ESET’s latest hosted endpoint protection offering for business customers is the Protect suite. Previously, we reviewed ESET Endpoint Protection Standard, but ESET now positions that as its on-premises product. This leaves the Protect suite as ESET’s current managed, cloud-based product line, and it’s also the offering the company recommends for new users. The platform supports Windows, Linux, and macOS desktops with full feature parity, in addition to Android and iOS mobile devices. It’s available in three pricing tiers: Entry, Advanced, and Complete. We tested the Complete tier.
Unfortunately, while Endpoint Protection Standard earned our Editor’s Choice award, Protect Complete simply doesn’t distinguish itself enough to win that status. ESET has continued to improve its offerings, but it hasn’t done enough relative to its competitors to place it at the top of the heap of cloud-based endpoint protection services. The omission of certain advanced features, most notably endpoint detection and response (EDR), leaves Protect Complete trailing behind our current Editor’s Choice winners: Bitdefender GravityZone Ultra, F-Secure Elements, and Sophos X Intercept Endpoint Protection.
ESET Protect Pricing and Plans
Like many of the offerings in our round-up, the Protect suite is available in more than one pricing tier, each with its own feature set. The first tier is Protect Entry and starts at $239 per year for five devices, which breaks down to $47.90 per device. This tier comes with the full set of management tools plus ESET’s endpoint protection measures for desktops, mobile devices, and virtual machines. It also includes protection for Linux and Windows servers, including the Microsoft Azure cloud.
ESET recommends the next tier, ESET Protect Advanced, as the baseline for most businesses. This tier is discounted to $248.40 per year for five devices as of this writing, while it would ordinarily cost $310.50. Per device, that cost breaks down to $49.60 if you’re able to take advantage of the discount, or $62.10 at full price. Feature-wise, the Advanced tier has everything the Entry tier does and adds a safe app sandbox and full-disk encryption. That sounds pretty good, except many businesses will need email and cloud app security measures, too. For that, you’ll need to jump to the tier we tested, ESET Protect Complete.
ESET Protect Complete (EPC) starts at $382.50 for five devices per year, which breaks down to $76.50 for each device. This gets you everything in the Advanced tier plus mail and cloud app security features. If you’re using a hosted email provider as your organization’s primary email server, ESET’s mail protection probably won’t provide much more than what you’re already getting. However, since the pandemic has caused many small to midsized businesses (SMBs) to start using more third-party cloud software services than ever, those protections have become increasingly essential.
Relative to the feature set, ESET Protect Complete is easily among the most expensive offerings we reviewed. It lacks EDR capabilities, while some competitors (most notably Microsoft 365 Defender) bundle them at a lower price. Meanwhile, even our most expensive Editors’ Choice winner, Bitdefender, starts at $57.40 per device, making it almost $20 less expensive per device than Complete Protect. That’s a significant delta for most small businesses, so you’ll want to make sure ESET’s features and approach are best suited to your organization before you buy.
Getting Started
Your first stop after you log in should be the ESET Protect Cloud dashboard. This is where you will handle deployments, monitoring, and configuration. You’ll be greeted with a dashboard with multiple preconfigured tabs that include many of the items that you’d want quick access to. A Status Overview, Antivirus Detections, and Firewall Detections are some examples. The left-hand side of the screen has a few major headings including Dashboard, Computers, and Detections. Other minor sections are listed below that. The layout makes it easy to get to what is important first, which is much improved from previous versions.
Despite these improvements, however, we were left with the impression that the Protect suite’s UI is only on par with its competitors, without much to distinguish it. It’s attractive to look at, nothing felt particularly out of place, and we were able to drill down to at-risk devices without a struggle. But it still has a way to go before it can match the fantastic UIs of such competitors as F-Secure, Bitdefender, and WatchGuard, among others.
Once you’re acquainted with the dashboard, your first order of business will be to add some devices. There are several options to make this happen. ESET Protect Cloud lets you create your own, custom live installer for either Windows or macOS. During this process, you’ll pick a default policy to apply, which components to enable by default, and any advanced options. Once the installer is created, you can deploy it. Alternatively, you can generate a Group Policy Object (GPO) or System Center Configuration Manager (SCCM) script. For Linux installs, you’ll need to generate an Agent installer script or do some manual work.
Once devices are registered, you can optionally assign them to groups and assign a policy to each group that overrides the default configuration. You can tweak various settings in this way, including configuring antivirus, software update settings, personal firewall, web and email scanning, device control, and other tools. You can extend this process to phones and tablets by installing the mobile device management (MDM) module.
In all, we found ESET Protect’s policy management to be a mixed bag. While most of the policy options are straightforward and self-explanatory, some of the individual policies were inconsistently explained or presented. We also found the device control dialog to be a bit more detail-dependant than a lot of admins might be comfortable with, where some options sent us scurrying to the help documentation just to understand how to configure them. This was disappointing when compared with some of ESET’s competitors. Among those we reviewed, F-Secure sits at the top in terms of the most easy-to-use policies, where they are practically documented in their descriptions.
