Ultimate security software guide – choose the suite that’s right for you

This is part 2 of 2. Read part 1 of 2 on this review of security suites.

Norton Internet Security 2010

Symantec’s Norton Internet Security 2010 is the 800-pound gorilla in the room, simply because Norton-branded security products have been the ones to beat for several years.

Of course, name recognition doesn’t always mean a product is the best. Symantec strives to keep competitors at bay and is constantly improving its offerings. Norton Internet Security 2010 is no exception.

Internet protection

Norton’s firewall is very easy to set up and controls Internet access for known good programs. In other words, if a program needs to access the Internet to function and is on the “good” list, the firewall will allow that access without any user intervention. Examples include programs that check for version updates, patches or need to retrieve data to function. The product also deletes known malware, such as rootkits, adware and any application that has been blacklisted. What’s more, the firewall keeps an eye on the behavior of unknowns, all without pestering the user with cryptic security questions.

One interesting feature is Symantec’s Quorum reputation index. Here all known files are assigned a reputation level, which is based upon continually updated data from Symantec’s customers. Files that have given no one any problems have a high reputation, while files that have been easily infected or compromised have a low reputation. If a program being downloaded has a low reputation, the user is informed and can abort the download or decide not to execute the application.

Related Slideshow: Inside Symantec’s Security Operations Center

Norton also utilizes its SONAR2 engine, which, according to Symantec, uses all sources of information, including the reputation index, to judge whether a file should be classified as suspicious and subjected to more in-depth testing.

Parents will like how easy it is to set up parental controls and keep a tab on what little Billy and Janie can access. The product integrates with an online offering called OnlineFamily.Norton, a Web service that is free for Norton customers.

Norton Internet Security 2010 uses technology from Symantec’s enterprise-level spam protection system. The product filters all POP3 e-mail for spam and viruses and integrates with Outlook and Outlook Express. IMAP integration is missing and would be welcome.

Usability

The last time I looked at Norton Internet Security, in 2008, the suite was a resource hog — it protected systems very well, but noticeably impacted performance. Symantec has redesigned the product to improve performance and limit its use of system resources. This latest version shows those efforts were worthwhile.

Product specs

Norton Internet Security 2010

Company: Symantec Corp.
Price: $69.99 for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, Mac OS X 10.4.11 or higher, Symbian 9.2 or higher, Windows Mobile 5.0 or higher, Android 2.0 or higher, netbook version

I found Norton Internet Security 2010 to be one of the easiest packages to install. The installation is wizard-driven, all of the prompts are in plain English, and the default settings do an excellent job of protecting the system.

One thing to be aware of is the time it takes to install the package — although the hands-on portion of the installation is rather quick, you will have to wait through an update process that can take as long as 20 minutes. Immediately after the installation completes, the product “phones home” to download all of the latest updates, and that can take some time. In my testing, almost every other security product went through the same process in a few minutes, but Norton took 20 minutes.

Using Norton Internet Security 2010 is straightforward. The interface is laid out in a logical fashion using an index-card-style layout. All of the major capabilities are accessed from a central menu that has controls that look like index cards and are populated with pertinent information. One click delivers additional information and other options.

As a testament to the product’s performance increases, the interface offers a summary screen showing CPU utilization and resource use in real time. I watched it while Norton Internet Security 2010 went through its chores, and found that it kept to a very low percentage of CPU utilization (as low as 5% for some scans).

Symantec backs the product with 24/7 tech support, an online help community, real-time chat and comprehensive context-sensitive help.

Coming soon

Symantec released a public beta of Norton Internet Security 2011 in early April. The beta sports many enhancements, especially when it comes to speed. While there is no official release date for the final product, availability before the fourth quarter of 2010 is expected.

Symantec claims that the new version will improve or maintain key performance benchmarks in installation times, scan times and memory usage. In addition, the product will include System Insight 2.0, which goes beyond security and alerts users when applications are significantly impacting their system resources. Other enhancements include improved reputation filters, support for social networking sights and better browser integration.

Conclusion

Norton Internet Security 2010 is an excellent security product and still remains the one to beat. Symantec has done a good job of improving it over time to keep it one step ahead of the competition. Perhaps the only downside is Norton Internet Security’s price, which is higher than those of many competing offerings.

