Battle Stay with WD or switch to SEP (for tiny business)

Compare list
Symantec Endpoint Protection
Windows 10 Defender
In-depth Comparison







pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
Hi everyone,

I have my tiny (1-person) home-business on a PC running Windows Pro x64 with Windows Defender enabled using Configure_Defender's 'High' setting and I backup my system to an external drive every day using Macrium Reflect.

One of my customers (who works in IT) advises me to switch from Windows Defender to Symantec Endpoint Protection, claiming it is a far superior 'anti-threat' system. So I've come here to get opinions/suggestions from MT's security-savvy forum members. Should I switch?
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
I just downloaded Hard_Configurator. Should I discontinue use of ConfigureDefender or do they work well together?
They work (very well) together. Configure Defender is also a separate module installed with Hard Configurator:

Hard_Configurator01.png
There is a lot of information and great help available in this thread:
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
There is also this thread Q&A - ConfigureDefender utility for Windows 10

Re: H_C - You may begin by loading H_C Recommended profile and see how that works for you. Please become familiar with the GUI, help files and user guide, but don't bother with the section Software Restriction Policies. Post any questions in pertinent thread.
 

Dave Russo

Level 21
Verified
Top Poster
Well-known
May 26, 2014
1,041
Hi everyone,

I have my tiny (1-person) home-business on a PC running Windows Pro x64 with Windows Defender enabled using Configure_Defender's 'High' setting and I backup my system to an external drive every day using Macrium Reflect.

One of my customers (who works in IT) advises me to switch from Windows Defender to Symantec Endpoint Protection, claiming it is a far superior 'anti-threat' system. So I've come here to get opinions/suggestions from MT's security-savvy forum members. Should I switch?
I am also using Symantec Endpoint Protection,with SecureAplus{registered as anti-virus clicked off to allow it to work with other anti-virus programs}What I would like to know is if you have tweaked settings ? Firewall traffic settings,has option to 1.Block all traffic until firewall starts and after firewall stops 2.Enable Net Bios protection 3 Allow token ring traffic 4 Enable denial of service detection, None of these are on my default settings and would appreciate any advice you or others might have about this. Thanks for your post
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
Wow, that is enlightening and really 'hits home' - i.e., Ring Doorbell and guests (relatives) using my WiFi password!!! What can I do to be more secure in that regard?
Oops I missed this! Some things you can do:

(1) move untrusted “internet of things” devices onto the guest network, away from anything you trust. Ring Doorbells, smart plugs, even smart TVs — its only a matter of time before smart TV’s go from just spying on your network for advertising to getting compromised and cryptolocking your NAS.
(2) Some neat enterprise access points support “DPSK”, which basically looks like a normal PSK network but the network accepts multiple passwords. By giving each client their own PSK you can track what key users are using to get on your network and revoke any necessary keys.
(3) most importantly keep an eye on your network for guests you don’t recognize. Some firewalls like ESET seem to have this function. The Fing app (for iOS or Android, the Android one is more powerful) is another good way to inventory your network. Your router might have some helpful features too.
 

pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
I am also using Symantec Endpoint Protection,with SecureAplus{registered as anti-virus clicked off to allow it to work with other anti-virus programs}What I would like to know is if you have tweaked settings ? Firewall traffic settings,has option to 1.Block all traffic until firewall starts and after firewall stops 2.Enable Net Bios protection 3 Allow token ring traffic 4 Enable denial of service detection, None of these are on my default settings and would appreciate any advice you or others might have about this. Thanks for your post
I believe you misunderstood my OP. I'm using WD, not SEP. I came here to find out if switching from WD to SEP was in my best interests (and the answer was a resounding 'No').
 

