Kaspersky Lab has announced the results of a comparative test intended to measure the overall efficiency of its new Kaspersky Security for Virtualization | Light Agent software in comparison with Symantec Endpoint Security and Trend Micro Deep Security running on a Hyper-V hypervisor. This is the first test of Kaspersky Lab’s new software, which was announced publicly in April 2014 at the annual Kaspersky CyberSecurity Summit.
The goal of the test, administered by AV-TEST, was to analyse the level of protection offered by security solutions and their impact on the performance of the virtual infrastructure.
All three tested solutions demonstrated a similarly-high malware detection rate, while Kaspersky Security for Virtualization | Light Agent demonstrated significantly better performance results in several areas, including faster boot of multiple virtual desktops and 40% – 65% lower impact on system performance when managing large numbers of virtual machines.
AV-TEST’s overall evaluation consisted of four separate tests: the “real-world” test, “prevalent malware detection” test, “Login VSI” test and “Boot Storm” test. The “real-world” and “prevalent malware detection” tests were designed to assess the protection capabilities, exposing the virtual machines to 48 real-world threats and making them scan 9 851 prevalent malware samples.
Any initially undetected samples were run on the test machine to observe if the security software allowed the malicious programme to fully execute. In the latter two tests the impact on systems’ performance was measured by a Login VSI benchmark suite across 50 virtual machines running on a hypervisor, and by recording the time it takes them to boot in a “Boot Storm” test.
The performance test results illustrate the difference in using security software designed for physical endpoints to protect virtual machines. In both performance tests, Kaspersky Security for Virtualization | Light Agent demonstrated remarkably better results than its competitors.
Using the Login VSI suite for measurement, AV-TEST determined that Kaspersky Security for Virtualization | Light Agent had a 40% lower impact on system performance than Symantec, and 65% lower than Trend Micro.
In the “Boot Storm” performance test, which compared the virtual machine startup times against a baseline measurement, Symantec’s offering delayed the boot time of virtual machines an average of 3x longer than with no security software; Trend Micro delayed virtual machine startup time by four times the baseline.
The combined result of the two performance tests show that Kaspersky Lab’s specialised virtualization security solution is able to scale to larger virtual networks more effectively. Maik Morgenstern, CEO and technical director of AV-TEST, says: “When we measured the impact security solutions have on storage subsystem, it was equal for all three products when we had few virtual machines running on the hypervisor.
“The values started to diverge when there were 10 and more virtual machines, and with 20 and more machines the difference increased dramatically. Speaking about boot times, it took the virtual machine with Trend Micro twice as much time as the virtual machine with Kaspersky Lab’s 25th Kaspersky Lab Tops Competitors in Testing of Security Software in Virtual Environments solution and four times as much as the baseline.”
The protection tests also showed that each product provided a similarly high level of protection, which is to be expected from enterprise-level security software. Kaspersky Lab and Symantec detected 100% of the real world test-cases, while Trend Micro missed one test-case.
Both Kaspersky Lab and Trend Micro earned the highest detection score for detecting more than 99.8% of prevalent malware samples while Symantec has earned a slightly lower score for detecting 99,7% of malware.
Nikita Shvetsov, Kaspersky Lab’s chief technology officer, says: “This research shows that using security solutions not specifically designed for virtual environment may have limited use cases. But for businesses using thousands of virtual desktops or servers, the performance degradation caused by the unfit security software can be enormous.
“IT managers can be assured that Kaspersky Lab’s portfolio of virtualisation security offerings deliver the protection they need without needlessly hindering the performance.”