The security suite guide 2010
- 18 August, 2010 08:54
Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.
These days, however, the threat landscape has changed drastically. Now PC users have to cope not only with viruses, but also with spyware, spam, infected Web sites, adware, key loggers, phishing schemes and much, much more. It's enough to make your head spin.
As a result, properly securing a PC now requires a layered approach that incorporates many security technologies. Although some are still sold in separate packages, most security products are currently gathered in suites, available from a multitude of security software vendors.
The crowded market makes picking a suite a bit of a dilemma for most users. Narrowing down which product to use requires a closer look at what type of protection is available.
Security suites can include some, or all, of the following: antivirus, antispyware, antispam, anti-malware (rootkits, bots, zombies, etc.) and antiphishing tools, plus a link scanner, privacy controls, parental controls, content filtering, registry protection, data filtering and password protection.
In this roundup, I look at nine security suites that include all of the features mentioned above. The suites are:
- BitDefender Internet Security,
- Kaspersky Internet Security,
- McAfee Internet Security,
- Norman Internet Security Suite,
- Norton Internet Security 2010,
- Panda Internet Security,
- Security Shield 2010,
- Trend Micro Internet Security Pro
- and ZoneAlarm Internet Security.
Note – All prices are in US dollars.
How we tested
New viruses and threats arrive every day --and on any given day, one vendor may be a little quicker on the draw to prevent a virus than others. That makes evaluating the strength of a particular anti-malware or antispam product very difficult -- there is never a level playing field.
With that in mind, I tested each security suite based upon factors that affect the user directly. I evaluated each for ease of installation, ease of use, notification capabilities, updating and quality of the interface.
For testing purposes, I used a Toshiba Tecra A11-S3450 notebook computer configured with 4GB of RAM, an Intel Core i7-620M CPU and a 320GB 7,200-rpm hard drive that was running the 64-bit version of Windows 7 Professional.
(Some of these products also have versions for other operating systems, such as Mac OS X, iOS and Android, and other devices, such as netbooks. These are noted in the spec boxes that are included with each review.)
During testing, I installed each product on the Toshiba notebook and timed how long the machine took to boot up, then I compared that figure to the time it had taken the machine to boot up without a security suite installed (see table). After each test, I restored the notebook back to its pretesting condition using Paragon's Backup & Recovery 10 Suite. That way, each product was installed under the exact same conditions, with the same software configuration.
During testing, I looked for telltale signs of poor performance, such as high processor utilization and slow system boots. I also noted the overall responsiveness of the interface. And I took a look at what suites proved to be overly intrusive, getting in the way of effectively using your PC by, for example, bombarding you with messages and warnings.
It's important to note the evolution of the products tested here, each of which has changed significantly with each new version. As malware has become more sophisticated, so have security suites.
One interesting trend is the inclusion of digital sandboxes, which work by executing unknown applications in protected memory to detect any malicious behavior before allowing the application to access the system. Another innovation is application-stamping, where known good applications are whitelisted, allowing the anti-malware software/firewall to skip rescanning the applications whenever they are launched. That helps to speed up application launches and minimize the CPU cycles needed by the security software.
What's more, security software vendors are becoming more proactive about protecting your PC, especially when it comes to updating signatures. Many of the products here check for new signatures several times a day, which is helpful for combating zero-day threats from new exploits.
All in all, today's Internet security suites are becoming more sophisticated and are blazing new trails in protection technologies.
Next: BitDefender Internet Security 2010
BitDefender Internet Security 2010
Romania-based BitDefender SRL only has a fraction of the U.S. security market, which is dominated by industry giants Symantec Corp. and McAfee Inc. But BitDefender has a solid following in Europe. BitDefender Internet Security 2010 comes at a bargain price of $49.95 for three PCs, which is $10 to $20 cheaper than the prices of most other Internet security suites.
Internet Security 2010 comes with all of the expected bells and whistles; it's a complete suite that includes everything typical desktop users need to secure their systems, from firewall protection to antispam features.
BitDefender's firewall is easy to set up. The product seems to understand what ports and protocols are normally used by a PC, as well as the standard communications performed by common applications. That helps to prevent annoying pop-ups and warnings.
Like most anti-malware products, BitDefender relies on signature files to identify problems. However, the product's B-Have module also runs unknown files in a sandbox to detect malicious behavior. In addition, the company has added another layer of protection called Active Virus Control, which further analyzes programs and blocks them if they misbehave.
The product offers a few nifty features. For example, the integrated Wi-Fi monitor offers a way to see if anyone is trying to connect to your Wi-Fi network or to your PC using a Wi-Fi connection.
The firewall's Game Mode is another plus. Most online games work best when a firewall is disabled; however, users can easily forget to turn the firewall back on once they're done playing. The Game Mode acts like a switch that allows games to function and then returns the firewall to full functionality once a game is over.
