BitDefender v Nod32

Posted on Mon 18 November 2013 in Business, WebDev & Code

It's anti virus renewal time! Not the most exciting job of the year, which is why I've been renewing for at least 2 years at a time.

Bottom line: So, after all my research, reading and testing, we're sticking with Nod32 for another 2 years.

We've been Eset Nod32 customers a long time, but for this renewal a few warning signs meant extending the licence wasn't the no brainer it has been in the past.
1) Their web site is way out of date. Here's a screenshot:
why_eset
It's November of 2013, so why are all these certifications dated 2006 to 2010?
2) Being pedantic when it comes to presentation of data, I read the claim of "ESET has won an unprecedented number of Virus Bulletin's VB100 awards, more than any other security product" can also mean "We've been around years longer than everyone else, so we can say that whilst the new companies can't". It doesn't tell me Eset are still leading the field and I'm sure they used to say they were the only provider with a 100% detection rate. They don't say that now... maybe they're not as good?

The big plus in their favour: The renewal price is cheaper than the new customer price. I like that. I hate it when companies give discounts to new customers but not existing, making me need to spend time switching supplier each year.

Despite the plus, it was time to do a little more research.

av-comparitives

I went through each month of reports on this site, as well as a couple of others. About 4 hours of study (yeah, I should get a life).
Result, ESET isn't the leader any more. It may only be behind by a couple of percent, but going through several months of av-comparatives.org tests, they are now often a little behind. My fear, of course, is that one or two new viruses they mis in a given month is the one that gets into our network and causes mayhem [at this point, I am obliged to remind you to make sure you backups work, lest this latest virus called 'cryptolocker' destroy your files].

I looked at the new consistant leaders. I settled on the best alternative for our needs to be BitDefender. I wanted to try Kaspersky. Mostly because I admire their stance against a patent troll but unfortunately it's a lot more expensive than Eset Nod32. Of course, I'll regret that one day if we get a virus Kaspersky would have stopped, but in 6 months time it could be Kaspersky misses the virus Eset would have stopped. Hey ho!

I registered for the trial and at first, I liked it. I went for their 'Cloud Security' option, which as best as I can tell, is their 'Small Business Pack' (ie: regular PC Antivirus) but with a web based console for reporting and installing. I installed it on a new Windows 8 PC (Our first in the office, and I like Windows 8 a lot) and I love the console. It gave me a link to download the install which was super smooth (no licence ID's to type in). It later told me that we have 7 other PC's that aren't running BitDefender (it searches the Windows network for machine ID's and matches it to the machines BitDefender is installed upon).

Everything was great... until I got a virus. OK, not a real virus, the EICAR test virus file. It's a small piece of text you can download to see if your virus scanner will detect it. Except. It didn't. Or, I thought it didn't. It immediately quarantined the file BUT DIDN'T TELL ME. So I did what any user would do, I tried again. I then decided the download function wasn't working, so copied the text into a new text file, saved it, closed it - but it had disappeared. I then created the text file and left as .txt. Saw it on my desktop, renamed the file... and it disappeared.

Only then did I go and check the notification panel to see all these files were quarantined. So it's good, it did it's job, but it's bad, because I didn't know that. If one of our users has the same situation trying to read a customer's .doc attachment, how are they to know what's happened? It's annoying.

So I put in a support request:

Issue: I'm testing bitdefender for our business. I tried the EICAR test file. Bitdefender spotted the file and moved it to quarantine. However there was no warning for the user (that the file they just downloaded was quarantined). The action was reported in the web console.Is there a setting that prevented a warning for the user or is this always the case (users don't get told)

A few days having had no answer, I took to their product forums. The forums were pretty quiet. No one with a similar question to mine but it appears I wasn't the only one waiting for an answer

bitdefender_forum

A whole 8 days later, I got an answer to my support email:

When running in Auto Pilot Mode, the product will take automatic actions for all malware and all information will be logged in Events.

The user will be notified via the Security widget that will display the number
of Events.

So, if you realise, you can open the widget and see what's happened. It doesn't pop up a warning. Until then, you'll be clicking download wondering why nothing seems to be happening. Today, I also noticed a new warning "7 Days since last system scan" or similar. I don't understand why BitDefender hasn't just gone ahead and scanned if that is significant to the antivirus protection, I know Eset Nod32 does. Sure, a full scan can affect PC performance so make it happen when the processor is idle, or as a low priority background task.

I've only put one support request into Nod32 over the years we've had it, but looking back it appears to have been answered on the same day (with the solution, my further thank you reply 4 days later shows).

So, after all my research, reading and testing, we're sticking with Nod32 for another 2 years.