After collecting enough data, the Dashboard begins to light up with information. Tabs across the top show an overview of devices, the Remote Administrator Server, current antivirus threats, and firewall threats. Each ring graph is clickable into a drill-down view that gives detailed information. Threats, for example, can be drilled down to the system level, and you can review each threat for the action taken and mark it as resolved.
The reporting module is also excellent. It contains enough detailed reports to satisfy the needs of a security audit, but not so much that it’s too overwhelming to set up. Each report comes with a quick preview, as well. The type of threats, modules utilized, and actions taken are all reported in a way that’s easy to follow. A full audit log of changes made on Remote Administrator is available when it becomes necessary to prove the who and when of policy changes. Overall, we found Protect Complete’s reporting capabilities to be top-notch, placing it alongside Bitdefender GravityZone at the head of the pack in this regard.
Notably absent from ESET Protect Complete, however, are any type of EDR capabilities, an omission that made us question the “complete” moniker. Among the products we reviewed this year, even the ones that charge extra for full-blown EDR capabilities still offer some kind of basic EDR functionality. Both Bitdefender and F-Secure are good examples of this. ESET, on the other hand, requires you to upgrade to its enterprise product to get these features, which is likely to be cost-prohibitive for most small businesses. While the lack of EDR may seem like a trivial gripe, these kinds of technologies can go a long way toward pushing admins past reactive security toward a more proactive stance, by identifying the entry points for threats affecting the network.
ESET Protect Complete Threat Performance
When we put ESET Protect’s anti-malware capabilities through our endpoint protection test plan, the results were similar to those of the other products we tested in this category, in that it successfully detected, blocked, and/or quarantined the threats we threw at it.
Our first concern was how well the product protected against phishing, one of the most common vectors for attacks and data breaches. We were pleased to see that no additional browser plug-in is needed to take advantage of web protection, so we could proceed directly to our tests. To put Protect Complete through its paces, we selected 10 known phishing pages from PhishTank, a collection of suspected and verified phishing websites. ESET detected and blocked all ten.
For our next trick, we used Metasploit’s Autopwn 2 feature to launch a browser-based attack against the system using a known vulnerable version of Chrome with the Java 1.7 runtime installed. ESET blocked all of the attacks we launched, and we were unable to gain remote shell access.
We next tried a group of exploits using Metasploit’s Meterpreter attack payload. For our first trick, we tried launching a compromised binary of Windows Calculator with a standard Meterpreter binary tacked onto the end of it. Protect Complete prevented it from executing and removed it from the desktop. Next, we threw a collection of Veil 3.0-encoded Meterpreter executables at the system, including PowerShell, Auto-IT, Python, and Ruby. All of them were detected, so we couldn’t gain any further access.
Lastly, we isolated the system and made it run a gauntlet of various malware. We took a set of known-bad executables called TheZoo and tried to run them, but to no avail. All of them were quarantined before they could execute, which validated ESET’s signature-based detection. We also ran several versions of the CryptoLocker ransomware, and Protect Complete successfully blocked all of the variants.
Unfortunately, third-party research found ESET lagged slightly behind its competitors in more broad-based tests. AV-Comparatives awarded ESET its Standard rating as of October 2021, landing it in the “could do better” category. However, it still blocked 99.82% of threats in online protection tests and 89.0% of threats in offline detection tests. So, while its detection rate is not quite on par with the likes of Bitdefender GravityZone or Vipre, it is by no means an underperformer.
(Editors’ Note: Vipre is owned by Ziff Davis, the parent company of PCMag.com.)
A Welcome Cloud Facelift
ESET Protect represents an evolution of the company’s cloud-hosted endpoint protection offering, and there’s plenty to be happy about. It remains a robust platform for protecting your small business, and its latest UI improvements make it easier to use than ever. Compared to earlier iterations of ESET’s technology, the cloud interface is mature and easy to navigate now. And while it falls just short of being an Editor’s Choice pick this year, it is hardly devoid of features found in the contenders that made the grade.
ESET’s pricing structure gives us pause, however. The cost of choosing ESET for hosted endpoint protection has gone up since last we reviewed the company’s offerings, and we’re not sure this iteration of Protect Complete gives you enough bang to justify that buck. Considering the price tag of the top-tier small business version we tested, it was disappointing that it didn’t offer even entry-level EDR features without an upgrade to the enterprise-grade product, given that EDR is fast becoming one of the more competitive features for products in this category.
One factor to consider is whether your organization is already entrenched in the ESET ecosystem. Switching platforms can be a significant undertaking when you consider the time involved in rolling them out and ensuring policies are properly configured. Existing users of ESET products might be reluctant to switch. On the other hand, companies that are just now evaluating endpoint security products should first look to this year’s Editor’s Choice winners, Bitdefender, F-Secure, and Sophos.