Parental controls support multiple users, multiple policies and multiple exceptions, allowing you to set up custom access for each minor that might use your PC.
BitDefender's antispam capabilities work with Outlook, Outlook Express, Windows Mail and Thunderbird; it will analyze e-mail messages and send spam into a "Deleted Items" folder. If you use a different e-mail client, you can use message rules to route obvious spam into a junk folder.
BitDefender Internet Security 2010 includes some major enhancements to improve the ease of installation and ease of use.
BitDefender Internet Security 2010 Company: BitDefender SRL Price: $49.95 for as many as three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, OS X 10.4.6 or later; Windows Mobile Pocket PC versions 2002 or later; Windows Mobile Smartphone 2002 or later; Symbian 60, Symbian 80
Installation and initial configuration use templates to speed and simplify the process. During the install, you choose from four user types (typical, parent, gamer or custom) and three interface levels (novice, intermediate or expert). It basically comes down to what type of user you are -- do you want the product to just do its job behind the scenes, or do you want an active hand in what is happening?
I installed BitDefender using the "typical" and "expert" choices and found the custom interface straightforward to work with. You can change your user type and/or interface level later if you wish.
The interface is laid out clearly and most functions are easy to locate and find -- although it does not offer the same level of polish and integrated help as some other products on the market. For example, BitDefender does not offer context-sensitive help that can drill down farther into definitions of the problem and recommended actions. The interface has features buried under menus and has some elements hidden under submenus. But on the whole, BitDefender Internet Security 2010 should not be difficult to master.
If you do run into problems, the company offers excellent tech support resources. If you need personal assistance, you can call support 24/7 or send an e-mail or instantly connect via live chat with a support specialist. The company also offers a wealth of resources on its Web site, ranging from searchable documents to a user forum.
Performance-wise, BitDefender worked well, although some initial scans were both CPU-intensive (sometimes CPU utilization hit 99%, at other times it was as low as 5%) and time-intensive, taking some 30 minutes to perform a complete scan on my Toshiba notebook. Luckily, the product builds a list of all the "scanned good" files on the system and can skip rescanning those files in the future.
The company is expecting to release a beta of BitDefender Internet Security 2011 sometime around August. Although details are sketchy, users can expect faster scan speeds and improvements in spyware detection that minimize false positives, as well as an antispam component that supports more e-mail clients out of the box.
BitDefender Internet Security 2010 comes in at a lower price than its competitors and offers all of the needed security features for the typical desktop user. However, it lacks the polish of some of the other products on the market.
Next: Kaspersky Internet Security 2010
Kaspersky Internet Security 2010
Moscow-based Kaspersky Labs is well known to the IT community: The company has been making security products since 1997, it reported revenue of $480 million in 2009, and it claims to have a user base of more than 300 million. Its premium PC product is Kaspersky Internet Security 2010, which offers a comprehensive suite of security features that should meet any PC user's needs.
Most users will like how Kaspersky's firewall works. It's easy to define simple firewall policies, yet you can delve deeper down into the firewall functions and block individual ports, requests or other types of traffic.
Like BitDefender, Kaspersky has a digital sandbox -- it's called Safe Run -- that allows you to run new applications browser sessions in a sandbox.
I found that the firewall was less intrusive than others on the market, thanks mostly to its efficient use of its whitelist of approved programs. The product also offers antispam capabilities which, unlike some other antispam tools, work with IMAP-based e-mail accounts as well as common POP3 accounts.
Users in households with underage humans will appreciate the parental controls, which are easy to set up and are capable of blocking access to the Web by categories or even by a schedule -- making sure that innocent eyes don't glance upon the seamy side of the Web. And an integrated link scanner warns users of suspect Web sites and other browser-related issues before an actual problem arises.
Of the suites reviewed here, Kaspersky Internet Security 2010 was one of the easiest to install. A wizard steps you through the process, and only one reboot is required. The default settings and policies will prove quite adequate for most users.
The software proved to be relatively easy to work with as well -- most of the typical technobabble has been eliminated and plain English explanations abound, making it easy for even people who are new to PC security to effectively configure the software. For those who need help, Kaspersky offers several options for support: phone, e-mail or online chat sessions. Users also have the option of accessing a community of users, where they can get advice from Kaspersky staffers.
The interface contains several submenus and is divided up cleanly by task. The scanning options are easy to locate and are split up in a logical fashion, making it easy to find a particular scan and execute it quickly.
Kaspersky Internet Security 2010 Company: Kaspersky Lab ZAO Price: $59.95 for as many as three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, Mac OS 10.4.11 or later, Symbian 9.1 or later, Windows Mobile 5.0 or later
Scanning runs as a background process, allowing you to continue to work while a comprehensive scan takes place. On my test system, scanning went unnoticed; it had little impact on my ability to perform other tasks. A glance at the Windows Task Manager showed processor utilization increased less than 10% during an active scan. I found that the active notifications kept me well informed of potential problems without hounding me constantly.
