G Data Software EndpointProtection Business review

Protection can start straight away as all new clients are placed in a root group with a default policy to determine what each component will do. This can be fine-tuned by creating new groups with their own security policy and moving selected systems into them where they will take on the new instructions.

The main window in the EPB console provides a row of tabbed folders where you view the status of groups and clients, configure policies and run on demand or scheduled anti-virus scans. If you wish, you can allow users to access specific functions of the local client, change its settings or run their own scans.

During general daily usage we found the client's dual scanning engines had a negligible hit on resources with the Windows Task Manager showing very low or zero CPU usage. Full systems scans were a different matter as even on a dual 3GHz X5560 Xeon system we saw CPU usage hovering between 20-25 per cent.

There are ways of reducing this impact as you can set the client to use a single scanning engine and only allow systems scans to be run by administrators from the EPB console. The other obvious option is to schedule full system scans for outside normal working hours.

Device control options are provided for floppy disks, optical media, removable storage and cameras. Compared with products such as DeviceLock these are fairly basic but you can block users from each category, allow read only or read/write access and enforce device white lists.

The RuleSpace web filtering service provides over 60 URL categories to block or allow and performed very well during testing. We blocked games, gambling and social networking and found our test clients were unable to access any sites under these categories.