Battle Stay with WD or switch to SEP (for tiny business)

Compare list
Symantec Endpoint Protection
Windows 10 Defender
In-depth Comparison







pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
Hi everyone,

I have my tiny (1-person) home-business on a PC running Windows Pro x64 with Windows Defender enabled using Configure_Defender's 'High' setting and I backup my system to an external drive every day using Macrium Reflect.

One of my customers (who works in IT) advises me to switch from Windows Defender to Symantec Endpoint Protection, claiming it is a far superior 'anti-threat' system. So I've come here to get opinions/suggestions from MT's security-savvy forum members. Should I switch?
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
Hi everyone,

I have my tiny (1-person) home-business on a PC running Windows Pro x64 with Windows Defender enabled using Configure_Defender's 'High' setting and I backup my system to an external drive every day using Macrium Reflect.

One of my customers (who works in IT) advises me to switch from Windows Defender to Symantec Endpoint Protection, claiming it is a far superior 'anti-threat' system. So I've come here to get opinions/suggestions from MT's security-savvy forum members. Should I switch?

Of course an IT "pro" would tell you to use an endpoint setup. Maybe some member here would as well. I can't say if you should switch but you are taking preventive measures with frequent backups, which is smart. You could change WD to Max settings ( but with WSC visible) and you could add Hard_Configurator to utilize Windows' built-in security. There are various H_C profiles which would give you implementation options. This may require a bit more technical knowledge on your part (you don't mention your skill level or other details of your biz) and depend on apps you use for your business, but it's not rocket science. I will say H_C can really lock down a system tight. Maybe @Andy Ful or others with more experience will reply with a take on your situation.
 
Last edited:

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
IMO the main benefit of SEP over your setup is application firewall and IPS/IDS.

application firewalling isn’t super important if you don’t run low reputation / untrusted apps.

IPS/IDS could be valuable if you don’t have a firewall gateway that has this functionality (like something with Snort or Cisco Talos rulesets). It automatically blacklists attempts to communicate with known botnets and it also can identify and block common network attack patterns.

Overall WD sets a high bar. SEPC isn’t super expensive but I also wouldn’t say SEP is the best AV by a landslide either.

I’d mildly vote in the WD direction.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Defender at high settings is far superior to SEP, if you use Microsoft Office and/or Adobe products.
Keep in mind that a very significant percentage of malware attacks on businesses are using MS Office or Adobe to get on your system.
Firewall is not a major concern in your setup (I assume that you are using a router, like most folks do).
 

pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
Judging from most, if not all of your responses, it seems that I should stay with WD (with perhaps additional 'hardening'). @oldschool, sorry that I failed to mention the apps I most use in conducting my business, but @shmu26 pretty much nailed it - i.e., MS Office, Adobe Lightroom, and Chrome for browsing the internet (mostly eBay and the like). Insofar as my skill level goes, I know my way around PCs, but I'm far from being considered a 'security wizard' (that's why I came here)!
 
Last edited:

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
Judging from most, if not all of your responses, it seems that I should stay with WD (with perhaps additional 'hardening'). @oldschool, sorry that I failed to mention the apps I most use in conducting my business, but @shmu26 pretty much nailed it - i.e., MS Office, Adobe Lightroom, and Chrome for browsing the internet (mostly eBay and the like). Insofar as my skill level goes, I know my way around PCs, but I'm far being a being 'security wizard' (that's why I came here)!

In which case WD @ Max settings should work fine for you, and applying hardening via Hard_Configurator will be easier than using Group Policy. You shouln't have any problems and you may always post here if you have any. (y)(y)
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
I just thought of another thing I should have revealed which might influence your advice(?). I conduct my home-business on a laptop that connects to the internet via WiFi (WPA2-PSK) - broadcast from router in our home.

That’s generally fine to do. The things to keep in mind with WPA2-PSK are:

(1) any device that connects to your network is saving a copy of your pass phrase. That means if any of them get compromised, it will allow an attacker to know how to join your network. One popular recent example was the Ring Doorbell. If an attacker steals your doorbell they can take it apart and recover your Wi-Fi password.
(2)Thanks to modern GPUs,brute forcing PSKs isn’t actually super hard. Takes on the order of a few days to do depending on how strong your password Is. It’s recommended to rotate often and use a strong PSK even though it’s a pain to type in.
(3) don’t enable 802.11r if your AP supports it. Enabling 802.11r results in being vulnerable to KRACK which basically can allow someone else on your network instantly.
 

pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
That’s generally fine to do. The things to keep in mind with WPA2-PSK are:

(1) any device that connects to your network is saving a copy of your pass phrase. That means if any of them get compromised, it will allow an attacker to know how to join your network. One popular recent example was the Ring Doorbell. If an attacker steals your doorbell they can take it apart and recover your Wi-Fi password...
Wow, that is enlightening and really 'hits home' - i.e., Ring Doorbell and guests (relatives) using my WiFi password!!! What can I do to be more secure in that regard?
 

notabot

Level 15
Verified
Oct 31, 2018
703
That’s generally fine to do. The things to keep in mind with WPA2-PSK are:

(1) any device that connects to your network is saving a copy of your pass phrase. That means if any of them get compromised, it will allow an attacker to know how to join your network. One popular recent example was the Ring Doorbell. If an attacker steals your doorbell they can take it apart and recover your Wi-Fi password.
(2)Thanks to modern GPUs,brute forcing PSKs isn’t actually super hard. Takes on the order of a few days to do depending on how strong your password Is. It’s recommended to rotate often and use a strong PSK even though it’s a pain to type in.
(3) don’t enable 802.11r if your AP supports it. Enabling 802.11r results in being vulnerable to KRACK which basically can allow someone else on your network instantly.

Why are PSK's easy to crack, do they use a compromised hashing algorithm ?
 
  • Like
Reactions: [correlate]

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
Why are PSK's easy to crack, do they use a compromised hashing algorithm ?
Assumptions made about the pass phrase -> AES key derivation function were flawed. Rather they were sensible 10 years ago but they did not predict how a single GPU today packs the computation power of a multimillion dollar mainframe back when WPA2 was being designed.
it’ll be better in WPA3. Until then, using one of those boxes with a stack of 1080Ti’s it is feasible to brute force 8 character pass phrases in something like less than a week. Make sure you’re on friendly terms with your neighbors!

EDIT: I think this is meant for a different thread.
 
Last edited:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
I guess stay with WD and like @Umbra says learn to use and setup GPO and co.
Another option could be Emsisoft Business Security. Great support and I heard good things about their Cloud Console.
 
Last edited:

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
@Umbra & @Gandalf_The_Grey: Please excuse my ignorance, what is GPO and co. ???
No worries. I'm no expert, but I believe it's mostly used in an organisation to setup and secure Windows:
You want all computers setup and secured the same (central) way.
For a home user it's easier to use Hard Configurator from @Andy Ful to secure Windows:
 

pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top