As we did with the other solutions we reviewed, we deployed the SEMS first. The SEMS deployment also required us to load Apache and MySQL, which were provided with the software distribution. We were hoping to use the management system to deploy the remote clients, but were surprised to find that we had to install the client locally. This may become an issue in a very large environment, but could be addressed with software distribution tools, such as Microsoft's SMS. The management system is used for reporting, alerting and ongoing management of clients. Decision-making and protection happen locally. Savant terms this decentralized management with a centralized view. Some benefits we found to this approach are that no signature database or web updates are used or, more importantly, relied on to provide protection. The centralized management functions were very easy to use, intuitive and, once the remote client was installed, it could be managed from the management system.
When we installed the client, it automatically discovered all of the executables on a device, and generated a unique key for each executable, dynamic-link library (DLL) or OCX (object linking and embedding custom control). We found this to be a very effective way to prevent the spread of malware. It also deters malware infection should a user authorize malware access.
The documentation was built into the product. It was helpful, but not as easy to navigate when we had specific questions. The support features are good, but do require an extra fee. Phone and email support is avalable, as is a web-based knowledge base and a FAQ for eight hours a day/five days a week and 7/24 with a per incident fee.
This is a very nice solution to protect against today's new breed threat. It does rely on other solutions for additional anti-virus protection, email and web content filtering, and the price point is very high for an enterprise deployment.