Bitdefender GravityZone combines multiple security services into a single platform to reduce the cost of building a trusted environment for endpoints.
N/A
Carbon Black App Control
Score 8.6 out of 10
N/A
VMware Carbon Black App Control (formerly CB Protection) is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.
VMware acquired Carbon Black October 2019.
It just works. I have seen multiple viruses and malware get past other antivirus software like TrendMicro, Webroot, and Kaspersky. Bitdefender GravityZone always catches what others miss. It has a very light footprint when it comes to system resources. The centralized management console is nice, but I prefer the console before they redesigned the UI.
Cb Protect is best suited somewhere where you want to maximize the lockdown of workstations. So moving past no local admin rights to blocking specific applications and peripherals. The idea would be to have a list of applications you want to run, and then anything else is not able to be used. As stated prior, if you have a very fluid environment where you are having all sorts of new applications installed frequently (I feel for you!!) this is still do-able, but it misses the general idea. I think especially in environments that are more sensitive to new applications, like banks, healthcare systems etc, this is a good fit. The ability to look at application levels, drift, unapproved software etc is very useful.
Once installed, Bitdefender [GravityZone] runs silently in the background with little to no need for user interaction.
The cloud-based console provides for easy computer management and deployment.
Bitdefender [GravityZone] is extremely flexible, with a policy-based system wherein different profiles can be created (i.e. a policy to deactivate the firewall, a policy to allow for admin control on a machine, etc.) and pushed out to individual computers.
Computers can be grouped into different categories, with different policies automatically deployed to each category.
Bitdefender [GravityZone] is relatively resource-light and runs well even on lower-end computers.
Who do I ask? This is my chief complaint is once the initial licenses were purchased through Bit Defender, there was no one to contact that could help navigate some of the initial questions I had with regard to specific policies to implement for our file server. The parent web site is, well, hard to navigate when one is trying to "learn" the system.
The second issue is in increasing the licenses. It took several days for the parent company (by contact and phone) to inform me that they could not increase the licenses and I would have to go through a private vendor. There was no intent to connect me to a vendor or provide a vendor list until I asked specifically. YET I continue to get email from the parent company reminding me to pay an annual fee for the licenses purchase through the private vendor. The parent company can see the number of licenses yet did not sell them to me.
Gravity Zone Dashboard, while excellent for those who have experience, is not particularly intuitive for those who have never used it. There does not seem to be a lot of documentation for those responsible for implementation.
It works. I rely heavily on my vendors to provide a product that works, is easy to implement, and that they support. As well as be a decent value for the money
The console is easy to use, but has grown to have a lot of functionality. The only challenge is that all functions (even disabled and not installed ones) are shown. It would be great if only the functions that are active would be visible.
Support is an area Bitdefender has always struggled with. While their products work great, the GravityZone dashboard is very technical in nature. If you aren't IT inclined, it could be difficult to setup. While most times support is helpful, we tend to work with them over email because of their very thick accent, they are hard to understand over the phone.
We were a Kaspersky shop for years. Kaspersky was a resource hog and it didn't even block half of what was thrown at it. We had more outbreaks and more end-user complaints in a year of Kaspersky then we have had in almost three years of Bitdefender.
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
The ROI for Bitdefender is hard to quantify except that it requires very little maintenance time from our staff.
We've spent no time troubleshooting user complaints or issues from users, so it has been a big time-saver over our previously used anti-malware software.
Bitdefender's customer service is usually pretty good and also very responsive, so I don't have to wait by the phone or to keep checking email to resolve a problem--although our issues have been mostly informational and not a problem with functionality.
