Please share with the community what you think needs improvement with Bitdefender GravityZone Ultra.
What are its weaknesses? What would you like to see changed in a future version?
The whole suite is unlike most AV consoles, which will inform you when there is an infection or threat, for some inexplicable reason Bitdefender does not do that. The most you will receive is an hourly update or possibly if there is an outbreak that affects 30% of your machines, an email. There is no real-time alerting to inform the user there was a potential attack that recently happened on their system. They could improve by having real-time reporting which is important. I have not had used the EDR portion of the solution to do any custom scripting to allow further advanced operations on the endpoints. From what I understand from reading the comments on reviews is that it is not particularly flexible in this regard. Sandbox Analyzer is a feature that comes as part of the Bitdefender GravityZone Ultra Suite. It will start automatically unless you want to manually submit something which I have rarely done. When the feature is in use I do not get a reading back from the analyzer right away, it lacks real-time functionality. For example, if I was executing an admin tool and it was blocked because the Sandbox Analyzer wants to look at it on my local machine, it might take 10 minutes before I can successfully then launch that application to use it. The time it takes to analyze the software is too long. We are busy people and we end up just turning off the detection to allow the use of the program.
While the solution is secure, it could have better integration. Also, the support should be faster.
It's not quite so easy to use, but it's good enough and powerful. Using this product requires quite a bit of training, which is hard to get. If it were easier to use and there were more training available then it would be helpful.
We don't deal with very large organizations. We stay as far away from active directory and combined network typologies, as much as we possibly can. The way I explain it is we don't build our houses out of straw, we don't build our houses out of wood. Each user machine that piggybacks builds a stone house. We've cloud migrated everybody, however, it did not happen generically. We've used Google Enterprise or Box Enterprise, so good stuff. AES-256 at rest and AES-128 in transit. We only do scans on GravityZone covered machines via our contemporary APIs. We close every hole we can find. With people who still have servers, whether they're physical or virtual or cloud, and they're still active directory, and they're still 100% Microsoft shops, I've heard them complain. However, I don't care as it doesn't affect any of my clients. For many, the problems come mostly when they start tweaking or short-cutting - particularly for patch management. A lot of admins will tend to bundle work that we don't think should be bundled, however, they tend to due to the fact that they're underfunded and undermanned. They've got to get all the patches up. They've got to get all the updates done. Therefore, they tend to tweak group policies associated with the active directory. Some of those customizations can create potential security holes. GravityZone is the only one with the heuristic model, the simulator. We've seen where a thing may pass the script desk, it may pass the node and snippet test, however, it fails the heuristic test. That's where it launches a virtual machine in the high memory and lets the thing do whatever it's going to do, and then looks for where it goes. Of course, a lot of these things then go to the approval area as that's what the admin intended. However, then they get into a bit of a problem with GravityZone as it doesn't want them to do that. GravityZone works fine if you follow best practices in the other areas of your deployments. If you're kind of cheating or cutting corners, GravityZone isn't going to be mean to you, however, it may give you grief.
The only issue an end user might have is in the case where a website has some kind of monitoring software included, where they want to track use, and it might unnecessarily block the site for the user. In that event, the user would contact us and we can 'white list' the site for them enabling them to use it.
I would like to see the capability for remote installation of third party applications added( Like installing WinRar MS Office etc..) , and Firewall for servers.
The tech engineers don't complain about much. It's solid. My biggest thing is that I want to have more than one option for my clients. The software itself is solid. It would be better if it was more of a real-time solution, like SentinelOne. The one thing that holds me back on the SentinelOne side is that I can blacklist websites and stuff like that, but it's not as granular as Bitdefender. With Bitdefender, I feel like I have more control over what I can whitelist and blacklist. Bitdefender is not designed to work in real-time. It's a signature-based platform, it's going to work signature-based in that there are times that it has to get updates. For example, if I'm managing a hundred machines with Bitdefender and the staff is having internet issues or something, and Bitdefender does an update within a week, not all the machines are going to be up to date at the same time. I have it configured to run every day at a certain time but unfortunately, a lot of the people that use it have really bad internet and I can't run it during work hours, I have to run it after hours and they shut their computers off. The first thing Bitdefender does is it goes and looks for signatures in the morning and then it runs the updates at night and then it runs scans at night as well. Sometimes it can go three, four, five days without any update. I've had some that go up to 27. The longest I've had was 32 days and it didn't even run one scan. I have a client in the Philippines and right now, because of COVID, they're all over the Philippines and in the provinces where they have a really bad internet connection, it's a struggle. I have to schedule with them. The internet is so bad that I have six people using phone data to work because internet companies don't even go that far out for them to have a stable internet connection. In those cases, I'm struggling a little bit with Bitdefender. With a regular office set up, it runs like clockwork. But with this new normal that we have right now, it's been a little bit complicated. That's why I'm looking to add Cylance. I have a demo with them soon.
