Feeds

Sunbelt buckles up for anti-bloatware drive

Slow, fat rivals taken to task

SANS - Survey on application security programs

The anti-virus bloatware problem is getting worse despite what some vendors may claim, according to figures from Sunbelt Software.

The Florida based vendor's marketing claims tap into a deep well of discontent about anti-virus products but are not supported by the latest results from independent testing labs, such as AV-Test.org, and therefore ought to be treated with caution.

What's not in dispute is that slow, bloated anti-virus engines chew up system resources. The problem has been a continual source of frustration for Windows users for years, and something their Mac and Linux-using peers always cite in operating system arguments.

Worse yet, each new version of the leading Windows anti-virus products from Symantec, Trend and McAfee et al can increases the demand on CPU and memory by a significant factor, Sunbelt claims. This can effectively reduce the useful life of existing machines which, according to Sunbelt, need 20 per cent more grunt (extra CPU power and RAM) for each update.

Lip up fatty

Vendors such as Trend and Symantec have publicly acknowledged that their products have been resource hogs in the past. Since Norton AntiVirus 2008, Symantec has developed technology so that its software uses less computing resources. Sunbelt brags that even these competing products still use triple the memory of Sunbelt’s comparable Vipre Software.

End-users have complained about the bloatware problem for years but it's a discussion vendors have historically avoided, much like the members of a weight watchers club might diplomatically avoid comparing dress sizes. Sunbelt's internal figures - which have not been subjected to independent testing - serve at least as a starting point in a decision that's long overdue.

Sunbelt's internal research compared the performance and resource utilisation of the most popular commercial enterprise antivirus products on the market: McAfee VirusScan v8.7.0.155, Sophos Enterprise Security and Control v3.1, Trend Micro OfficeScan v8.0+SP1_R3, Symantec Endpoint Protection v11.0.2010.7, Webroot AntiSpyware Corporate Edition with AntiVirus v3.5.1 and Sunbelt Vipre Enterprise v3.1.2978. Each were tested on a two-year-old machine with a 2.8 GHz Intel Processor and 1GB of memory, running Windows XP Pro SP3 with MS Office 10.

Vipre Enterprise used 27 per cent of CPU resources during a manual scan compared to more than 70 per cent for Webroot, 57 per cent for Sophos and around 46 per cent for Sophos and Trend. McAfee came the closest with around 29 per cent.

However, McAfee used 130 MB of RAM during a manual scan, compared to VIPRE Enterprise use of only 49 MB RAM. Symantec 118 MB RAM usage during the process compared to 75MB RAM for Sophos and 62MB for Trend Micro.

Sunbelt also makes a direct speed comparison between the speed of scanning of its software and that of arch-rival Webroot. Vipre Enterprise's scan Speed was 13.95 MB/Sec on the test hardware, with 26 per cent CPU utilisation compared to Webroot's 16.54 MB/sec using 72 per cent CPU during a manual scan.

Level playing track?

These are internal tests, since applied to marketing purposes, and ought to be viewed with caution as a result. Symantec Endpoint Protection has firewall features that may be absent in other products, such as Sunbelt's Vipre, and this needs to be factored into consideration when considering the tests.

Sunbelt said it turned off Symantec's firewall during the test.

Phil Owens, a sales engineer at Sunbelt Software, said that the efforts of rival security firms to control bloatware have so far been focused on consumer products.

"Symantec has been making efforts on the consumer side, but it hasn't yet moved these improvements to the enterprise side which is where the issue of bloatware is most prevalent,” Owens said.

“McAfee uses a lot of different components and add ons (ie an Antivirus agent on the users PC, an antispyware module and an EPO agent); whilst it acknowledges it is an issue it needs to address it seemingly hasn't taken too many steps in the right direction to rectify it."

Rival products can start off OK then gradually get slower as additional updates are applied. This depends on their architecture, Owens explained.

High performance access to file storage

Next page: Testing times

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.