January 17, 2022
Last Updated:
November 22, 2023
What is ESET Endpoint Protection?
Endpoint protection platforms (EPPs) protect endpoint devices on the corporate network. ESET offers endpoint security solutions that use a multilayered approach. It employs multiple technologies that work dynamically to balance detection, performance, and false positives.
ESET Endpoint Protection, also known as ESET PROTECT, comes in three editions: Entry, Advanced, and Complete. We’ll cover the features included in each of these editions, and go into more detail about ESET Endpoint Antivirus capabilities, which are packaged with all ESET endpoint protection products.
For more background on ESET’s entire range of endpoint security products, read our guide to ESET Endpoint Security
ESET Endpoint Protection Solutions
ESET Endpoint Protection Advanced is one of three editions in the ESET PROTECT product suite.
Related content: Read our guide to endpoint protection platforms
ESET PROTECT Entry
This solution offers multilayered protection. You can deploy the solution using the cloud console with one click. The notable features of ESET PROTECT Entry include:
- Security management—you can deploy this remote management solution in the cloud or on-premises.
- Endpoint protection—this feature offers advanced multilayered protection for various endpoints, including smartphones, virtual machines (VMs), and computers.
- File server security—offers real-time protection for data passing through file servers.
ESET PROTECT Advanced
This solution provides capabilities to protect company laptops, computers, and mobile devices. It lets you manage security products using a cloud-based management console. ESET PROTECT Advanced provides the same capabilities as the Entry edition, and also provides:
- Full disk encryption—this solution enables you to encrypt system disks, partitions, or entire devices. You can use it to achieve legal compliance.
- Cloud sandbox—this feature helps you proactively protect against zero-day threats by investigating suspicious samples within an isolated cloud-based sandbox environment.
ESET PROTECT Complete
This solution provides all features available in Entry and Advanced and adds a layer of protection for Microsoft 365 cloud email and OneDrive or mail servers. ESET PROTECT Complete provides the same capabilities as the Advanced edition, and also provides:
- Mail security—this feature can block malware and spam at the server level before these threats can reach end users’ inboxes.
- Cloud app protection—offers advanced protection for Microsoft 365 applications. It includes added proactive threat defense via a dedicated console.
ESET Endpoint Antivirus
All ESET endpoint protection solutions include the ESET Endpoint Antivirus, which protects against various malware threats, including ransomware, fileless malware, zero-day attacks, and more.
The solution employs multiple technologies to offer comprehensive malware protection, including artificial intelligence (AI). You can deploy ESET Endpoint Antivirus on-premises on Linux, Mac, and Windows machines or implement a cloud-based deployment.
Threats Covered
ESET Endpoint Antivirus offers protection against the following threats:
Ransomware
ESET Endpoint Antivirus uses its Ransomware Shield technology to help protect against malicious file encryption. It can identify ransomware according to reputation and behavior and blocks processes resembling ransomware behavior.
Zero-day attacks
Traditional antivirus looks for patterns of known threats. Zero-day attacks rely on unknown vulnerabilities to bypass pattern-based antivirus software and breach your systems. ESET Endpoint Antivirus applies continuous monitoring to identify and block threats attempting to use known exploitation techniques on applications like browsers.
Fileless malware
Malware attacks relied primarily on files to infect and spread in the past. However, today’s advanced attacks employ a fileless approach. Antivirus software often fails to detect fileless malware because it hides in the computer’s memory.
ESET Endpoint Antivirus uses Advanced Memory Scanner, a proprietary technology, to help solve this challenge. The scanner proactively looks for fileless malware behavior and can stop threats according to actions taken by computer processes when the malware decloaks in memory.
Obfuscated malware
Threat actors use obfuscation techniques to hide malware attacks, making it difficult for antivirus software to detect them. ESET Endpoint Antivirus uses a sandbox environment to discern the real behavior behind suspicious activities and confirm potential threats. It typically works by uploading a sample to ESET’s cloud sandbox, which offers a safe virtual environment for testing and validation, supported by 13 R&D labs located worldwide.
Anti-phishing
ESET Endpoint Antivirus provides anti-phishing capabilities that monitor communications between web browsers and connected external servers. This process enables the platform to distinguish between legitimate websites and websites disguised as legitimate ones.
Network attacks
ESET Endpoint Antivirus helps protect against some network attacks by monitoring network traffic and blocking any traffic deemed as harmful.
The Management Console
ESET Cloud Administrator is a cloud-based management tool that enables you to manage security using a single console. Here is what you need to know about the management console:
- Encryption—ESET secures the console by encrypting the data in the console.
- Dashboard—the console provides a dashboard displaying important security information. It offers comprehensive data distilled into graphs, which can help you gain insights.
Here are key ESET Cloud Administrator features:
- Security policies—the console lets you create security policies for endpoints.
- Lists—you can use the console to create a list of tasks.
- Alerts—the console enables you to set alerts for instant notification of critical security issues.
ESET Endpoint Protection Strengths and Limitations
Gartner’s Magic Quadrant for Endpoint Protection Platforms positioned ESET as a challenger and listed the following pros and cons of the solution.
Strengths:
- Employs a lightweight client in combination with a solid anti-malware engine. It consistently achieves high results when tested for malware effectiveness.
- Provides comprehensive support for fileless malware, using technologies such as Windows management instrumentation (WMI), registry scanning, PowerShell execution scanning, and script-based detection.
- Utilizes machine learning technology.
- ESET is a highly regarded source of published security research.
- Offers a management console available in 23 languages.
Limitations:
- The solution only recently added enterprise-level EDR and cloud delivery.
- The cloud solution does not integrate with Enterprise Inspector or the agentless virtualization security capability.
- No direct-to-customer MDR services—ESET provides MDR services through partners.
- No vulnerability or configuration management capabilities to harden endpoints.
Endpoint Protection—Prevention, Detection and Protection with Cynet 360
Cynet 360 is a security solution that includes a complete Endpoint Protection Platform (EPP), with built-in EDR security , a Next-Generation Antivirus (NGAV) , and automated incident response. Cynet makes it easier to adopt a modern security toolset by offering an “all in one” security model: Cynet 360 goes beyond endpoint protection, offering network analytics , UEBA and deception technology .
Cynet’s platform includes:
- NGAV—blocks malware, exploits, LOLBins, Macros, malicious scripts, and other known and unknown malicious payloads.
- Zero-day protection—uses User and Entity Behavior Analytics (UEBA) to detect suspicious activity and block unknown threats.
- Monitoring and control—asset management, endpoint vulnerability assessments and application control, with auditing, logging and monitoring.
- Response orchestration—automated playbooks and remote manual action for remediating endpoints, networks and user accounts affected by an attack.
- Deception technology—lures attackers to a supposedly vulnerable honeypot, mitigating damage and gathering useful intelligence about attack techniques.
- Network analytics—identifying lateral movement, suspicious connections and unusual logins.
Learn more about the Cynet 360 security platform.