Burton Group's Enterprise Antivirus Selection Criteria

Enterprise AV selection considerations, according to Burton Group analyst Dan Blum.

By Mary Brandel

August 05, 2009 — CSO — Enterprise AV selection considerations, according to Burton Group analyst Dan Blum:

- Price. Inquire about annual subscription costs and additional charges for antispyware, cleaning, host intrusion protection system capabilities, etc. Ask whether suite pricing is flexible if you don't require every module.

- Scanning engine. Are there multiple agents for antivirus, antispyware, application control, etc.? If so, do they cause management or performance inefficiencies?

- Behavior-blocking functionality. Does the system monitor system calls to prevent vulnerability exploitation attempts?

- System firewall. Does it provide blacklists and whitelists for addresses and domains?

- Application control (whitelisting). Does it provide up-to-date and customizable whitelists and blacklists? A learning engine?

- Cleaning/remediation. Does it provide virus, spyware and difficult rootkit cleaning?

- Client updates. How large and frequent are signature and other updates? This can range from one per day to multiple updates per day.

Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.

Other stories by Mary Brandel

• Print

• How to Evaluate, Compare and Implement Enterprise Antivirus
• The Future of Antivirus
• Experts Only: Time to Ditch the Antivirus?