Single Product Review - Bitdefender Security for Virtualized Environments - November 2012



Similar documents
GRAVITYZONE UNIFIED SECURITY MANAGEMENT. Use Cases for Beta Testers

Virtual Appliance Setup Guide

GRAVITYZONE HERE. Deployment Guide VLE Environment

IT Security Products for Business Users

Acronis Backup & Recovery 10 Advanced Server Virtual Edition. Quick Start Guide

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES

User Manual. User Manual Version

Intelligent Power Protector User manual extension for Microsoft Virtual architectures: Hyper-V 6.0 Manager Hyper-V Server (R1&R2)

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

GRAVITYZONE UNIFIED SECURITY MANAGEMENT

CLOUD SECURITY FOR ENDPOINTS POWERED BY GRAVITYZONE

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

Installation Notes for Outpost Network Security (ONS) version 3.2

Kaspersky Security Center Web-Console

RealPresence Platform Director

Attix5 Pro Server Edition

User Manual. User Manual for Version

avast! Small Office Administration Console Small Office Administration Console User Guide

BITDEFENDER ENDPOINT SECURITY TOOLS

Pharos Control User Guide

F-Secure Internet Gatekeeper Virtual Appliance

K7 Business Lite User Manual

ReadyNAS Setup Manual

How to Install Windows 7 software

5nine Security for Hyper-V Datacenter Edition. Version 3.0 Plugin for Microsoft System Center 2012 Virtual Machine Manager

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Kaspersky Security Center Web-Console

User's Manual. Intego VirusBarrier Server 2 / VirusBarrier Mail Gateway 2 User's Manual Page 1

Managing Documents in the Citrix XenApp Remote Desktop

SGI NAS. Quick Start Guide a

VMware/Hyper-V Backup Plug-in User Guide

escan Corporate Edition User Guide

READYNAS INSTANT STORAGE. Quick Installation Guide

Thirtyseven4 Endpoint Security (EPS) Upgrading Instructions

Sophos Anti-Virus for NetApp Storage Systems user guide. Product version: 3.0

Unitrends Virtual Backup Installation Guide Version 8.0

Sophos for Microsoft SharePoint startup guide

PHD Virtual Backup for Hyper-V

Attix5 Pro Server Edition

Veeam Backup Enterprise Manager. Version 7.0

In order to upload a VM you need to have a VM image in one of the following formats:

Citrix Lab Manager 3.6 SP 2 Quick Start Guide

Virtual Appliance Setup Guide

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

OneDrive for Business User Guide

GMS. 1 Create the virtual machine 2 Configure the virtual machine 3 Configure the virtual GMS server. Quick Start Guide. Microsoft Hyper-V Hypervisor

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

BITDEFENDER GRAVITYZONE

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Sophos Anti-Virus for NetApp Storage Systems startup guide

Sophos Endpoint Security and Control standalone startup guide

Data Center Connector for vsphere 3.0.0

Sophos Anti-Virus for Mac OS X network startup guide. For networked Macs running Mac OS X

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

SecuraLive ULTIMATE SECURITY

WatchGuard Dimension v1.1 Update 1 Release Notes

Thinspace deskcloud. Quick Start Guide

1. Installation Overview

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

AppLoader 7.7. Load Testing On Windows Azure

WatchGuard Training. Introduction to WatchGuard Dimension

McAfee Public Cloud Server Security Suite

BITDEFENDER SMALL OFFICE SECURITY

ESET SHARED LOCAL CACHE

Core Protection for Virtual Machines 1

Foglight. Foglight for Virtualization, Free Edition Installation and Configuration Guide

Getting Started with Symantec Endpoint Protection

Sophos Enterprise Console Help

Interworks. Interworks Cloud Platform Installation Guide

OneDrive for Business User Guide

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

Comodo Endpoint Security Manager SME Software Version 2.1

Citrix Access Gateway Plug-in for Windows User Guide

Endpoint Protection Administrator Guide

Airtel PC Secure Trouble Shooting Guide

OneDrive for Business User Guide

Installing and Configuring vcenter Support Assistant

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Installing and Configuring vcloud Connector

McAfee MOVE AntiVirus Multi-Platform 3.5.0

StrikeRisk v6.0 IEC/EN Risk Management Software Getting Started

Backup & Disaster Recovery Appliance User Guide

How to upgrade your clients from Endpoint Security to BEST

User's Manual. Intego Remote Management Console User's Manual Page 1

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

VPOP3 Your post office Getting Started Guide

Storage Sync for Hyper-V. Installation Guide for Microsoft Hyper-V

PowerPanel Business Edition Installation Guide

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

VMware vsphere 5 Quick Start Guide

MDM Mass Configuration Tool User s Manual

Installing and Using the vnios Trial

Using Cisco UC320W with Windows Small Business Server

vcenter Operations Manager for Horizon Supplement

VMware vcenter Operations Manager for Horizon Supplement

Transcription:

Single Product Review Bitdefender Security for Virtualized Environments Language: English November 2012 Last Revision: 1 st December 2012 Review commissioned by Bitdefender - 1 -

