IT Infrastructure - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  IT Infrastructure


REVIEW: Panda Managed Office Protection Service Reduces Endpoint Security Costs



 By: Matthew Sarrel
2009-09-23
Article Rating:starstarstarstarstar / 5


There are 0 user comments on this IT Infrastructure story.


Rate This Article:
Poor Best
The Panda MOP SAAS server and workstation anti-malware solution allows systems to be managed and protected from a central location, regardless of whether they are inside or outside the company network. This saves on the upfront cost of buying and installing a central management server and the ongoing cost of maintaining that server. Panda MOP also leverages true cloud-based functionality for analysis of suspicious files. In tests, malware detection worked well, at least when it came to viruses and Trojans.

If you take security seriously, then you already know that every endpoint on (or off) your network needs to be running some kind of protection. Endpoint protection typically consists of at least anti-malware, (HIPS) host-based intrusion prevention and a software firewall--all managed and deployed by a dedicated management server.

The overhead of installing and managing a central command and control server can be a burden depending on the size of the company and available resources. Many companies--particularly small to midsize companies--frequently find themselves trapped in the difficult position of needing a centrally managed solution without having the resources to install, configure, deploy and manage one.

Enter Panda MOP (Managed Office Protection).  This SAAS (software as a service) server and workstation anti-malware solution allows systems to be managed and protected from a central location, regardless of whether they are inside or outside the company network. 

Check out eWEEK Labs' gallery of Panda Managed Office Protection here.

This saves on the upfront cost of buying and installing a central management server and the ongoing cost of maintaining that server.  Administrators can log into the Web-based management console from anywhere to deploy software agents, trigger anti-malware scans and push policy to clients.

Panda MOP is a bit different from other SAAS offerings in that it also leverages true cloud-based functionality for analysis of suspicious files. Pandas Collective Intelligence system, available in all Panda products, stores the vast majority of signatures in the cloud while deploying only the signatures of malware the client is likely to encounter to the client itself.

Resource Library:

Each client also reports malware prevalence back into the Collective Intelligence system. The client software provides definition- and heuristic-based protection for files, e-mail, HTTP/FTP downloads and instant messaging; a software firewall; and a HIPS.

Panda MOP, which costs $35 per seat per year, is not truly competitive with Symantecs, Trend Micros or McAffees business-focused endpoint protection products. On the bright side, it has a light footprint and is very easy to deploy and manage. 

To the Test

I tested Panda MOP on three Windows XP Pro workstations and on one Windows Server 2003 Enterprise Edition system running in virtual machines on VMware Workstation 6.5 for Windows Vista.

Installation and configuration were as easy as they should be with an endpoint security solution in the SAAS model. I browsed to the secure Website management portal and created protection profiles for groups and users.  MOP can be deployed either by sending users a link to the install package or by downloading the distribution tool, building your own packages and deploying them however you want.  Both ways worked in my tests, and with each the install package was pretty small--roughly 5MB.

The client application itself runs quietly on the system tray. Users can click the panda bear icon and choose to run a quick scan, a full scan, an e-mail scan; view firewall status; update the software/definitions; or view help.  Users have no additional control over the app--it is all managed from the management portal.

For the most part, I had few problems with the actual client software--the most serious being that it occasionally failed to update on its own and required me to force an update.  Updates are supposed to be a strong point of MOP: Workstations can be configured to update definitions through a peer-to-peer connection to another workstation on the same network or go out and get the update directly from Panda over the Internet. 

In my testing, this flexibility saved significant bandwidth and decreased the amount of time the workstation was involved in updating. I was easily able to configure update frequency and rules through the management console. 

The management interface is simple and straightforward, and can be found at https://managedprotection.pandasecurity.com. The home page shows licensing information and a status graph that lists detections and their sources. MOP has the ability to create multiple administrators (called users) with different privileges within the management console.

Additional reporting is available but not terribly informative beyond reporting protection status and detection activity in a few customizable graphs or pie charts. This is one of the places where Panda MOP simply doesnt compete with a more extensive centrally managed enterprise endpoint security solution. Overall reporting lacks depth, although the executive report shows some good, high-level info that can be read at a glance.

