Cloud-based anti-malware protection is becoming more and more the norm, as the traditional local definition database model becomes increasingly unable to cope with the pace of threat evolution. Running threat detection in the cloud frees up resources on client PCs and completely removes the need for definition updates.
Webroot's SecureAnywhere Endpoint Protection is one such product designed mainly for SMEs (500-1,000 seats is the 'sweet spot' Webroot is aiming at). Any number of licences from 5-999 can be bought online, costing from around £27 (inc. VAT) each at the lower end of this range and dropping to about £17 at the upper.
SecureAnywhere Endpoint Protection's web-based management console
It uses a web-hosted multi-user management console, included in the price. This is very well implemented, with fully customisable policy- and group-based protection for clients, plus a variety of manual and automated deployment options — including a free remote deployment tool that uses an MSI installer package. There is also a decent set of reporting and logging features.
The client software has a small (4-55MB) memory footprint
The client software is distributed in a 670KB executable. It has a very small memory footprint, using only around 4MB of RAM when idle, increasing to about 55MB when scanning. Scans are also very quick, taking just a couple of minutes. The protection offered is the same as in the consumer version, with a variety of realtime 'shields' and a firewall that works with the Windows firewall (it takes over the outbound part).
SecureAnywhere Endpoint Security can run as the sole protection, or alongside other security products — Webroot claims it will generate no conflicts or slowdowns, and we saw none when using it with Microsoft Security Essentials. It can also be used on server OSs.
Offline protection uses advanced heuristics, and there's a rollback system to undo any system changes caused by malware when in offline mode.
The whole system works very well, and it looks like an attractive option for businesses needing managed security without the expensive overhead of dedicated hardware for management consoles.