I was able to run the full suite on a netbook with no problems.
Kaspersky Internet Security 2011 is currently in private beta and should be available sometime in August.
New features will include a desktop gadget that will offer customizable buttons for quick access to product features and will display the current security status using red, yellow, or green indicators.
In addition, new tools will allow installation of the product on systems that have active infections. A new feature called "Safe Surf" will assess the reputation of an IP address and assign it a "trusted," "suspicious" or "banned" status. Enhancements will also be made to rescue disk, parental controls and rootkit detection.
Kaspersky Internet Security 2010 is a good value and covers all the bases well for users of Windows 7, Vista or XP PCs. Purchasers will be happy with the fast performance and the ability to limit the barrage of security messages that most competing products unleash. The next version of the product promises important improvements that could make the Kaspersky Internet Security one of the best security suites on the market.
Next: McAfee Internet Security 2010
McAfee Internet Security 2010
McAfee software has undergone quite a few enhancements since the company started offering security products in 1987. The latest incarnation, McAfee Internet Security 2010, has a completely new interface, feel and installation process. That's a good thing, since many neophyte users complained about all of those elements in previous versions, leaving only advanced users enamored with the product's capabilities.
McAfee Internet Security 2010 offers a variety of malware scanning options, including on-demand, real-time or according to a schedule. As with most Internet security products, McAfee Internet Security 2010 offers a firewall, parental controls, antispam tools and filters.
The firewall monitors all data that enters or leaves your PC and keeps an eye on your computer's ports, as a firewall should. Basic setup was easy; McAfee uses predefined settings to get your PC secured quickly. On the other hand, manually setting up firewall rules and policies was complicated, definitely more so than with competing products. The process lacks effective help and choices, and it assumes that users have advanced knowledge of how a firewall should work.
In addition, users will want to make sure to set the firewall to standard mode, because the default, out-of-the-box settings don't block all critical ports on the firewall, leaving some open, such as FTP and POP3. McAfee should consider making the firewall's standard mode the default mode -- currently, the product leaves too many things unprotected in its default configuration, probably to suit the needs of gamers and those that have fewer concerns about security when accessing the Web.
On the other hand, you can block all network traffic between your computer and the Internet with a single click. That's a handy way to keep your computer secure when you're not actively using the Internet.
Out of the box, the integrated antispam application works with Outlook and Thunderbird, with no need for additional integration steps. Since the antispam application supports both IMAP and POP3, it is easily configured to work with other e-mail products that are not predefined in the product.
Parental control options are limited and only offer basic protection. I was able to block Web sites, limit time on the Internet and filter keywords, but not much more. The keyword filter lets you assign an age group to any keyword you choose. If a site has the keyword, parental controls will block it.
McAfee's SiteAdvisor component installs into your browser and warns you about dangerous sites. SiteAdvisor uses McAfee's Global Threat Intelligence network to identify phishing or hacked sites and warns the user before any damage can occur. Usability
Installation was easy and the configuration wizard did a decent job of stepping me through the options. However, many of the help screens, notifications and warnings were somewhat cryptic and felt like they had been thrown together quickly -- or translated from another language.
McAfee Internet Security 2010 Company:McAfee Inc. Price: $44.99 for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7
McAfee has put a great deal of work into improving the user experience, and those efforts do show in the product's new interface. The GUI is divvied up into logical sections; with only a quick glance, I could tell the status of the system thanks to the color-coded status screens and bold messages that said either "No Action Required" or, if there was a problem, "Action Required."
Each primary menu choice launches a submenu that features options that allow you to configure the product. You choose each option simply by clicking on a dialog box, which offers a green circle when enabled. However, if you are looking to set up a custom rule or setting, figuring out how to do that is a challenge -- after something of a hunt, I found that I had to drill down through several menu levels to locate the custom settings.
Performance-wise, the product was fairly effective -- most of the scans on the test system only increased CPU utilization a few percentage points. However, utilization spiked to almost a 100% when doing a manual scan of compressed files.
Overall, most users should not experience any slowdowns that affect day-to-day activities, with the exception of the system boot which, as was the case with most of the other suites in this roundup, increased after the product was installed.
Those looking for help with McAfee's software will be disappointed that the company charges for technical phone support, with prices ranging from $9.95 to $59.95. The company does offer online support, user groups and the usual bevy of free support options, but if you want a human being on the phone, you have to pay.
Like most vendors of Internet security software, McAfee frequently upgrades its products. However, the company has not released any information on what's in store for McAfee Internet Security 2011.
McAfee Internet Security 2010 covers the basics well, offers an interface that's easy to use and comes at an affordable price. However, the lack of free technical support and the inability to easily set up custom rules and policies makes McAfee Internet Security 2010 a product to avoid for most power users.
