Vipre Endpoint Security Cloud

Vipre Endpoint Security Cloud is an easy-to-use and scalable business endpoint protection suite that's also highly effective at finding threats. However, it's still behind its competitors in threat analysis and endpoint detection and response (EDR) capabilities and it lacks agents for Linux, iOS, or Android. These issues keep Vipre behind our Editors' Choice winners in the endpoint security category, a list that includes  Bitdefender GravityZone Ultra, F-Secure Elements, and Sophos Intercept X Endpoint. But if your shop doesn't mind exchanging a few high-end features for a good price and an easy learning curve, Vipre may be just what you're looking for.

(Editors' Note: Vipre is owned by Ziff Davis, the parent company of PCMag.com.)

Vipre Endpoint Security Pricing and Plans

Unlike some entries in our roundup, Vipre Endpoint Security Cloud has very straightforward pricing. You don't need to buy it through a channel partner, and you can get a one-year subscription starting at $150 for five seats, with modest discounts as you increase your volume.

Even Vipre's lowest-volume price point breaks down to just $30 per user per year, which places it comfortably near the bottom of the pricing pack. Our Editors' Choice winners all cost significantly more, especially Bitdefender GravityZone, which will cost you almost twice as much at $57.40 per user per year (and that's without many of its advanced, add-on features).

However, other products in our roundup offer more advanced features. For example, Bitdefender includes EDR, mobile operating system support, and risk management. Similarly, Microsoft 365 Defender includes email scanning as part of its business-class service. Vipre only offers this as a separate product, called Vipre Email Security Cloud, and it will set you back an additional $150 per year for every five users.

If your feature needs are at the lower end, on the other hand, then Vipre has the price tag to match. And if you want to evaluate the platform, a free 30-day trial is available on Vipre's website.

Installation and Configuration

Vipre’s UI has undergone minor visual improvements since last we reviewed it, but it has always had an easy-to-use and mobile-ready interface. The menus are task-based, descriptive, and displayed cleanly along the left-hand side of the screen. 

When you navigate to Deploy > Download Installer, you receive an executable that will install the agent with the default security policy.  Alternatively, you can create a custom installer that automatically applies a policy of your choosing. This is handy for pushing installs out to large numbers of devices of a similar type. A quick run of the installer gets you ready for action.

To configure additional policies, you navigate to the Policies section and click on either macOS or Windows. We have mixed feelings about this separation. While F-Secure Elements calls out policy elements that only apply to specific platforms, Vipre separates them completely. This could be a minor annoyance, depending on how many policies you need to define. You can assign separate policies to laptops, workstations, and servers, which we thought was a clever way to save time. 

Editing policies is a snap. You can clone the default policy and make changes as needed. Nearly all of the default settings are ideal for most environments. One exception was that the firewall is off by default since Windows Firewall is sometimes preferred, but that’s the only thing we needed to turn on to test. Enabling the firewall is also necessary for the intrusion detection system (IDS) to function, which could surprise you if you expect certain kinds of threats to be caught automatically.

Domain name server (DNS) protection is also handy because it works at the kernel level of the OS to swat down attempts to contact domains with known threats. For example, it doesn’t rely on a browser plugin like F-Secure Elements. This is in addition to SSL traffic scanning, similar to BitDefender GravityZone. Unfortunately, there is no ability to enforce BitLocker encryption, as you can with ESET Endpoint Protection Standard, among others. To apply any configured policy, you can navigate to Devices, pick the device you want to change, and then click the current policy name. You can then assign the new policy and it takes effect immediately.

Monitoring and Reporting

Once you add your systems, they show up in the dashboard and become available for monitoring and reporting. The dashboard is clean, clear, and only shows you what you need to see. This is refreshing when compared to products such as Microsoft 365 Defender that tend to drown you in portlets. Vipre also continues to keep its reporting interactive, though it has added CSV export capabilities to each of them. With a few exceptions, you can get to most reports just by drilling into them from the dashboard. The ones you can’t get to from the dashboard can easily be found on the Reports link on the sidebar.  We found what was there to be mostly complete in terms of what we would want to see. The Threat Detection and Threat Summary reports make up the majority of what most folks will look at.

While Vipre handles the majority of actions automatically in the background, if you need to make specific decisions on any quarantined threats, the Quarantine section does a good job of sorting threats by severity, category, and source. Drilling into a threat tells you which devices were affected, when, and the action that was taken. In the upper right-hand corner, an actions menu lets you choose between deleting the infection or removing it from quarantine for that device. Regrettably, it is still not possible to quarantine batches of detections, which makes dealing with incidents tedious if you get an explosion of infections. EDR capabilities that group by incident would make this much more bearable.

Testing Vipre Endpoint Security Cloud

Check here for a breakdown of how we test endpoint protection platforms. We started Vipre off in the usual manner, namely by testing its anti-phishing capabilities. We first ensured that malicious URL blocking for HTTP and HTTPS traffic was on. We then selected ten known phishing pages from PhishTank, a collection of suspected and verified phishing websites. Vipre detected and blocked all ten.

Next, we used Metasploit’s Autopwn 2 feature to launch a browser-based attack against the system using a known vulnerable version of Chrome with the Java 1.7 runtime installed. The attacks launched were only those that were likely to succeed in granting a remote shell, and none of them succeeded.

After testing with Metaspoit, we simulated executing a standard Meterpreter binary tacked onto the end of Windows Calculator. Vipre immediately stopped the executable on launch and removed it from the desktop. We also tested a set of Veil 3.0-encoded Meterpreter executables, including PowerShell, Auto-IT, Python, and Ruby. Again, Vipre detected them all, and we could not proceed with any further access tests.

Lastly, we attempted to run a set of known malware executables called TheZoo. Every one of them was quarantined before it could run, but it is worth noting that while the executables were still compressed, a fair number weren’t picked up until they were opened.

Third-party tests seem to back what we found in our lab tests. AV-Comparatives ranked Vipre as having excellent online protection, with a 96.8% online detection rate and 96.8% when doing offline detection in its March 2021 Malware Protection Test. This tracks with our own testing and serves to highlight the product’s reliability.

Well-Priced But Basic Business Protection

Vipre Endpoint Protection Cloud ties together the best features of the products out there while maintaining a reasonable price point. While it lacks some of the more advanced features found in such products as Bitdefender GravityZone and F-Secure Elements, it’s dialed into the needs of small IT shops. If you don’t want to spend a lot of time gaining deep insights on how an infection occurred, but still want a solid level of protection, Vipre is a great option.