Bitdefender Security for Virtualized Environments Introduction Bitdefender make an extensive range of security products for home users, small businesses and enterprises. Their products cover Windows, Mac and Linux operating systems, as well as Android mobile phones. As its name suggests, Bitdefender Security for Virtualized Environments is designed for virtualised computer systems rather than traditional hardware computers. Two different versions are available to cover the different virtualisation platforms, which include Microsoft Hyper-V, Citrix XenServer, VMware vsphere, Red Hat Enterprise Virtualization, and Oracle VM. The architecture of the product is essentially the same for all versions, however. The VM protection software is deployed and managed using preconfigured Linux-based virtual machines (called Security Virtual Appliances) which run on the same physical host as the guest machines. The first VM is called the Security Virtual Appliance. This may be described as the functionality of the system, as it is responsible for scanning, updating and upgrading tasks. The second VM is known as the Security Console, and provides the management interface via a web-based console. The third component of the product is the Silent Agent, which is the endpoint protection software. For this review, we installed Bitdefender Security for Virtualized Environments on Microsoft Hyper-V, running on Windows Server 2008 R2. As an experiment, we installed the client software on a physical PC running 32-bit Windows 7 Professional, as well on virtual client computers. We found that the software functioned exactly the same on the physical computer as on a virtual machine running the same operating system. Software version reviewed Silent Agent by Bitdefender 1.2 Documentation Bitdefender provide two manuals applicable to systems running on Microsoft Hyper-V, namely a Quick Start Guide and an Admin Guide. There is also a Reporter s Guide. The Quick Start Guide is 13 pages long, and is essentially an introduction to the product, along with basic installation and deployment instructions. It describes the architecture and components of the software in simple terms, so that the administrator has an overview of how the product operates. There is also a detailed system requirements section, covering the (virtualised) hardware requirements needed to run the software, compatible virtualisation platforms, and supported guest operating systems. A section entitled Quick Deployment Guide provides basic instructions on how to set up the virtual appliances and deploy the endpoint protection software. We note that the pdf file contains hyperlinks that lead directly to the preconfigured virtual machines, enabling the administrator to download the correct packages in quite literally a couple of clicks: - 2 -

We found this to be innovative and extremely convenient. The Admin Guide is much more comprehensive at 86 pages. Like the Quick Start Guide, it covers the architecture and system requirements of the product. There is a more detailed description of the installation and deployment procedures, along with details of the management console, and extensive instructions for managing and monitoring. Both the Quick Start Guide and the Admin Guide have been produced to a very high standard. They are well written and have been logically organised into sections. Both have hyperlinked tables of contents, meaning the reader can click on an entry and be taken directly to the page. Likewise, both documents have been appropriately bookmarked, so that the headings of sections and subsections are displayed in Adobe Reader s bookmarks bar, and can be used to access the relevant section with a single click. Whilst there is a diagrammatic representation of the system architecture in both manuals, neither has any actual screenshots, which is our only (minor) criticism of the documentation. Although displaying pictures of a Linux terminal window would be pointless, we feel that a few appropriate screenshots of the management console and client software would be a useful addition. Installation and deployment To protect our Microsoft Hyper-V virtual network, we downloaded the appropriate versions of the Security Virtual Appliance and Security Console as complete, pre-configured virtual machines, using the hyperlinks in the Quick Start Guide. We followed the instructions in the Admin Guide, which were very clear and helpful. Each of the virtual appliances is then integrated into the virtualised system. They come as single zip files, which are unzipped to reveal a Virtual Machine folder and a Virtual Hard Disk (VHD) file, the standard components of a Hyper-V virtualised computer. We were able to import the virtual machines into the Hyper-V console quickly and easily. We then started both the new virtual machines, and very soon we had both virtual appliances up and running on our system. Both of these require network configuration, to assign a fixed IP address, along with appropriate subnet mask, default gateway and DNS server. This is done by typing appropriate commands in the Linux console. These are clearly described in the Admin Guide, and could be carried out easily even by an administrator with no previous experience of Linux. Similarly, there are straightforward instructions for logging on to the Security Console, changing the administrator password, and creating a Bitdefender account with an email address (used for notifications) and password. There are two methods of deploying the endpoint software on virtual machines. The first, Local Installation, involves clicking on a link in a web page or email to start the process. The administrator - 3 -

can log on to the VM and browse to the installation page of the web interface running on the security console, or send the link in an email to a user. This method has to be used for Linux systems. The second method, Remote Installation, requires the administrator to perform a Local Installation on one Windows client first. This enables the discovery of all the other Windows machines on the network, which are displayed on the Computers page of the console (please see screenshot in the following section). The administrator then selects all the computers to be installed (there is a select all button) and clicks Install Client on the Quick Tasks menu. There is no further action required, and the deployment of the client software to the virtual PCs is extremely quick. Client/server antivirus management interface Bitdefender SVE s management console is web based, and is accessed by simply typing the IP address of the Security Console VM into a web browser. Having logged in with the email address and password configured during the setup process, the administrator will see the default Dashboard view of the management console. This provides a graphical overview of the state of the computers on the network, in the form of six tiles in the main pane of the window. There is a pie chart entitled Network Status, which shows percentages of virtual computers that are unmanaged, protected, vulnerable and offline. Computer Malware Status also uses a pie chart, and displays the proportion of VMs that are malware-free, have resolved infections, or blocked malware. Bar charts show Top 10 Detected Malware (by name), Top 10 Most Infected Computers, and Computer Status. The latter shows the percentages of computers with antivirus installed, up to date, licenced, and online. Finally, a line graph displays Malware Activity, i.e. malware discoveries over time, and a notifications tile is minimised. - 4 -