Next: Norman Security Suite
Norman Security Suite
Oslo, Norway-based Norman ASA is well known in Europe for its security products and has started to get recognition in the U.S. with its straightforward, easy-to-use software. Case in point is Norman Security Suite, a comprehensive Internet protection offering. While it doesn't stand out against its competition, it is a competent product that adequately does what it's supposed to do -- protect PCs from Internet-borne threats.
The product offers real-time, on-demand and scheduled virus scans. During on-demand scans, the product is very informative, displaying a progress graph that offers interesting tidbits of information, such as what has been found and what is being scanned. While most security products offer that capability, Norman's is more descriptive, offering file names and a running status of problems found.
Software can be configured to automatically scan and shows a progress report in the form of a graph. The antivirus and antispyware program offers protection from instant-messaging attachments, viruses and other forms of malware. Scheduled scans can be performed in "screen saver" mode, which, during periods of inactivity, launches a screen saver that also executes a scan of the files on the PC.
Norman's firewall offers professional-level logging that can be used to identify any activity detected by the firewall, which is useful for tracking down suspicious activity. I found the firewall pretty easy to set up and the management console quite detailed.
Although the firewall is geared toward more technically savvy users, most people should be able to figure out how to use it. I found the integrated tools, such as the port monitor and real-time packet logs, a real bonus. Those tools give you a real feel for what is exactly happening on a PC when it's connected to the Internet.
However, neophyte users might find a few of the features a little complicated. For example, Norman offers a "digital sandbox" -- questionable code is placed in a sandbox for further testing, and ideally that code (if infected) will activate in the sandbox, before entering the actual operating system. It's an important feature, but Norman's sandbox requires more end-user interaction than those of competing products, such as McAfee, ZoneAlarm and Trend Micro.
I found Norman's parental controls easy to set up, thanks to a wizard that guides you through the process. You can set it for multiple users, time limitations and password-protected access. However, users looking for more granular control over parental settings will find Norman's choices more limited; it lets you select only generalized settings such as "child" and "teenager."
The same can be said for Norman's antispam tool. It works with both POP3 and IMAP e-mail accounts and supports all of the popular e-mail clients. However, while it is easy to set up and configure, it doesn't stand out among its competitors -- for example, customization is limited to a few "block" or "deny" rules for e-mail messages that fall outside of the normal spam/not spam calculations.
The link scanner, Surf-Shield, worked for the most part, blocking access to scam sites and links that were known to be infected. However, the warnings were somewhat vague, offering little information on why a specific site was a problem.
The firewall also suffered from a lack of descriptiveness: It was able to block unauthorized programs but did not provide much follow-up information. It would have been nice if the firewall offered a little more guidance than just reporting that an application was trying to access the Internet.
In short, Norman lacks some of the bells and whistles found on other products -- features such as extensive reporting and customizable warning screens.
Installation of Norman Security Suite is straightforward. During the install process, you will have to enter a key code and reboot your system at least one time (pretty standard fare with a security suite).
Norman Security Suite Company: Norman ASA Price: $59.95 for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, Linux (antivirus)
One interesting thing Norman does during the installation is ask for the user's "experience level." You can choose experienced or inexperienced -- I chose the latter, just to see what would happen. For an inexperienced user, the setup is mostly automated and only asks simple questions, such as what browser you primarily use and whether or not you are on a network. The installation for experienced users was initially more time-consuming; however, having the ability to set defaults during the installation saved time later on, because I didn't have to go back into the configuration settings to make changes to meet my specific needs.
Once installed, Norman is fairly simple to use. The main screen, which acts as the main menu interface, offers a view of the various categories or modules that make up Norman, including the status of each (for example, whether any malware has been intercepted).
Categories include Virus & Spyware Protection, Personal Firewall, Parental Controls, Install and Update and Support Center. Each selection sports submenus that avoid technobabble, making it simple to make minor changes and understand what is going on with the product.
Virus scans were very processor-intensive -- when running a scan, even on my Intel i7-powered Toshiba, there was a noticeable lag in system performance, with processor utilization spiking to near 100%. I wouldn't recommend using this product on a netbook or an older, less-powerful PC.
There's a lot of room for improvement in this product, and although Norman wouldn't release any details about the next version, the company did tell me that it will address some of these concerns in the near future.
Norman Security Suite does an adequate job of protecting a PC from the ills of the Internet. The Pro version ($75.95) adds intrusion detection and prevention and may be a better choice for those looking for a more robust firewall. However, potential buyers might want to wait and see what the next version has to offer.
Next: Norton Internet Security 2010
Norton Internet Security 2010
Symantec's Norton Internet Security 2010 is the 800-pound gorilla in the room, simply because Norton-branded security products have been the ones to beat for several years.
Of course, name recognition doesn't always mean a product is the best. Symantec strives to keep competitors at bay and is constantly improving its offerings. Norton Internet Security 2010 is no exception.
