AV-Comparatives, an Austria-based project, compared 12 antivirus tools and only Microsoft's Windows Live OneCare failed their test. OneCare only spotted 82.2% of 500,000 viruses. We've been considering moving from Sophos Antivirus to Microsoft Forefront Client Security, but this test doesn't really inspire confidence in Microsoft's new anti-malware tool for corporate environments since OneCare and Forefront use the same scan engine.

Latest posts by Michael Pietroforte (see all)

We have been using Sophos Antivirus for many years now. In the beginning, we were quite content with it, but every new release gives us more headaches than it is really worth. Antivirus software has to hook up deep in the OS. If the developers make mistakes here, it can result in serious problems. The developers who know most about Windows are certainly those from Microsoft. Hence, it makes some sense to use AV software from the Windows Company.

But reliable software alone does not make up a good AV tool. Big AV software vendors invest a huge amount of time to create AV signatures. The AV-Comparatives test showed that Microsoft cannot yet compete with the more established AV software vendors. However, the mere number of viruses recognized by an AV tool doesn't say so much about its quality. The more important factor is, how fast an AV software vendor reacts to new threats. I doubt that Microsoft would come off better in such a contest, though.

Subscribe to 4sysops newsletter!

However, I wouldn't write off Forefront so early. Usually, if Microsoft comes out with a new product it takes one or two updates until they become competitive. Some people say that malware protection should be an integral part of a modern operating system and I am one of them. Let's wait for Windows Vienna. Only two more years 😉

  1. BN 16 years ago

    I am an I.T. director at a college, and we too have been considering moving from Sophos to Forefront. Microsoft is almost giving this away to colleges. I agree with your conclusion here, but it’s worth noting that Sophos didn’t fare much better than Microsoft in a recent test from AV Test http://www.pcmag.com/article2/0,1895,2135092,00.asp

  2. You’re right; all Microsoft products are unbelievably cheap for educational institutions. We all know why MS is doing this. We are thankful anyway. Thanks a lot for the link! I am shocked about the bad performance of Sophos. It made me think again, if I should have a look at Forefront now. The products with a better detection rate are probably too expensive for us.

  3. Hugo Malavet 16 years ago

    This doesn’t mean anything to Forefront since the key benefit of Forefront is that it uses up to five anti-virus engines in parallel. Microsoft’s own AV engine may stink, but no AV engine is perfect or has signatures updated as fast as others. It is quite clever actually that Forefront is not dependent on Microsoft’s AV prowess, or any one AV engine. Having said all that, this is a marketing problem, but not a product or technical problem for Forefront.

  4. Doesn’t this only apply for Forefront Security for Exchange? Are you sure that you can run more multiple AV engines with Forefront Client Security, too?

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account