CaseStudy: EPP Technology and Product Review
CaseStudy: EPP Technology and Product Review
Cybercrimesare among the key factors that reduce the capacity of individuals andbusinesses to make the best use of technology. However, thischallenge has opened a new market for programs that can help peopleand companies to use computer systems without fear. One category ofthese programs is the endpoint protection platform (EPP). The EPPmarket is comprised of different products, such as anti-spyware,personal firewalls, vulnerability assessment programs, and devicecontrol software (Firstbrook, Girard & MacDonald, 2013). Althoughthere are many companies that produce EPP programs, three firms(including Symantec, Trend Micro, and McAfee) have a market share ofabout 68 % (Firstbrook, Girard & MacDonald, 2013). In this paper,the features, capabilities, and deficiencies of McAfee VirusScanEnterprise version 8.8, which is an example of EPP, will bediscussed. The paper will also address the use of the EPP by clientsto support their cyber security objectives.
AReview of Features, Capabilities, and Deficiencies
McAfeeVirusScan Enterprise version 8.8 refers to an EPP that was developedwith the capacity to protect files as well as computer systems fromdifferent viruses. Some of its key features include the availabilityof on-access file scanner, spyware protection, outbound as well asinbound firewall defense, definition updates, SystemGuards, and X-Rayreboot detection (McAfee, 2013). Other features that were improved inthe 8.8 version compared to the previous software include the boottime, on-demand scanning, and battery life.
Thecapabilities of McAfee VirusScan Enterprise version 8.8 have beenimproved with time. According to McAfee (2013) the platform has fourmajor enhanced capabilities that are not found in the previousversions. They include the capacity to support Microsoft Outlook2010, an interface for script URL exclusion, a complete McAfeeAntispyware Enterprise integration. In addition, the EPP facilitatesa real-time antivirus scanning, which was intended to ensure that thesystems (including those that are in remote locations) are protectedat all times (McAfee, 2013). Moreover, the EPP was built with thecapacity to protect Microsoft applications from buffer-overflowexploits. It also has the capacity to destroy policies, reviewautomated reports, and manage security alerts using the ePolicyOrchestrator. Most importantly, this EPP has the capacity to work24/7 in order to protect users from cyber threats since it issupported by the McAfee Global Intelligence (McAfee, 2013).
The8.8 version of the EPP is also associated with a significantimprovement in boot time and an increase in the capacity to performregistry scanning. For example, Microsoft Word can generateapproximately 3,900 registry access attempts at a time, but theMcAfee VirusScan Enterprise version 8.8 has the capacity to monitorall of them (McAfee, 2013). An improvement in the registry scanningcapacity in version 8.8 compared to 8.7 is about 11 % (McAfee, 2013).Booting time is an important factor that is considered by allend-users who wish to be productive when selecting an EPP. Accordingto McAfee (2013) Version 8.8 of the EPP was built with an eightpercent improvement in the time that is needed in order to boot thesystem.
ThisMcAfee VirusScan Enterprise has two major deficiencies. The on-demandscanning feature of the EPP efficiency by ensuring that files arescanned when there is a need, but it limits its capacity to scan thecontents of the file systems (Brouwer, 2014). This is a vulnerabilitythat can be exploited by some viruses. Secondly, the vendor has notbeen able to resolve the issue of memory consumption completely,which discourages many potential users from relying in the EPP. Mostof the computer’s memory is consumed when conducting the ODS scans.
McAfeeis the vendor of the EPP considered in this paper. One of the keystrengths associated with McAfee is the ability to integrate theacquired technologies (such as application control and encryption)into its EPP (Firstbrook, Girard & MacDonald, 2013). This leadsto consistency in the management of the system while increasing theswitching cost for users. In addition, the vendor has the secondlargest market share for EPP, which implies that it has enoughresources to finance research and development. This market dominancealso has given the vendor a chance to learn through experience andimprove on its EPP.
However,McAfee vendor is associated with two major deficiencies. First, theoverall agent impact on the performance of the EPP is among the mostcommon complaints made by customers (Firstbrook, Girard &MacDonald, 2013). This implies that the benefits associated withMcAfee EPP can be negated by the decline in the performance of thesystem. Secondly, Gartner reported that there is inconsistency in theexecution of the EPP, in spite of the fact that McAfee invests inoverall support and services.
Howthe EPP Can Be Used By the Client to Support Cyber SecurityObjectives
Peoplecan use McAfee VirusScan Enterprise 8.8 to pursue the cyber securityobjectives in five ways. First, clients can safeguard their emailprograms by increasing their capacity to detect unwanted programs andremove them in time. This objective is achieved by using the EPP todetect and clean the Lotus Notes as well as the Microsoft Outlook(Intel Corporation, 2017).
Secondly,the EPP gives clients a high performance security, which minimizestheir vulnerability. The platform is quite efficient compared to mostof the programs that are developed by competitors, which is confirmedby the fact that it offers better protection while using less memoryand fewer CPU cycles (Intel Corporation, 2017). The high performancesecurity helps users to reduce the number of security threats thataffect their computer systems.
Third,McAfee VirusScan Enterprise version 8.8 lessens the damage frompotential outbreaks. It closes the ports and monitors the email aswell as the application engines, which goes a long way in preventingthe outbreak of viruses (Intel Corporation, 2017).
Fourth,the EPP increases the confidence of users by reducing the disruptionof laptops, file servers, and desktops. This is accomplished sincehackers and malware lack the capacity to disable the EPP (IntelCorporation, 2017).
Lastly,McAfee VirusScan Enterprise version 8.8 is developed with thecapacity to overcome all threats that target the Microsoftapplications. The platform achieves this objective by guarding usersagainst the buffer-overflow vulnerabilities.
TheEPPs are important programs that help users of the modern technologyto address the challenge of cyber security. These platforms reducethe level of exposure to different types of threat, thus enhancingthe safety of computer systems. McAfee VirusScan Enterprise version8.8 is one of the latest EPPs and its effectiveness is attributed tothe fact that it offers protection from a wide range of securitythreats, which makes it more attractive than other platforms.However, it has several weaknesses that can be addressed byimplementing two recommendations. First, McAfee should invest inresearch and development projects that will ensure that new featuresthat are introduced into the EPP do not reduce its performance orthat of the computer system that is being protected. Secondly, McAfeeshould demonstrate consistency in the way it develops its EPP inorder to avoid frustrating users of its products.
Brouwer,P. (2014). Howto configuration McAfee VirusScan Enterprise for the Oracle ZFSstorage appliances.Redwood Shores, CA: Oracle Corporation.
Firstbrook,P., Girard, J., & MacDonald, N. (2013). MagicQuadrant for Endpoint Protection Platforms.Stamford, CT: Gartner, Inc.
IntelCorporation (2017). McAfee VirusScan Enterprise: Overview. IntelCorporation.Retrieved March 17, 2017, fromhttps://www.mcafee.com/us/products/virusscan-enterprise.aspx
McAfee(2013). What’snew: McAfee VirusScan Enterprise, 8.8?Santa Clara: McAfee, Inc.