Panda Internet Security 2010

Panda Security, although not as well known as the big names like Symantec and Trend Micro, offers several security products, ranging from simple antivirus tools to hosted enterprise systems. Internet Security 2010 offers protection from viruses, spyware, rootkits, hackers, online fraud, identity theft and other Internet threats. Panda Internet Security 2010 also offers antispam features, parental controls and full anti-malware capabilities.

Internet protection

Panda incorporates a technology it calls “cloud scanning,” which centralizes virus data from across all Panda customers to keep its database up to date. According to the company, the underlying collective intelligence used by the cloud technology helps to make sure that all signatures are up to date and allows Panda to get a head start on how to deal with a virus or exploit that represents a zero-day threat.

The firewall has a set-and-forget design. Basically, you pick a profile and assign that to the firewall, and the firewall then protects the PC based upon the canned settings in the profile. However, I found the firewall settings particularly difficult to change, making it a bit hard to customize the protection offered. Some of the settings were buried under different menus, while other settings were not well defined. For example, to change ports being blocked, I had to go through several menu levels to locate the feature.

The firewall automatically handles known good and bad programs and monitors system behavior for any unknown programs. An extensive database helps to keep notifications to a minimum, only bothering the user when an unknown application is first run.

Parental controls allow you to set up a Web filter and give each user a specific setting. The product offers the following preset filters: Kid, Employee, Teen or Default. You can also adjust the filter to block or allow specific content. Setting up the parental controls requires that you assign each user a log-on name and password — the other suites here don’t require the creation of separate accounts for each user.

Panda’s spam filtering was easy to set up and needs minimal user intervention. It automatically filters incoming POP3 e-mail; however, it doesn’t support IMAP e-mail. More control over spam would be nice — the product offers limited custom filtering, only looking for keywords or attachments.

Usability

Panda Internet Security 2010 was simple to install and set up — the installation wizard only asks a few questions and only one reboot is required.

The product does make a lot of assumptions on its default settings, turning on all security features, such as spam protection, as part of the installation. That’s actually an advantage, especially since changing the defaults can be a tedious process, with some configuration elements hard to locate and/or understand. I found that to change some simple rules, I had to traverse a multitude of menus, especially for firewall settings.

The product offers a combo dashboard/main screen that shows the status of system security and features menu items that launch the various configuration and information screens. It combines antivirus and antispyware systems into a single choice on the dashboard. The firewall is controlled using a dedicated tab on the dashboard, which brings up the various submenus.

Product specs

Panda Internet Security 2010

Company: Panda Security
Price: $81.95 for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, netbook version

Panda could use better help screens and clearer descriptions of its various functions, although those familiar with PC security should have no problems. However, neophytes may be put off by the terminology.

The product performs well and was relatively unobtrusive on my test PC. Warning screens were kept to a minimum and updates were automated, meaning that users are not asked before an update is processed. Whether that’s a good way to handle things comes down to whether a user prefers an install-and-forget security product or wants to be intimately involved with his PC’s security status.

Coming soon

Panda has some big changes planned for the next version of its suite, which is expected by the third quarter of 2010. According to the company, the package will sport a redesigned interface that’s crafted to address user concerns about things such as difficult-to-find settings and less-than-useful help screens.

The product will also incorporate improved Web site filtering, offering better protection from the growing spate of phishing and attack sites. The product’s “cloud scanning” technology is poised to become faster, more efficient and more frequently updated, helping to reduce the threat of zero-day attacks. Other planned improvements include new data-encryption technology to protect personal information, enhanced privacy controls and an information shredder that’s supposed to wipe out all traces of personal data before a system is handed over to a new user.

Conclusion

Panda Internet Security 2010 works well and is a polished product that should appeal to newbie users. It’s a bit more expensive than most of its competitors; in addition, power users who like to have full control over their software might find that Panda Internet Security 2010 comes up a little short.

Security Shield 2010

Security Shield 2010 combines products from two vendors to create an Internet security suite. The suite incorporates antivirus, antispam and antispyware tools, a firewall, parental controls and rootkit detection capability into a single product that features an intuitive management console.

