL: Continuing this discussion is pointless and going off-topic.
 

Andy Ful

Level 65
Verified
Trusted
Content Creator
...
No disrespect here though, but personally I always avoid these hacks, especially when I'm not around to fix things up when they break. :)
...
ConfigureDefender does not use any hack. It uses the built-in Windows Policies and built-in PowerShell cmdlets - all made by Microsoft for Administrators. These features are the same as tweaking any AV via its GUI but in the case of WD, the GUI is a PowerShell console (or ConfigureDefender). If Microsoft will change something, then this will be mostly reflected in the PowerShell cmdlets. So, If you will run ConfigureDefender it will use the modified cmdlets without a problem. If you will configure the advanced settings in WD and after a year WD will change something, then these settings will be simply updated by WD, like any legal WD settings.

Of course, after some years there will be differences so ConfigureDefender has to be updated from time to time.
If it will be discontinued, then people should use it with caution (or skip it), just like any discontinued security application. I would not recommend using Kaspersky 2017 (without patches) on Windows 1909, and I would not recommend using ConfigureDefender from the year 2019 on Windows 2109.:)(y)
 
Last edited:

cosmos

Level 1
ConfigureDefender does not use any hack. It uses the built-in Windows Policies and built-in PowerShell cmdlets - all made by Microsoft for Administrators. These features are the same as tweaking any AV via its GUI but in the case of WD, the GUI is a PowerShell console (or ConfigureDefender). If Microsoft will change something, then this will be mostly reflected in the PowerShell cmdlets. So, If you will run ConfigureDefender it will use the modified cmdlets without a problem. If you will configure the advanced settings in WD and after a year WD will change something, then these settings will be simply updated by WD, like any legal WD settings.
@Andy Ful thanks for clarifying things, I understand now. You're not doing any hacks, you're tuning already openly-tunable settings.

I would not recommend using Kaspersky 2017 (without patches) on Windows 1909
What about Kaspersky free cloud on the same Windows?

...and I would not recommend using ConfigureDefender from the year 2019 on Windows 2109.:)(y)
LOL, with the average life expectancy, I guess this would be a non issue:

OT: I enjoyed the conversation in Malware Hub Report - Windows Defender - June 2019 Report :)
 
Of course, it goes without saying. M$ can screw up anything with its updates, but ConfigureDefender will have no bearing on such an event one way or the other.
The bottom line is that the OP wants a set and forget solution, and WD is certainly one of them. ConfigureDefender on High is as well. Guaranteed!!!:LOL: Continuing this discussion is pointless and going off-topic.

OP did not ask about Configure Defender breaking anything. OP asked if a Microsoft Windows Defender update would break whatever Configure Defender configures. Well it goes with common sense logic that if Microsoft changes something that Configure Defender configures, then that update can break what Configure Defender configures. Therefore, yes, it can happen. And this is pertinent to the discussion so, no, it isn't off topic.

Just answering the specific question that the OP asked. That's all.
 
Last edited: