Sophos beats McAfee

Sophos beats McAfee and Symantec in an independent product review

Sophos outperformed Symantec and McAfee in installation and deployment, usability and management, scanning performance and effectiveness against day-zero threats. It matched Symantec and beat McAfee in basic effectiveness, and was rated the best endpoint security product in the review overall.

Download review:
Read the full product comparison report from Cascadia Labs

Which products were reviewed?

Independent reviewer, Cascadia Labs, compared the three leading endpoint security software packages for large businesses from industry-leaders: McAfee Total Protection for Enterprise, Sophos Endpoint Security and Control, and Symantec Endpoint Protection 11.0. Note: Endpoint Security and Control 8 has been released since this review was published. It contains the same core functionality as version 7.

Sophos product is best overall

Overall, Sophos was rated the best product in the review, scoring four out of five - beating both Symantec and McAfee in four of the six categories.

Effectiveness of malware detection: Sophos catches more day-zero threats

Sophos clearly beat McAfee and Symantec in detecting day-zero malware - catching 97 of 100 new threats overall, compared to 82 and 58 caught by Symantec and McAfee respectively. Sophos detected 86% of this malware prior to execution, compared to 43% for McAfee and 51% for Symantec. Cascadia attributed this success to Sophos pre-execution HIPS capabilities, including Behavioral Genotype® Protection and run-time HIPS protection that spotted malicious registry, process, and file system modification. Cascadia was disappointed with McAfee's overall effectiveness and found Symantec's protection often came too late in the cycle.

Usability and management: Sophos is easiest to use

Sophos was the fastest to install, identify out-of-date computers, protect computers automatically with Active Directory and authorize or block applications like VoIP, IM, P2P and games. Nearly all tasks took fewer steps and less time with Sophos. Sophos ... should reduce recurring management costs in any size enterprise. Both Symantec and McAfee were more difficult to navigate and required more intricate and sometimes counterintuitive steps to perform a given task.

Scanning and updating performance: Sophos is faster

Sophos was a close winner in the on-access tests and finished the on-demand scan significantly faster than Symantec and McAfee. Furthermore, the Sophos virus scanning engine implements Decision Caching which delivered a 50% speed improvement in a second pass run. Sophos updates are more frequent and much smaller than Symantec and McAfee updates - an advantage for companies wanting to limit the impact on network resources.