From the Computers tab, I could list all the endpoints under management in a single list by groups, or I could search by name. Its really easy to see which computers have protection turned on and signatures updated, and, by mousing over a computer name, I could obtain complete network information.

Clicking the Computer name opens a page entitled computer details that is, in fact, a bit light on details. It merely informed me which types of protection were enabled on that computer without offering anything more granular, configurable or informative. The only other option on this tab is to add a computer to the blacklist--meaning that it will not have MOP installed on it and will not appear in the management console. 

During tests. I downloaded and attempted to install a test set of keyloggers, rogue applications, adware and spyware, Trojan horses and viruses. MOP did best with viruses (it blocked eight of eight) and Trojan horses (it blocked two or two).

Performance was less stellar with keyloggers and adware. No keylogger was blocked or detected, and two of the two adware programs were downloaded, installed and run. (Surprisingly, InstantGet was not detected by MOP but blocked by IE 8.)

I then scanned the endpoint and found one of the keyloggers, but had not been removed. I was disappointed that the infections were not reported via the Management Console in real time, although real-time alerts are possible via e-mail (configured through protection profiles and warnings). 

Matthew D. Sarrel is executive director of Sarrel Group, an IT test lab, editorial services and consulting company in New York.





  Reader Comments: REVIEW: Panda Managed Office Protection Service Reduces Endpoint Security Costs
>>> Be the FIRST to comment on this article!
 

 
 