Norton's firewall is very easy to set up and controls Internet access for known good programs. In other words, if a program needs to access the Internet to function and is on the "good" list, the firewall will allow that access without any user intervention. Examples include programs that check for version updates, patches or need to retrieve data to function. The product also deletes known malware, such as rootkits, adware and any application that has been blacklisted. What's more, the firewall keeps an eye on the behavior of unknowns, all without pestering the user with cryptic security questions.
One interesting feature is Symantec's Quorum reputation index. Here all known files are assigned a reputation level, which is based upon continually updated data from Symantec's customers. Files that have given no one any problems have a high reputation, while files that have been easily infected or compromised have a low reputation. If a program being downloaded has a low reputation, the user is informed and can abort the download or decide not to execute the application.
Norton also utilizes its SONAR2 engine, which, according to Symantec, uses all sources of information, including the reputation index, to judge whether a file should be classified as suspicious and subjected to more in-depth testing.
Parents will like how easy it is to set up parental controls and keep a tab on what little Billy and Janie can access. The product integrates with an online offering called OnlineFamily.Norton, a Web service that is free for Norton customers.
Norton Internet Security 2010 uses technology from Symantec's enterprise-level spam protection system. The product filters all POP3 e-mail for spam and viruses and integrates with Outlook and Outlook Express. IMAP integration is missing and would be welcome.
The last time I looked at Norton Internet Security, in 2008, the suite was a resource hog -- it protected systems very well, but noticeably impacted performance. Symantec has redesigned the product to improve performance and limit its use of system resources. This latest version shows those efforts were worthwhile.
Norton Internet Security 2010 Company: Symantec Corp. Price: $69.99 for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, Mac OS X 10.4.11 or higher, Symbian 9.2 or higher, Windows Mobile 5.0 or higher, Android 2.0 or higher, netbook version
I found Norton Internet Security 2010 to be one of the easiest packages to install. The installation is wizard-driven, all of the prompts are in plain English, and the default settings do an excellent job of protecting the system.
One thing to be aware of is the time it takes to install the package -- although the hands-on portion of the installation is rather quick, you will have to wait through an update process that can take as long as 20 minutes. Immediately after the installation completes, the product "phones home" to download all of the latest updates, and that can take some time. In my testing, almost every other security product went through the same process in a few minutes, but Norton took 20 minutes.
Using Norton Internet Security 2010 is straightforward. The interface is laid out in a logical fashion using an index-card-style layout. All of the major capabilities are accessed from a central menu that has controls that look like index cards and are populated with pertinent information. One click delivers additional information and other options.
As a testament to the product's performance increases, the interface offers a summary screen showing CPU utilization and resource use in real time. I watched it while Norton Internet Security 2010 went through its chores, and found that it kept to a very low percentage of CPU utilization (as low as 5% for some scans).
Symantec backs the product with 24/7 tech support, an online help community, real-time chat and comprehensive context-sensitive help.
Symantec released a public beta of Norton Internet Security 2011 in early April. The beta sports many enhancements, especially when it comes to speed. While there is no official release date for the final product, availability before the fourth quarter of 2010 is expected.
Symantec claims that the new version will improve or maintain key performance benchmarks in installation times, scan times and memory usage. In addition, the product will include System Insight 2.0, which goes beyond security and alerts users when applications are significantly impacting their system resources. Other enhancements include improved reputation filters, support for social networking sights and better browser integration.
Norton Internet Security 2010 is an excellent security product and still remains the one to beat. Symantec has done a good job of improving it over time to keep it one step ahead of the competition. Perhaps the only downside is Norton Internet Security's price, which is higher than those of many competing offerings.
Next: Panda Internet Security 2010
Panda Internet Security 2010
Panda Security, although not as well known as the big names like Symantec and Trend Micro, offers several security products, ranging from simple antivirus tools to hosted enterprise systems. Internet Security 2010 offers protection from viruses, spyware, rootkits, hackers, online fraud, identity theft and other Internet threats. Panda Internet Security 2010 also offers antispam features, parental controls and full anti-malware capabilities.
Panda incorporates a technology it calls "cloud scanning," which centralizes virus data from across all Panda customers to keep its database up to date. According to the company, the underlying collective intelligence used by the cloud technology helps to make sure that all signatures are up to date and allows Panda to get a head start on how to deal with a virus or exploit that represents a zero-day threat.
The firewall has a set-and-forget design. Basically, you pick a profile and assign that to the firewall, and the firewall then protects the PC based upon the canned settings in the profile. However, I found the firewall settings particularly difficult to change, making it a bit hard to customize the protection offered. Some of the settings were buried under different menus, while other settings were not well defined. For example, to change ports being blocked, I had to go through several menu levels to locate the feature.
The firewall automatically handles known good and bad programs and monitors system behavior for any unknown programs. An extensive database helps to keep notifications to a minimum, only bothering the user when an unknown application is first run.
