CSIA 301 Case Study #1


The main purpose of endpoint protection platform (EPP) is to secure any computer system or hardware from malicious attacks (Dalziel, 2015). EPP software aims to detect intrusions such as malware that may harm the integrity of the system. EPP software detects behavioral patterns in all types of malware (Dalziel, 2015). The key to successful detection is the ability of EPP software to deal with an average of 100 MB .dat files and thousands added each day to accurately capture a pattern (Dalziel, 2015). In recent years, most companies rely on EPPs to secure their computer systems. Generally, EPP comprises products, namely, anti-malware, anti-spyware, firewalls, intrusion prevention, port and device protection, full-disk and file encryption, endpoint data loss prevention, vulnerability assessment, application control, and mobile device management (Firstbrook, Girard, & MacDonald, 2013). How each is applied depends on the need of the users.

Most EPP companies today rely on classic signature-based attack detection or “compromise-first detection” because of the difficulty to differentiate between normal and attack modes, resulting in both high false positives and high false negatives (Dalziel, 2015, p.3). This situation occurs when EPP software is unable to distinguish between normal and attack traffic, resulting in the overlap of two distributions evaluated by the EPP software (Dalziel, 2015). This study selects and reviews the capabilities of ESET.

ESET Review

ESET is a Slovenian company founded 25 years ago to provide anti-virus (AV) solutions. The company has since expanded its product to include a comprehensive flagship enterprise product, ESET endpoint security, which integrates “anti-malware, antispam, HIPS, device control, Web content filtering and a personal firewall in a single-agent footprint” (Firstbrook, Girard, & MacDonald, 2013, p.7). The scanning engine of ESET is the core of its products. Although based on traditional AV system, ESET is constantly upgraded to address more recent threats (Debski, Malcho, & Stancik, n.d.).

The scanning engine detects possible malware and decides immediately on whether the malware is harmful. ESET employs smart algorithms and manually developed code to address performance lags as a result of deep code analysis using sandboxing technology. To improve performance, ESET now employs binary translation and interpreted emulate different components of computer hardware and software in a virtual environment. These components include memory, file system, operating system APIs, and the central processing unit (CPU) (Debski, Malcho, & Stancik, n.d.). To accurately detect malicious embedded components, ESET EPP analyses voluminous number of different files formats from executables, installers, scripts, archives, documents, to bytecodes (Debski, Malcho, & Stancik, n.d.). ESET technology offers network attack protection, reputation and cache, DNA signatures, exploit blocker, advanced memory scanner, cloud malware protection, and botnet protection (Debski, Malcho, & Stancik, n.d.).

Most reviewers gave positive feedback to the ESET EPP. Rubenking (2016) of PCMag Digital Group rated the performance of ESET in malicious URL blocking, anti-phishing, and firewall as successful in repulsing attacks in the system. URL blocking test showed that ESET blocked 84% of malware-hosting URLs, blocking half of those completely, while the other half was terminated during the downloading process. ESET also successfully repulsed fraudulent (phishing) websites, with its detection rates more superior than the built-in anti-phishing characteristics of Chrome, Firefox, and Internet Explorer. Finally, the ESET firewall component successfully protected the system against port scans and other web-based attacks. ESET firewall operates on automatic mode, allowing all outbound traffic and blocking all inbound traffic unauthorized by a firewall rule (Rubenking, 2016). Top10 Reviews (2016) likewise found positive feature of ESET like correctly identifying most known and new malware and scored perfect usability. ESET is noted as one of the most user-friendly internet security suites. The program is easy to navigate with keyboard shortcuts (Top10 Reviews, 2016). Meanwhile, Stephenson (2013) found ESET endpoint security features as comprehensive and easy to deploy on both client and server sides.

Despite its powerful features, ESET technologies need to improve on some aspects such as ESET lagged behind file-related tests compared with other security suites (Rubenking, 2016). Rubenking (2016) also found that “parental control is both limited and problematic, the firewall offers just the basics, and I ran into some serious trouble with the anti-theft component.” TopTen Reviews (2016) also has the same issues with respect to slowing down of the computer when ESET is installed. Meanwhile, Stephenson (2013) suggested that documentation and installation guides should be improved to include visuals, diagrams, and screenshots for easy comprehension.

How ESET EPP Could Secure Information and Integrity of the System

One of the main criteria in the selection of a security application or product is to ensure the system could mitigate the risks of compromising the information integrity as a result of unauthorized intrusion or security breach. The other is to establish trust in the “electronic processing, storage, and interactions” between organization members, among clients, business partners, suppliers, service organizations, and government (Bosworth, Kabay, & Whyne, 2014). Risks are quantifiable according to the type of adverse events that may occur. Risks could be mitigated by employing products that protect against unauthorized intrusion and compromise of information integrity (Bosworth, Kabay, & Whyne, 2014).

ESET EPP has the capability to address the needs of the company because of its comprehensive coverage from AV protection, data loss protection to firewall, intrusion detection and prevention. Moreover, the platform is easy to install, understand, and customizable according to the requirements of the client. The company need not spend too much to ensure information integrity because ESET is cheaper compared to other providers.


ESET EPP is easy to install and deploy particularly for people as busy as engineers who use their computers to execute their jobs. ESET also allows clients to determine which system or variants would suit their needs. The constant updating of malware and AV files without the need for additional action is ideal for the busy engineers. ESET employs the basic components necessary to protect the integrity of the file and data system of the company. The price of the product is reasonable, and the company could choose how many subscriptions they require or need to add in the future. The three most important features to consider in EPP are the provision of a comprehensive and accurate protection, usability, and costs.


Bosworth, S., Kabay, M.E., & Whyne, E. (eds) (2014). Computer Security Handbook, Set. John Wiley & Sons. Retrieved 29 October 2016 from https://books.google.com.ph/books?id=yKQ6AwAAQBAJ&pg=PT1804&dq=endpoint+protection+platform+evaluation+criteria&hl=en&sa=X&ved=0ahUKEwiZlvOAj4DQAhUGFJQKHfVhBxUQ6AEIOzAF#v=onepage&q=endpoint%20protection%20platform%20evaluation%20criteria&f=false

Dalziel, H. (2015). How to defeat advanced malware: new tools for protection and forensics. Waltham, MA: Elsevier Inc.

Debski, J., Malcho, J., & Stancik, P. (n.d.). ESET Technology: The multi-layered approach and its effectiveness. Retrieved 29 October 2016 from https://cdn5-prodint.esetstatic.com/ESET/INT/Docs/Others/Technology/ESET-Technology.pdf

Firstbrook, P., Girard, J., & MacDonald, N. (2013 Jan 2). Magic Quadrant for Endpoint Protection Platforms. [provide additional publication information].

Rubenking, N.J. (2016). ESET Smart Security 9. Retrieved 29 October 2016 from http://www.pcmag.com/article2/0,2817,2469978,00.asp

Stephenson, P. (2013). ESET Endpoint Security. Retrieved 29 October 2016 from http://www.scmagazine.com/eset-endpoint-security/review/3967/

TopTen Reviews. (2016). ESET Smart Security Review. Retrieved 29 October 2016 from http://www.toptenreviews.com/software/security/best-internet-security-suites-software/eset-smart-security-review/

Related Posts

Leave a comment

antivirus logo