>>> More IT Infrastructure Articles          >>> More By Matthew Sarrel
 


x}is㶲*Qމg5E=RJؖgRJEĘ"uHKΟ_n?~M %yL'cKX@h4{$sW7-gL.\snS?úO Y'w>{ &(ˑԫ1m3HnwݶN=gP'^> \?g3;Y| tjOt0.Pk< Z535ԗoˏ~e0.ڎIQ6*֠Oմ<ڴ$1qHÑh] !QQږyD6GH;"C7ܩHr6CRTRX^P~FD;玗5~r #k||=x:a/M˟!ڮq 8]b'(#O^2lְB1BE/t#wJ;v9"QcO$աUqLJ^tf>D>8z v v=rJ53ҧ =K;O=k\w=jP?b@2hưaIpl2XpaRbښgO?-I :]dU~ƷP7nǞ;wC27 -wQKvTmCO|lMݟP>I uaGGPu3osX 2n dþ=RUP)kJv,-t}r.e,oӟozïsj.z `|`h-vu]+h5u=;yظ} Vb}" @D%\.I"0i5&tt:~Hs|T㍒~7jJV4E; KHR ӘgS$!hI#F/XTU!wlji_Wם^'gם)7bٚXC ji@e$X],Eisiڟ:'gw:Rڟ+H/*}m pOy5H0|`kh2`cRZIjg$Zݓ6Py$Y)r"/ !}Ow| nr2GrI/]o,beQ 5f`XӀ7? eR2|&r, ߱n\S'G`h__ѬZxkaT[PĿ E/$Li&ͭzp-Alo K,ru&S{~$M ]5Ŧ]`)exFS$%/\P%P샖_΢[2jFt*軤(If0;A05և$RCGstDAG6V^zK tcb>'ݨä w(=ss/>05jIA :]TR}>t9qPhQP<szY@[S衟%j{7t( u4/f{@`^@8ppYY?90@]ubsBݷ|{tև *QsnPBfԁ!~9.Wb&A/tKtVL"Hgˣ7dJ Ւd6\{8`ȢuDjrA5 Kۊ7q}4EiZ\-ssV84@ r; p璉IN*V*SSĝzP\"қy}@n&zg@>83ӣ)!c$(̕>A XXfThjUV, -"|7@( ˖X ㌡ҵ3Kw7MeﴽJM.jFh>n G[a@r0ဉNgT3aAKY6 }~\>tļZB_`՚o&rI)j$`/#[ݵ A ;rm۽ s~, bj\X<~ɯ©5j6|*j0FBċW(l^p~N4;M80G(cpHl`_\<ׇ> B LΧRE\A v1v1UEP=) ]締u$vT<)G̟ sWyGY?O=y:T+BZmFVVR娨V*\JwQ)40ȁ;\dM??5YoN?+vo̮;KGf~gVl^LavQ#O%O,p2HU[C}`/cԧ8PȺ]0UESUG;[+؝?FM6B4!$Ծ X x@7*(SӞͥ5Z,YvB)e'-_k9oD`9^R˶(SL @(8@u<|[\Y3 Q|l8`Ĕ)ԨuUԪ}Ve7gh"RjF&:(FdH4Ɉ+PSZLk*kqv #ָY[љ#Wh xQ IRdKEdYJC<ϤU͋R|5y->p)7lj%[zFXnsU-ylFS -JTȍ#}<9v܄yeCmbyԽ@?}誦C}A2YSYpg#H隱JuuTi\RT5kݿx Wne=3cݸ/"w>sԳиdNsl }vrf@D|(8 B^.K*^ira;9^o@Hus1 \G=`m ~/I6+ZRRhU@V 3ˁ; _.lLg4>ʀkG2gdQHVz 4w2<]c>q/c~h)T"l߸X,W̑^`3Z>2>lz tq6tFU4*H!IuO( Eōj4 Jx7 \v[-ֶ&svaFpa?ͥg7g{X> Bj5) t%hrGSYq {_/C/$h@^1NeAglJw޼\8XfRqm'YZ&Up_43Mb> >0Tlʪ;> 2*ijAR“s{@:,pz]Fߋ eRTR33յޛY G,<|mAUR'|(VVJr=ȅe0FPR,W1<ʼ'r]N6._-JV(PX*O$d%,r>ǷmH75aShp^?KHHD>D^kF{ynxB gz Dssb^f>A*o[/Ix6]S0:_ ݘ3ax e#$hQ²}wiIAcԧ˾tڼ>A&;~x;C:,Gy֏" aKKxVqïR吔lZ>~lI6tȾYM $ȅ XCfOճ"ju.K׼mv> 72CH4rE}R|I{޽y-%{wD's5BAHCzW!zNnfS L k;d8)0'hdjm\8$Ø/=P‴5!