Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    An Eye on Endpoint Protection Software

    By
    Cameron Sturdevant
    -
    May 23, 2007
    Share
    Facebook
    Twitter
    Linkedin

      eEye Digital Securitys Blink Professional 3.0 centralized endpoint protection software offers enterprises a broad palette of tools to defend their Windows-based client systems.

      Blink Professional 3.0 has come a long way since we reviewed its debut edition in 2004. In particular, were pleased with the anti-virus capabilities that eEye has built into the product, as well as with Blinks integration with eEyes REM event manager and central policy management component.

      Blink Professional 3.0 is priced at $59 per computer per year, compared to approximately $12 per system per year for Microsofts Forefront security tools. Blinks higher license costs, however, buy security functionality, compared to Microsofts more modestly appointed offering. Blinks included services range from system and application firewalls to anti-virus, anti-spyware, and anti-phishing safeguards, as well intrusion prevention, removable storage device controls and vulnerability scanning.

      /zimages/2/28571.gifClick here to read eWEEK Labs review of Microsofts Forefront Client Security.

      Whats more, our tests—which involved real viruses, Trojans, compromised screen savers and key logging malware supplied to us by client security provider Robot Genius—showed Blink Professional 3.0 to be quite effective at preventing malware from gaining a foothold on our systems. When we tried to copy infected files onto the Windows XP systems on which wed installed Blink Professional 3.0, we were duly warned that malware had been detected by the Blink client firewall. While we liked the Blink client, we suggest that IT managers plan on spending several weeks in pilot mode with the Blink client to work out potential kinks before deploying it.

      The eEye REM console starts at $4,995 for the first 500 nodes and $5 per additional protected system. eEye also offers Blink Enterprise Edition, which combines Blink Professional 3.0 and REM together for $65 per node. Volume pricing discounts are available.

      Blink in Action

      Blink Professional 3.0s modules performed well overall in our tests, but based on our testing, the strongest components in the Blink suite are its firewall, intrusion prevention and vulnerability assessment tools. We were also particularly impressed with Blinks anti-virus and anti-spyware heuristics tools, which are now integrated sandboxing technology from anti-virus vendor Norman Data Defense.

      /zimages/2/28571.gifEmerging players offer advances that stagnant anti-virus incumbents lack. Click here to read more.

      Blink Professional 3.0s firewall protection, which we tested in place of Windows built-in firewall, proved amply able to withstand attacks from infected systems on our test network. The Blink firewall starts in passive mode, in which it allows all requests for which it does not have a rule. The default configuration comes with seven of 15 built-in rules turned on. These include exceptions to allow such traffic as IP Security, ICMP (Internet Control Message Protocol) and TCP connections. Security managers should carefully review the default rules and spend time learning what applications users—especially those who travel outside the protected network perimeter—need and how the applications communicate. Adding and modifying rules was simple to do on the client or through eEyes REM console.

      /zimages/2/175708.jpg

      The vulnerability assessments that Blink Professional 3.0 prepared after scanning our systems were thorough and easy to understand. Vulnerability assessment on individual systems can be centralized in eEyes Retina system to provide an enterprise view of the vulnerability landscape—we did not test Retina for this review, however. The standalone vulnerability assessment reports that Blink created for our test systems provided us with a wealth of information that paired detailed descriptions of system vulnerabilities with links to outside sources such as CERT on how to remediate the weaknesses.

      The firewall and intrusion prevention modules are well developed, although they depend a great deal on rigid rules to provide system defense. The large rule collections included in the Blink Professional 3.0 should provide enough protection to keep road warriors up and running. Security mangers will need to run updates at least weekly to get new rules from eEye. The update process was simple to use and took less than 30 seconds to complete even for newly configured systems that were getting updated for the first time.

      /zimages/2/28571.gifKaspersky Anti-Virus 6.0 is a robust AV tool. Read eWEEK Labs review here.

      We could collect and analyze information about vulnerabilities, malware and firewall use through the REM Events Management console. REM data, which we collected from our Blink-equipped clients, can also be combined with Retina vulnerability assessment information to create reports that show which clients are most vulnerable to attack. Security managers also can have this vulnerability information integrated with most network management framework products including CAs Unicenter, Hewlett-Packards OpenView and IBMs Tivoli systems.

      The weakest links we found were in the system protection and identity theft modules. In both cases, the modules looked like they were off to promising starts but fell short of the polish we expect from a finished product. In particular, IT managers will need to devote significant resources to rounding out the puny collection of rules we found when we installed the Blink client.

      /zimages/2/175621.jpg

      System protection is equipped with just three rules, two dealing with Microsofts Internet Explorer and one with Visual Studio 2005. This module also controls execution protection, which shipped empty of default rules. The most useful component of system protection is the registry protection module, which worked well for us at tracking changes to the Windows registry.

      The identity theft module is composed of anti-phishing rules that monitor Web pages for a variety of problems with links and IE exploits. The module would better serve users if it were renamed the Web site checking tool. eEye should consider adding some rudimentary outbound checks to see if data matches simple identifiers such as Social Security Number and other user credentials to bring the identity theft module up to snuff.

      Technical Director Cameron Sturdevant can be reached at cameron_sturdevant@ziffdavis.com.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Cameron Sturdevant
      Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×