Bitdefender could improve their modules on the server. For example, Bitdefender doesn't have content filters or firewall modules on the server. It would be great if it had a networking module and a content filter module at the workstations. Because when you install it on a workstation and a server is totally different, the workstation has all the modules, firewalls, content filters, antivirus, anti-exploit, etc. But then the server has fewer features than the workstation. It has the anti-malware and the EDR, which is good because you can see the logs. It also has the device control so you can block USB's and whatever you need. But it doesn't have the content filter to see the anti-phishing, and it doesn't have the firewall inside to stop network attacks. This is something that could be improved.
We have not had any major problems with Bitdefender, it seems to be quite good. There are some additional features that they can implement in the product. For example, a remote wipe option or a geo-tracking for the laptop. That may not be the area they are targeting, but it would be useful. They were working on the encryption management for laptops, and if they complete it then it would be helpful.
At the moment, I do not have enough experience with the solution to know what needs to be improved. The cryptosystem could be improved a bit.
Having better descriptions or larger headings that will help you navigate through the to the ISP is needed. It needs to be a bit easier, a bit more intuitive. It would also be nice if we could move devices between companies.
The solution can be improved by being able to pull up the localization key map of the user. Also, to be more international, not just American compliant.
We are having trouble on the server side. But also on the endpoint side. For example, specifically on my computer, I couldn't run it, so I had to remove the program. I'm not using endpoint security for now, especially not Bitdefenders right now. We find it's making the machines run slow. We're also having problems in the service groups. When we run GravityZone it suddenly goes very slowly. Some processes are bad and we can't use some features, so we had to uninstall some products from the service of some endpoint devices. We are using about 2000 endpoints and 2000 servers. They seem to have problems installing for the client. We can't seem to find support when we do an install. Uninstalling it is a problem as well. Recently, I tried to uninstall from my computer and when I tried to deploy it, it was hard for me to uninstall it. I have found some tools, but it was really hard to remove it with them too. It must be optimized in my opinion. Because it makes the machine very slow. In the past, we were using ESET NOD32. It was very good, it was not making the machine slow. It was normal. The machine was fast when I'm used ESET, but when I started using Bitdefender it made my computer very slow. It's not just me. My colleague is complaining that the machines are becoming very slow after using Bitdefender. They should make uninstalling easier and improve the service side, but also make it removable on demand locally. It needs to be removable from the local service, not the cloud.
The pricing should be improved. The user interface has been improved on a yearly basis. The key issue is that they need to look at their pricing. Bitdefender is very productive because since we started selling Bitdefender for the past ten years, we've had almost about six different revisions. Every year and every six months there are improvements in their products, based on feedback, customer needs, changes in technology, and so on. For example, people were talking about encryption, so today you have GravityZone that has the ability to perform disc encryption. Disc encryption is done to ensure that your disc isn't attacked. Clients were requesting for endpoint detection EDR, which right now they have been able to incorporate. At any point in time, they have always been improving. Every six months there are new features. Every three months new features come in to address the needs of these customers. Bitdefender has consistently been very pro-active in virtually all the places we've installed. We ask our clients if they have any issues with the product. All of them say that it's very easy to install and to understand and that they don't have any problems with it. Any global requirements are constantly incorporated. Our clients want to see some intelligence built into reporting but they saw that most antivirus solutions don't do analytics. Bitdefender has acquired a new company that does analytics so the analytics software gets input from the antivirus then it is able to correlate and give you the analytics that are required.
There is room for improvement in the communication between servers and endpoints. The performance there needs to be much better. When we install endpoints and they communicate with the appliance server, we notice a drop in endpoint performance. The endpoint automatically connects and the policies are applied to the endpoint but the performance does not meet our expectations. In terms of additional features, I would like to see a remote desktop for installed endpoints so administrators can see what is on a user's screen or what a user is doing. A remote desktop between the server and the endpoints would be a useful feature in Bitdefender.
What do you like most about Bitdefender GravityZone Ultra?
Thanks for sharing your thoughts with the community!