/{j_sbAkNZ _k5Wy.'7,e8Z;ᄝW_a[,$"0!tWtz}}E9l{B*Λi9D[ `E/ԩ #ADrIGzRFV{D$0^ί[L㷜oWȘIGD_q+5kNz4\1[5n|"B2^&V8;=h1ޏHE/Cq]Rqn} zsH&iR'PE3pq*h wl)~ڲ/܁Y(^H#۽? {v@Iup=LFP'i&.Z7t[b)3-ȔbJ49syH3%dBE[=IҲYGƐ&P, tf|ʊ5R!I=YUr{ҀĴ&{6wg^%;HÛ ̏mI+Q$/EiA0;'p!,GH)fH'zBˆ,,ZeUVH;u,t: ȓ :#7^vʌW!aZv ,Ff͗w3ld{Rеltd@T7&MxXG9Ϟ16q=IАYc=p>}ℜo;z6bO0>oV8i?{޽s±"CWq:-`)5$XH!Hn e_."2gNIJn/4_Lف~d< ,f} x34To4iAh3O7nC\`l_#(v@k~=ϸ2]a Yj}D.]9n㚨p;D98y^Y8Z䑼DqD%t`o 14m*z3=}z9[vÏ5"<,5ȥ.<?v79wFf#AVާA3m` ܭ@wdF6{pH=ސd|,̺Z,| (a?uRgk^'x6o}7mS {@Ěmǜ5ƋzE {c7shY&Iz7?0mF8N$~zIp^_T 2 - a!k}9@,.O帛 p fw2dg@“\j )m9 ۏ6ru3ƹ ? )YuYa)gw[& M\`]*nQg3:v8k:&*vwŎZ 7c}V dAE/AOq wu򬖇eVx %x/ KP%w/DS >TlQ-о  )ɿ[w<C˺M``ag8X( r0I\TRbµb7_z  ?7Q s͛_?wKyf=P s><p:`ptZL%RDľdůV#}LxV !' ˜` NBEFjQ'|=5ܑ^S DjT*j& y H_8!ac[H^trYc[(R)U(1xrW9B7ޠ[T$6y'0W.#.c."GIePъ G\b_7m5y]kJ\IS%ӉK8|XCzv-p= :YE= y,] Z%pC*jZ.Չp#p 0`ACm=M~UB l12;Jjy[)<MAz/]ZtK0NaKrMQ[N0$8H@~uTDnlY5)Rkܲs|!4SD 3T /K!t;j3Xijƚ`nt?a`< _H T4Xqw~a,EQ& gPňA[݇HK#ד8aRMS3(Rh" /xJ~~DZx Qhj<kpH,ё3vH'I V}A9J?"8' WADA8-GخK,4k̠Ơ,w#llll=leX1b݋ЛlyKfpKMH{MrEvGwaG|C$D @$ "!r~u{c}UUЕ\۟3*oIs/fFN*qp&FǗ=tM.4/!5l Q15O8|ab _ Hk-@h=sBmT+>=لՇuI]y'!g`uc[RB)ޣԝRotyhW|9YtgEG x@p﫧hrƓnIY/fn7dUղ|[=~Oqb9sf>f>f>g>-TKm>V&vw7acT::ECd<<[X8{eRU%V$ˎz|s#bxe^FiX.zPkGâX;ܸ! +&Qę}xán_cC/nrrx12Nu7- cvh8-\s[\f=n1jTj6]1ULq֎.O=Τ&k˿kӇ@ ! =)ۏ=cml[r( b^Ϻ4'ߍ=nX> cK% j_g^} /Xe{5u`tS^5!_F?Wo͓iy_Ąknj–Z3h~wdTf4${{m+hG `|F0-c l F(pW=|L +eƑ=:uR贷Y,+eײ;1}Pel؆_?NZTce։5V(~]2\",NkVH03ca`DK5z/B|pL`I|`u1 _-p\|@V_J+^_VűG}s˼nM^,Nܓ˲atPh-r=-Dw߁\<=G!ko#§S\v !>BjwT60J8{7I?ځrU|So|Պ[Niҡ-xJ> I7!W|^ci^Oq\dEw'y{Dd_ g=Mრ)*a ?D~ Lum|{!p#(iLzS^z1lsq̩Tl/ZNHWHkcΩᓩZE9 ; G ]J1xy[O֘0qh)B EٚA5B=\U BI?{ZJ>??