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
I believe you misunderstood my OP. I'm using WD, not SEP. I came here to find out if switching from WD to SEP was in my best interests (and the answer was a resounding 'No').
If you do choose to look into SEP, I would suggest looking at SEPC (the cloud variant). Same protection technology but the licensing fee is less confusing and more palatable.
 

pvsurfer

Level 1
Thread author
Verified
Oct 20, 2019
32
If you do choose to look into SEP, I would suggest looking at SEPC (the cloud variant). Same protection technology but the licensing fee is less confusing and more palatable.
That's no longer under consideration. ;)

@pvsurfer If you have Windows 10 pro or enterprise, I highly suggest you to use GPO to lock your employees machines, you can setup a common tight policy.
If not H_C is your best friend.
Understood, and I'll rely on H_C with C_D. ;)
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
and Chrome for browsing the internet
Good choice.
But no matter what browser you use, you still need to be careful that your credit card and/or passwords won't get skimmed, due to the website itself being compromised. If the website itself is compromised, your browser can't protect you once you type sensitive info into a web page. Just sayin'. This is really a different topic, and there are threads about it.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
@pvsurfer best and easiest way to improve security would be to follow @Umbra advice to learn to use Software Restriction Policy or use Hard_configurator to use SRP with a default settings.

As an intermediate (or first) step you could use H_C with Windows_Security profile, according to developer of H_C

AndyFul said:
ConfigureDefender MAX Profile is extremely good for detecting/blocking EXE samples and can be used safely with the H_C profile: Windows_10_MT_Windows_Security_hardening.

This setup uses Windows Defender to block unknown programs (exe's with poor reputation) and Software Restriction Policies to block file formats with code (e.g. scripts). So you leave the block/allow decisions over to Microsoft.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
This setup uses Windows Defender to block unknown programs (exe's with poor reputation) and Software Restriction Policies to block file formats with code (e.g. scripts). So you leave the block/allow decisions over to Microsoft.
Yes, this is the most important part which could be done also with WD (MAX) + SysHardener (tweaked) + RunBySmartScreen.:giggle:
H_C can extend this protection via SRP to many other unsafe file types and prevent command-line access (blocking shortcuts, etc.). Furthermore, SRP allows whitelisting which is more suitable for semi-advanced users (but not for average users).
 

blackice

Level 38
Verified
Top Poster
Well-known
Apr 1, 2019
2,731
Nope, if the site is compromised, Netcraft or BDTL will do nothing. They detect fraudulent/malicious sites, not legit one being compromised. They don't check the code, they just are blacklister.
This is the truth. The nice thing about credit cards, at least in the US, is you aren’t liable for fraudulent charges as long as you address them in a timely fashion. So, your best defense is stick to trusted sites, and check your transactions a few times a month.
 

notabot

Level 15
Verified
Oct 31, 2018
703
That’s generally fine to do. The things to keep in mind with WPA2-PSK are:

(1) any device that connects to your network is saving a copy of your pass phrase. That means if any of them get compromised, it will allow an attacker to know how to join your network. One popular recent example was the Ring Doorbell. If an attacker steals your doorbell they can take it apart and recover your Wi-Fi password.
(2)Thanks to modern GPUs,brute forcing PSKs isn’t actually super hard. Takes on the order of a few days to do depending on how strong your password Is. It’s recommended to rotate often and use a strong PSK even though it’s a pain to type in.
(3) don’t enable 802.11r if your AP supports it. Enabling 802.11r results in being vulnerable to KRACK which basically can allow someone else on your network instantly.

Isn't 802.11r needed to create a wifi mesh (needed in order to have seamless hoping from wireless endpoint to a different endpoint) ? Does KRACK also work with 802.11k ?
 
Last edited:
  • Like
Reactions: [correlate]

MacDefender

Level 16
Verified
Top Poster
Oct 13, 2019
779
Isn't 802.11r needed to create a wifi mesh (needed in order to have seamless hoping from wireless endpoint to a different endpoint) ? Does KRACK also work with 802.11k ?
Not at all. 802.11r is not required for fast enough (4 packets dropped) BSS switching. 802.11k is separate and it is more useful for mesh networking since it allows APs to report to clients what other APs are nearby. Otherwise it takes about a second for your client to scan for nearby APs.

There's no such thing as truly seamless roaming with wifi anyway because clients can only talk and listen on a single channel at a time. At some point it needs to make the decision it wants to move APs and at that point it will stop listening to the old access point.
 
  • Like
Reactions: notabot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top