Parental controls allow you to set up a Web filter and give each user a specific setting. The product offers the following preset filters: Kid, Employee, Teen or Default. You can also adjust the filter to block or allow specific content. Setting up the parental controls requires that you assign each user a log-on name and password -- the other suites here don't require the creation of separate accounts for each user.
Panda's spam filtering was easy to set up and needs minimal user intervention. It automatically filters incoming POP3 e-mail; however, it doesn't support IMAP e-mail. More control over spam would be nice -- the product offers limited custom filtering, only looking for keywords or attachments.
Panda Internet Security 2010 was simple to install and set up -- the installation wizard only asks a few questions and only one reboot is required.
The product does make a lot of assumptions on its default settings, turning on all security features, such as spam protection, as part of the installation. That's actually an advantage, especially since changing the defaults can be a tedious process, with some configuration elements hard to locate and/or understand. I found that to change some simple rules, I had to traverse a multitude of menus, especially for firewall settings.
The product offers a combo dashboard/main screen that shows the status of system security and features menu items that launch the various configuration and information screens. It combines antivirus and antispyware systems into a single choice on the dashboard. The firewall is controlled using a dedicated tab on the dashboard, which brings up the various submenus.
Panda Internet Security 2010 Company: Panda Security Price: $81.95 for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, netbook version
Panda could use better help screens and clearer descriptions of its various functions, although those familiar with PC security should have no problems. However, neophytes may be put off by the terminology.
The product performs well and was relatively unobtrusive on my test PC. Warning screens were kept to a minimum and updates were automated, meaning that users are not asked before an update is processed. Whether that's a good way to handle things comes down to whether a user prefers an install-and-forget security product or wants to be intimately involved with his PC's security status.
Panda has some big changes planned for the next version of its suite, which is expected by the third quarter of 2010. According to the company, the package will sport a redesigned interface that's crafted to address user concerns about things such as difficult-to-find settings and less-than-useful help screens.
The product will also incorporate improved Web site filtering, offering better protection from the growing spate of phishing and attack sites. The product's "cloud scanning" technology is poised to become faster, more efficient and more frequently updated, helping to reduce the threat of zero-day attacks. Other planned improvements include new data-encryption technology to protect personal information, enhanced privacy controls and an information shredder that's supposed to wipe out all traces of personal data before a system is handed over to a new user.
Panda Internet Security 2010 works well and is a polished product that should appeal to newbie users. It's a bit more expensive than most of its competitors; in addition, power users who like to have full control over their software might find that Panda Internet Security 2010 comes up a little short.
Next: Security Shield 2010
Security Shield 2010
Security Shield 2010 combines products from two vendors to create an Internet security suite. The suite incorporates antivirus, antispam and antispyware tools, a firewall, parental controls and rootkit detection capability into a single product that features an intuitive management console.
Security Shield uses technology from BitDefender for its antivirus, antiphishing, antispyware and antikeylogger engines; it uses its own Spam Shield product to provide antispam capabilities.
The firewall monitors all inbound and outbound traffic to protect the system from external attacks or to prevent malicious software running on the PC from transmitting information.
Most of the product's capabilities are fairly basic. For example, Spam Shield 4.0, the antispam component from Security Shield, works only on POP3 e-mail services and integrates only with Outlook and Outlook Express. The antispam capabilities are also somewhat limited, relying on user rules and settings to work effectively. For example, if you want spam to be sent to a folder for examination, instead of just deleted, you will need to define a rule that identifies the spam mail and then saves it to a junk (or other) folder.
All in all, the product offers basic protection but lacks the bells and whistles that power users desire, such as the ability to fully customize the firewall to create exceptions for particular applications or to install antispam on e-mail clients that use IMAP.
I found it very easy to work with the basic settings and the product's dashboard, which is designed for simplicity, offering very basic descriptions of each feature and simple green check marks to indicate that something is turned on and functioning properly. The buttons across the top of the dashboard are limited to simple descriptions, such as Dashboard (the home screen), Security, Parental and Network (which leads to firewall controls).
However, if you like to tinker with settings, enable advanced features or play security detective, Security Shield 2010 may not be the product for you. I found it difficult to find many of the custom security settings on the product and had to traverse multiple menus that followed little rhyme or reason in order to locate some settings such as scan scheduling or quarantine capabilities.
The product used little in the form of resources, barely affecting system performance and using hardly any memory. That small memory footprint and low CPU usage are great advantages for users who are concurrently using their PCs during scans, but it comes at a price -- I found that full disk scans and other manually executed tasks took an inordinate amount of time. For example, a full system virus scan on roughly 8GB of data and system files took almost an hour.