Internet protection

Security Shield uses technology from BitDefender for its antivirus, antiphishing, antispyware and antikeylogger engines; it uses its own Spam Shield product to provide antispam capabilities.

The firewall monitors all inbound and outbound traffic to protect the system from external attacks or to prevent malicious software running on the PC from transmitting information.

Most of the product’s capabilities are fairly basic. For example, Spam Shield 4.0, the antispam component from Security Shield, works only on POP3 e-mail services and integrates only with Outlook and Outlook Express. The antispam capabilities are also somewhat limited, relying on user rules and settings to work effectively. For example, if you want spam to be sent to a folder for examination, instead of just deleted, you will need to define a rule that identifies the spam mail and then saves it to a junk (or other) folder.

All in all, the product offers basic protection but lacks the bells and whistles that power users desire, such as the ability to fully customize the firewall to create exceptions for particular applications or to install antispam on e-mail clients that use IMAP.

Usability

I found it very easy to work with the basic settings and the product’s dashboard, which is designed for simplicity, offering very basic descriptions of each feature and simple green check marks to indicate that something is turned on and functioning properly. The buttons across the top of the dashboard are limited to simple descriptions, such as Dashboard (the home screen), Security, Parental and Network (which leads to firewall controls).

However, if you like to tinker with settings, enable advanced features or play security detective, Security Shield 2010 may not be the product for you. I found it difficult to find many of the custom security settings on the product and had to traverse multiple menus that followed little rhyme or reason in order to locate some settings such as scan scheduling or quarantine capabilities.

The product used little in the form of resources, barely affecting system performance and using hardly any memory. That small memory footprint and low CPU usage are great advantages for users who are concurrently using their PCs during scans, but it comes at a price — I found that full disk scans and other manually executed tasks took an inordinate amount of time. For example, a full system virus scan on roughly 8GB of data and system files took almost an hour.

Product specs

Security Shield 2010

Company: PCSecurityShield
Price: $49.99 ($59.99 minus a $10 rebate) or $59.99 ($69.99 minus a $10 rebate) for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7

Living with the product was another story. With all of the security features enabled, I was constantly bombarded with warnings and suggestions while accessing the Web with Internet Explorer. I found that I had to turn off or reduce the aggressiveness of some of the protection features, such as antiphishing and content-filtering tools, to avoid the numerous messages. The warning messages may not be overly intrusive to experienced users, since they will understand the implications of the text, but inexperienced users could find the messages so annoying that they could wind up turning security features off to avoid them.

Coming soon

Representatives wouldn’t say whether the company is set to deliver an updated version of the product.

Conclusion

Overall, Security Shield 2010 is a serviceable product; however, users may want to consider some of the other suites on the market before committing to this product.

Security Shield’s real strength is it antivirus engine — however, since that comes from BitDefender, all things being equal, BitDefender’s security suite is probably a better choice — unless you’re looking for an extremely simple product for a family member’s or friend’s computer. In that case, Security Shield 2010 should do fine.

Trend Micro Internet Security Pro

As one of the more expensive suites on the market, Trend Micro Internet Security Pro has to meet some high expectations.

And in many ways it does: Trend Micro Internet Security Pro is one of the most comprehensive Internet security suites available. It features full protection, including antivirus, antispyware and antispam tools, a firewall, parental controls and rootkit detection capability. What’s more, Trend Micro throws in a behavioral engine, which improves protection, and a security toolbar for use with your browser.

Internet protection

Trend Micro offers all of the expected capabilities, including antimalware and antispam tools, a firewall and other security features. One unusual addition is Trend Micro’s Wi-Fi Advisor, which checks wireless networks for security problems. Also included is a gaming mode, which opens ports in the firewall for access to Internet games, while still retaining its antivirus and antimalware capabilities. That allows users to play games over the Internet without fear of getting viruses or spyware. There are also device access controls that prevent unauthorized USB devices from being used on a PC.

The firewall is simple to deploy. Neophytes can just choose a setting that fits their environment; options include Home Network, Office Network, Direct Connection or Wireless Connection. These all change the firewall rules to different levels and settings depending on the danger associated with each type of connection.

The product’s content-filtering parental controls offer predefined settings for teens, pre-teens and adults; each of the predefined settings can be customized further for users who need to limit or allow access to more sites based upon the profile in use.