Each of the tiles has a title bar with a refresh button, an options button, and a minimise button. The administrator can minimise, say, two of the tiles, showing the remaining four tiles, which expand to fill the available space. This makes it easy to emphasise the information the administrator deems most important. A menu bar running along the top of the console has the following items: Dashboard (default), Computers, Policies, Reports, Quarantine, Accounts, and Log. Computers show a list of computers on the network, which can be filtered to show e.g. only managed or unmanaged machines: Policies allow different configuration options to be defined and applied to individual computers or groups. Reports allow details status reports to be configured, whereby the computers/groups, time period and reporting criteria can all be specified. Quarantine is self-explanatory, while Accounts manages user accounts for the console. Log refers to activities carried out by specific user accounts, e.g. logging in and out, creating and deleting groups, installing or uninstalling computers, etc. There is a link to Help and Support in the top right-hand corner of the window. Client/server antivirus monitoring The status of real-time protection is shown in the Computer Status tile of the dashboard, as On (green) or Off (red). When we disabled the real-time protection on our client VMS, we noted that the program window of the client software showed almost immediately that this had happened. However, the Antivirus status shown in the Dashboard continued to show All Well (green), and it was some time before the status display updated to show that the RTP had been switched off. Bitdefender inform us that this is a known issue and that they are working on minimising the synchronisation time. There are no other components (such as firewall or antispam) in the software that could be monitored. The update status is shown as proportions of computers updated and not updated in the Dashboard view; the status of individual computers is shown in the computers view. In the event that all computers are up to date, this will be seen immediately from the dashboard, and the administrator will not need to investigate any further. - 5 -

We could not find any means of displaying the current program version of the endpoint protection software in the console, although this can be seen in the Help box of the endpoint software on each client. Client/server antivirus tasks Selecting a computer or multiple computers in the Computers view of the console allows endpoint software to be installed or uninstalled, or a full scan run, from the Quick Tasks menu. Real-time protection can be disabled by editing the policy applied to the computer(s), which is a quick and easy process. There are no other components of the software that could be disabled or uninstalled. We could not find any means of running an instant signature update, although the update interval can be set in the policy, the shortest being 1 hour. A full system scan can be run from the Computers page, by selecting the computer(s) desired and selecting Scan from the Quick Tasks menu. A custom scan can be run by editing the policy applied to the machine(s), and adding a custom scan task to be run at a specific day and time. We could not find any means of running a vulnerability scan or updating the program version. As the client software does not allow any configuration changes to be made locally, password protecting it is not necessary. Client/server antivirus software Bitdefender Silent Agent is, as its name suggests, effectively hidden after installation. On a Windows PC or server, there is no system tray icon or desktop shortcut from which to open the program interface, although a program folder with a program shortcut can be found in the All Programs section of the Windows Start Menu. Clicking on the Bitdefender Silent Agent link here opens the program window shown below: - 6 -

The interface displays information but does not allow any kind of action to be carried out, or any configuration changes to be made. The big green information strip at the top shows the current protection status, and notes the state of real-time protection and the time of the last update. If realtime protection is disabled, the green strip and circular symbol turn red, and the information text changes to Your system is not protected Antivirus shield is off. A table in the centre of the window displays details of malware found, and other system events such as updates. The help button in the bottom right-hand corner displays an information box with links to online help: We note that when the program window is opened from the Start Menu, a system tray icon appears. However, this disappears again once the current user has logged off. This Silent Mode can be switched off, displaying the GUI permanently. When we attempted to download the EICAR test file, the download was blocked silently without any sort of message, though this can be changed in the settings to show a warning. The information table in the program window gave details of the file and noted that it had been quarantined, however: Additionally, an email notification was sent to the registered address. The reaction to the discovery of local malware is identical. - 7 -

Summary We found Bitdefender Security for Virtualized Environments to be a simple but effective suite that provides easy-to-manage protection for virtual networks. Installation is straightforward for any administrator familiar with the virtualisation platform; despite being Linux-based, the suite does not require any knowledge or experience of Linux, as the documentation provides clear instructions that an experienced Windows administrator can easily follow. Essential monitoring and everyday tasks can easily be carried out using the web-based console, which can be accessed via a browser from any computer on the network. - 8 -

Copyright and Disclaimer This publication is Copyright 2012 by AV-Comparatives e.v.. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV- Comparatives e.v., prior to any publication. AV-Comparatives e.v. and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives e.v. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data. AV-Comparatives e.v. is a registered Austrian Non-Profit-Organization. For more information about AV-Comparatives and the testing methodologies, please visit our website. AV-Comparatives e.v. (November 2012) - 9 -

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information