Security Shield 2010 Company: PCSecurityShield Price: $49.99 ($59.99 minus a $10 rebate) or $59.99 ($69.99 minus a $10 rebate) for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7
Living with the product was another story. With all of the security features enabled, I was constantly bombarded with warnings and suggestions while accessing the Web with Internet Explorer. I found that I had to turn off or reduce the aggressiveness of some of the protection features, such as antiphishing and content-filtering tools, to avoid the numerous messages. The warning messages may not be overly intrusive to experienced users, since they will understand the implications of the text, but inexperienced users could find the messages so annoying that they could wind up turning security features off to avoid them.
Representatives wouldn't say whether the company is set to deliver an updated version of the product.
Overall, Security Shield 2010 is a serviceable product; however, users may want to consider some of the other suites on the market before committing to this product.
Security Shield's real strength is it antivirus engine -- however, since that comes from BitDefender, all things being equal, BitDefender's security suite is probably a better choice -- unless you're looking for an extremely simple product for a family member's or friend's computer. In that case, Security Shield 2010 should do fine.
Next: Trend Micro Internet Security Pro
Trend Micro Internet Security Pro
As one of the more expensive suites on the market, Trend Micro Internet Security Pro has to meet some high expectations.
And in many ways it does: Trend Micro Internet Security Pro is one of the most comprehensive Internet security suites available. It features full protection, including antivirus, antispyware and antispam tools, a firewall, parental controls and rootkit detection capability. What's more, Trend Micro throws in a behavioral engine, which improves protection, and a security toolbar for use with your browser. Internet protection
Trend Micro offers all of the expected capabilities, including antimalware and antispam tools, a firewall and other security features. One unusual addition is Trend Micro's Wi-Fi Advisor, which checks wireless networks for security problems. Also included is a gaming mode, which opens ports in the firewall for access to Internet games, while still retaining its antivirus and antimalware capabilities. That allows users to play games over the Internet without fear of getting viruses or spyware. There are also device access controls that prevent unauthorized USB devices from being used on a PC.
The firewall is simple to deploy. Neophytes can just choose a setting that fits their environment; options include Home Network, Office Network, Direct Connection or Wireless Connection. These all change the firewall rules to different levels and settings depending on the danger associated with each type of connection.
The product's content-filtering parental controls offer predefined settings for teens, pre-teens and adults; each of the predefined settings can be customized further for users who need to limit or allow access to more sites based upon the profile in use.
Trend Micro offers an integrated browser toolbar that makes searches simpler and offers advice when visiting new Web sites, such as whether or not the site is safe or has any security problems.
The product's spam filtering capability works with incoming POP3 e-mail and integrates with Microsoft Outlook and Outlook Express. As with other product functions, spam filtering is based upon a simple choice of how aggressive you want the antispam component to be. You can set the filtering level to high, medium or low. The high setting will eliminate the most spam but might also block legitimate e-mail, while the low setting might let some spam get through. You can further fine-tune the spam filtering by using a whitelist or a blacklist.
Trend Micro Internet Security Pro has one of the cleanest installation processes; installation was a breeze and did not require a reboot of the PC. The installer also seeks out previously installed antivirus products and can automatically remove them, which helps to prevent conflicts between incompatible applications.
Trend Micro Internet Security Pro Company: Trend Micro Inc. Price: $69.95 for up to three PCs (includes one year of updates and support) Operating systems: Windows XP/Vista/7, Mac OS X 10.4 or later, iOS 2.1 or later, Symbian S60, Windows Mobile 5.0 or later, netbook version
The application tries to keep things as simple as possible and offers a great deal of guidance. Trend Micro is also "state aware," so if you're running a presentation, watching a movie, playing a game or doing some other activity where security warnings and pop-ups are not desired, the product will suppress warnings to prevent interruptions.
Operationally, I found the product offered adequate performance, memory usage was low and the product had little impact on processor utilization, less than 5% in most cases. However, manual scans did tend to be more processor-intensive and did put a noticeable dent in overall system performance; they would frequently peak at 90% processor utilization for very short periods of time -- never more than two seconds. This suggests that the application might not be appropriate for lower-powered systems such as netbooks.
Trend Micro hasn't publicly announced what is planned for the next version of its product, and no public beta is available. That said, development and testing is going on behind the scenes for the next version of Internet Security Pro, according to company sources.
Trend Micro has an interesting and useful product. The Wi-Fi adviser can be a handy feature for people who work in unsecured locations such as Internet cafes, and the ability to control device access such as USB connectivity is a good feature to prevent unauthorized individuals from copying information from an unattended PC.
However, I was not impressed with its performance during manual scans, and would think twice before using it on less powerful notebooks or netbooks.
Next: ZoneAlarm Security Suite 2010
ZoneAlarm Security Suite 2010
ZoneAlarm, which has been around since the late 1990s, is well known for its free firewall; more recently, it has been marketing a full security suite. With ZoneAlarm Security Suite 2010, Check Point Software (which purchased the product from Zone Labs in 2004) has integrated its firewall and spyware-prevention products into a suite that incorporates Kaspersky's virus-scanning engine to create a full array of anti-malware, anti-intrusion capabilities.