|VSL+Bk&p]+`B;7YV]^q=o7/ݝAVnVt&BC[wnW##.Pƨ pBKc!ey;=F4ئƗZiX瓔KpʭGm4{ך`7*emy=0/]YjJEUP=j=n,v >;J5r]Xc<03P=ӂ"QGl;F^*iBy[G~[5>8[S~ǵxxX B{ɯ'B"`ƶC0经UztWc|Bҵτ8%pxп{wn/1~ۊ+kѱF=Νr2iѩ H Wkm3R)59?S\mD ΝNasđۋuNhOvS.^ahKZI<+. IL &N&Gr;c7ɱ\~ 723?b)o:,=W0ra`zC B o@u1Q]3ZNph״5B;Y]L_!Ƙ`Y Ljxb*1bVզɝ$`zgXٿG!VU%ruZߕ߉6ϴYt;Њl>coIׄQT1 :{ᛂrPZ-"G/tX3+b=#-Ѩ#>7>xI2I= o~y@ǜ2 8rIe+փފ> 2A@:-u@7x"vAf.B0 .!vCsN.7v߾ CУ;Gym!|yh;Q? 8CA_Z~OHʊ\|lٻ wCy¶2&. V.d>rK? |9[CG)WTbʑ Z֨o>\_RFe1 `8*pejT KXL 2@k8{ߟ{=n%[քᑰ5"t⷏> +?,P Y Gώ3sȣ4ϓ/}.T (ZP,%·AS,V2A!kC1P/MJ>+xs;-̔4̃2uEܹ]ez?> 4鐚xdj,ywF7C'[E9Ylb{,gN~\@qǹԔ0މ(V$!Ѕ8i,)@"!9͉kk]a_?X/#~|aЇ9\ 3+z+U”P*:P |+V0cU-%+_coS|NwV7Xz+i+ 9Iˑ*w4 :>'s;1h^]&k$6}<\w%9nwooė;u|ҽ|ڹl_]w.ƩJ·_s}ePz uӲr :J:ٝE֌fySM-G}*5=V0<"(:hOv{It/۹FRZl<#ȿ'MfF~H-A'O?y!NqYiVF>?t.3z!sVE\/2/~/2{"c@yyAȣ2 ,# ȿȇ̘K ̘..ȟn|fȗ+ W~3eeϠ/@_3ʇ}'ߧ @MV>M@7d_ru|ּ)qF~)8ΠREV SV>l.O3k! g  z-6*Bό ~/>{'sg+IWKM0TtEų[T쵊cn%m:vB__|#ه^V՟0`}p Ҿl,љO>AݷD@N$p g;6RK$A^̓>(Bcعkjz,t5ROÅzm ?#u͇RiErT)玾ߓNIp@S1<ˈɪ"+Uw9 ط]D,+ QPB48ۈW)17tSsFGtu],, eaSKp^'WvŐb0~'P`K֞.:^͇,'r"X?ǘid] 4V{A [dתeP:G'Ss# фwYBDӼhУn{wıPrP &a NW_dK$pgB-jы!Pe˺ a-xP-+&lybobbrށ:9g%ǚl~5KFsг055]^H~Kܻ-#8]xm8~'gK0qFp77ЉVݍΊ7ȚlS2fLd@>6bRFՏb֠}Q^I,Hm7cB֯aXkt`aƧ+FbN˩r >2 ->z?^.tͅc[ 7tgG=םېŚAĕ]ݍ:Sj@@rvそunY>{ʏ1{vK:^BƗN/fuN"B0@OfgP厧0MD+fAl!|n9hw=O,|Ͷb.,)Z$Jxmg-CcSΔ<|(.q5kEEבE$&NhӂZ{JfAZx}MWZ"}+,RDvZ+F2}juP#vHϵ=8S >1N@>FыpO`wBfϑt!MaMfY{6\$%4-ϫ1E%[%%i;j3 类$֭0\"gz\;n 3&R,HI`BOq/ChyazR 9"Pag2D~{J=&*P=eZO:] n,/gIkF}k[V`ل]K8F>Z /&M$|CbF8]x "!_R ani.yNB`N:]v0N9DEPީ!/;v2 SL+4%(O?5'knxK"OC34a)Fyc< 9Z@n06H 'w}p{c*2*DnOv˷Dg귾6YB6p8@!(DP=u6(NA")1 PM֧2R8WD )Ybd횙69qgSq@Evg˫Pvx Vs6Na]|ۺ+Aў(Xnw|h[d%+GM`Wpۂ{ʐXhWeR@V)tnO˞݋ANx3AEK,^rEXٻ"8N]=PŃ $Oc-ҭ8?P0h_~&?{c]'nJQXƺi#uTmveщ&߉o^3Q`W_O)xH>%B6Qrytʵ-IErY)ZONvLʙkSּE5|ylR$ܨCFi|Ѓ!gn耵gkΣw' SƅW5dPOYTc.GfT{ LW{څ$hxb < nBh1  b'kIɷ#39=E [}ɦnԌnB bv| L$8 33o|'/|A,T/$ ow2b%9#3N9~p @0X+9 ^y{M`.˾tڼ>.L@+`7›gGq^vXQ"r;Vju.' ;={`o7sg