How our avast! Endpoint Protection Suite licensing model works
avast! Endpoint Protection Suite is licensed on a per-node basis, which means
that if you buy a license for 20 devices, you can use it on any combination of
20 devices – whether they are servers or endpoint PCs.
If you buy a 20-device license, it can be used on:
20 endpoint PCs and 0 servers
19 endpoint PCs and 1 server
10 endpoint PCs and 10 servers
The server license covers connections limited to the number of devices you
bought. That is, if you install server product on 20 servers, it will still
have only 20 connections in total. For unlimited connections, we offer avast!
File Server Security – recent recipient of Virus Bulletins VB100 Award.
Antivirus and anti-spyware engine
An innovative scanning engine protects against viruses, spyware, and other
Real-time anti-rootkit protection
Prevents stealth malware (rootkits) that, when loaded by the computers OS,
are invisible to ordinary scanners.
Stops hackers, using heuristic and behavioral analysis and a white list of safe
Comprehensive spam and phishing filter, which works as a plug-in to MS Outlook
and a generic POP3/IMAP4 proxy for other email clients.
virus database updates
Now you get each virus signature sent to you in real-time via a connection to
the AVAST Virus Lab, rather than needing to wait for a traditional database
update. Your database will be continuously updated with the latest definitions.
FileRep lets you know whether a file is safe before you open it determined in
part by how many people have the file and how new the file is. The technology
is also used internally, to help the scanning engine make more intelligent
Suspicious programs are now automatically placed inside the avast! Sandbox. When
the program finishes, a comprehensive report is generated and, based on the
programs behavior, you are given a recommendation on how to treat it in the
Enabled by a single click of the mouse, it allows you to completely isolate the
browser from the rest of the system even if the browser gets hijacked, your
system stays clean.
The version 7 browser plugins provide greater protection against phishing sites,
including heuristic detection of new phishing sites. Also, we can now detect
fake/planted SSL certificates, preventing man-in-the-middle attacks against
https sites. Additionally, we have extended browser support to Apple™
Available only in Pro Antivirus and Internet Security, our SafeZone™, your
ultimate clean and secure window for financial transactions, now auto-prompts
you to move to the SafeZone from your regular browser.
Antispam for Microsoft Exchange servers 2007/2010 with the latest Service Pack.
Integrated protection for File server
Includes high-performance scanning, superior scalability, and support for
clustering (even in active-active mode), and integrates perfectly with MS
SharePoint via Microsofts own Virus Scanning APIs.
Microsoft Exchange server
MS Exchange 2003/2007/2010 email server is fully supported.
SharePoint Server plugin
Tightly integrates with SharePoint 2001/2003/2007 Servers via Microsofts own
Low resource usage
Stays light on system resources.
More options for greater flexibility
To easily manage any of our Endpoint Protection software, choose one of two
management console types. Each suits a different business environment and IT
needs here is a brief overview of the main differences.
Small Office Administration
Easy to use dashboard lists all current problems and recommended solutions.
Easy-to-navigate graphical user interface (GUI)
Offers a user-friendly central window to all program functions.
Remote installation and updates
Saves both time and costs associated with traditional deployment at individual
Auto-discovery of new/unprotected (or rogue) PCs
Notifies you when potentially unprotected/harmful PCs connect to your company
Flexible selection of what information gets reported and how often.
Built for simplicity
Easy to use, even for people who are not IT experts.
Ability to schedule/run scanning jobs
Schedule scans to run at night or whenever you dont need to use your PC.
In the event of infection or other unauthorized activity, the central console
receives immediate real-time alerts.
avast! Enterprise Administration maintains managed devices in a tree structure,
which can be based on, for example, the geographical or organizational
structure of the network. This makes it possible also to assign appropriate
administration access rights and policies. The tree can be built automatically
or imported from a text file.
Discovery / Remote deployment
avast! Enterprise Administration enables unattended, remote deployment of avast!
antivirus software, even spanning multiple domains. To reduce the potential for
security breaches, it also enables discovery of new or rogue machines on the
avast! Enterprise Administration offers a wide range of graphical and tabular
reports, which can be either generated and viewed directly in the
Administration Console, or exported and saved in a variety of formats (e.g.
PDF, HTML, DOC). Reporting can be scheduled daily, weekly, or whatever makes
the most sense.
avast! Enterprise Administration notifies, via various customizable alerting
methods, about the activity on your network. Set up notifications via email
(using SMTP or MAPI), Windows network pop-up messages, or even have them sent
to a network printer.
avast! Enterprise Administration updates incrementally, with only new data
downloaded, to greatly reduce transfer time and bandwidth requirements. Any
number of mirror servers can be set up to work in a hierarchy.
avast! Enterprise Administration complies with company security policies by
allowing particular access rights to users and/or user groups. Each item (e.g.
task, computer, event, computer group) has an access control list, with
visibility set by the main administrator(s). All communications to the console
are encrypted with SSL protocol and identified via a digital certificate.
Support for notebook users
avast! Enterprise Administration supports mobile devices, whose users connect
almost randomly to the company network and often try to bypass restrictions set
by the administrators. Initiated by POP client, updates are automatically
downloaded and applied whenever a device connects to the company network even
if via VPN or over the internet.