Since ZoneAlarm Security Suite 2010 uses Kaspersky's virus-scanning engine, the anti-malware capabilities are very similar to those of Kaspersky's product. However, the company has done a good job of integrating the virus-scanning technology into the suite, providing a near seamless experience from the program's menus.
The firewall is a good fit for advanced users, since it offers granular control of ports, programs and access. The firewall manages incoming and outgoing Internet traffic, while separately managing local network traffic. That allowed me to define different access policies based upon whether or not I was talking to a local network machine or a remote, Internet-based machine.
Blocking malicious programs is easy, thanks to ZoneAlarm's SmartDefense Advisor technology, which preconfigures settings for millions of known programs and sets a trust level for each.
Unknown malware is handled by an "Auto-learn" mode, which starts by treating every unknown program as valid, allowing that program to be executed and then monitoring the activity of that program to see if it exhibits suspicious activity. Initially, all unknown applications have a rule assigned that allows continued network access. That leaves it up to ZoneAlarm to detect if the program is a problem, based upon behavior.
The goal of Auto-learn mode is to limit confusing firewall pop-up messages, making security less intrusive -- but with that comes the possibility of reduced security. If you turn off Auto-learn, then unknown programs are blocked until the user acknowledges that they are OK -- which may be more irritating, but is also more secure.
The product integrates with popular browsers and prevents malware by blocking dangerous sites. If the site is not blocked, the product allows the requested file to be downloaded. If it can't guarantee the file is good, ZoneAlarm initiates a more intense scan that analyzes the file's execution in a digital sandbox. The advanced scan starts after the download finishes and can take a few minutes.
ZoneAlarm offers integrated spam filtering, thanks to the inclusion of the SonicWall antispam component, which filters POP3 and IMAP e-mail in Outlook, Outlook Express and Windows Mail. The product also works with Microsoft Exchange. Filtering uses a combination of whitelists and blacklists, and it can protect mailing lists based on the recipient address. One nifty feature is its ability to make every new correspondent respond to an e-mail challenge the first time.
The suite features all of the expected bells and whistles, as well as a few extra capabilities such as data-leakage protection, credit report monitoring and zero-hour rootkit prevention.
ZoneAlarm has done a fine job of rolling the separate security components together into a unified suite. I found it very easy to install. Dialog boxes were kept to a minimum, requiring very little user interaction -- while that does simplify the installation, it would have been nice to be presented with a little more information, such as percentage complete and what part of the installation process was occurring.
ZoneAlarm Security Suite 2010 Company: Check Point Software Technologies Inc. Price: $34.95 per PC (includes one year of updates and support) Operating systems: Windows XP/Vista/7
The support documentation and integrated help screens for ZoneAlarm Security Suite 2010 provide all the information a user could need to solve most problems or activate most features. For technically challenging situations, users can turn to e-mail support, online help, online chat and user forums. The company does offer paid phone support, but that costs $49.95 per incident.
The interface offers pull-down menus and tabs to access primary features. Choices include Firewall, Program Control, Antivirus/Antispyware, Email Protection, Privacy, Identity Protection, Parental Control and Alerts & Logs. The opening window starts with an overview screen that gives the highlights of what has been recently blocked, scanned or detected. Navigation is pretty straightforward, but some of the menus could be combined to simplify things. For example, privacy and identity protection could be combined into a single element.
Scans proved to be very fast, and the application used a minimum of CPU cycles and resources, making it effective even on older systems with low-powered CPUs and on netbooks. In most cases, test scans only increased CPU utilization by 10% or less. However, more in-depth scans of executables, which execute the applications in a digital sandbox, spiked CPU usage as high as 90% for a few seconds.
Decent reporting capabilities and pop-up notifications round out the security suite, while automated updates help to keep everything secure.
According to ZoneAlarm's PR representative, the company has not released any information about the next version of its product or about its plans for an updated version of ZoneAlarm Security Suite 2010.
All things considered, ZoneAlarm Security Suite 2010 covers the basics very well. Its integrated firewall proves to be an excellent security tool for power users who want to control and monitor all traffic in and out of a PC. I do have an issue with its Auto-learn mode -- but as long as you ignore that feature, the firewall is very good. You should also expect performance hits during in-depth scans.
Thanks to the incorporation of Kaspersky's security tools, ZoneAlarm Security Suite 2010 will protect PCs from the common ills found on the Internet, which helps to round out the product and put it into the Internet Security Suite category. The product could be a top contender with the addition of free phone support, which is the norm among the vendors in this market, and a slimmed-down interface that better hides complexity from neophyte users.
Frank J. Ohlhorst is a technology professional specializing in products and services analysis and writes for several technology publications. His Web site can be found at www.ohlhorst.net.