Trend Micro offers an integrated browser toolbar that makes searches simpler and offers advice when visiting new Web sites, such as whether or not the site is safe or has any security problems.

The product’s spam filtering capability works with incoming POP3 e-mail and integrates with Microsoft Outlook and Outlook Express. As with other product functions, spam filtering is based upon a simple choice of how aggressive you want the antispam component to be. You can set the filtering level to high, medium or low. The high setting will eliminate the most spam but might also block legitimate e-mail, while the low setting might let some spam get through. You can further fine-tune the spam filtering by using a whitelist or a blacklist.

Usability

Trend Micro Internet Security Pro has one of the cleanest installation processes; installation was a breeze and did not require a reboot of the PC. The installer also seeks out previously installed antivirus products and can automatically remove them, which helps to prevent conflicts between incompatible applications.

Product specs

Trend Micro Internet Security Pro

Company: Trend Micro Inc.
Price: $69.95 for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, Mac OS X 10.4 or later, iOS 2.1 or later, Symbian S60, Windows Mobile 5.0 or later, netbook version

The application tries to keep things as simple as possible and offers a great deal of guidance. Trend Micro is also “state aware,” so if you’re running a presentation, watching a movie, playing a game or doing some other activity where security warnings and pop-ups are not desired, the product will suppress warnings to prevent interruptions.

Operationally, I found the product offered adequate performance, memory usage was low and the product had little impact on processor utilization, less than 5% in most cases. However, manual scans did tend to be more processor-intensive and did put a noticeable dent in overall system performance; they would frequently peak at 90% processor utilization for very short periods of time — never more than two seconds. This suggests that the application might not be appropriate for lower-powered systems such as netbooks.

Coming soon

Trend Micro hasn’t publicly announced what is planned for the next version of its product, and no public beta is available. That said, development and testing is going on behind the scenes for the next version of Internet Security Pro, according to company sources.

Conclusion

Trend Micro has an interesting and useful product. The Wi-Fi adviser can be a handy feature for people who work in unsecured locations such as Internet cafes, and the ability to control device access such as USB connectivity is a good feature to prevent unauthorized individuals from copying information from an unattended PC.

However, I was not impressed with its performance during manual scans, and would think twice before using it on less powerful notebooks or netbooks.

ZoneAlarm Security Suite 2010

ZoneAlarm, which has been around since the late 1990s, is well known for its free firewall; more recently, it has been marketing a full security suite. With ZoneAlarm Security Suite 2010, Check Point Software (which purchased the product from Zone Labs in 2004) has integrated its firewall and spyware-prevention products into a suite that incorporates Kaspersky’s virus-scanning engine to create a full array of anti-malware, anti-intrusion capabilities.

Internet protection

Since ZoneAlarm Security Suite 2010 uses Kaspersky’s virus-scanning engine, the anti-malware capabilities are very similar to those of Kaspersky’s product. However, the company has done a good job of integrating the virus-scanning technology into the suite, providing a near seamless experience from the program’s menus.

The firewall is a good fit for advanced users, since it offers granular control of ports, programs and access. The firewall manages incoming and outgoing Internet traffic, while separately managing local network traffic. That allowed me to define different access policies based upon whether or not I was talking to a local network machine or a remote, Internet-based machine.

Blocking malicious programs is easy, thanks to ZoneAlarm’s SmartDefense Advisor technology, which preconfigures settings for millions of known programs and sets a trust level for each.

Unknown malware is handled by an “Auto-learn” mode, which starts by treating every unknown program as valid, allowing that program to be executed and then monitoring the activity of that program to see if it exhibits suspicious activity. Initially, all unknown applications have a rule assigned that allows continued network access. That leaves it up to ZoneAlarm to detect if the program is a problem, based upon behavior.

The goal of Auto-learn mode is to limit confusing firewall pop-up messages, making security less intrusive — but with that comes the possibility of reduced security. If you turn off Auto-learn, then unknown programs are blocked until the user acknowledges that they are OK — which may be more irritating, but is also more secure.

The product integrates with popular browsers and prevents malware by blocking dangerous sites. If the site is not blocked, the product allows the requested file to be downloaded. If it can’t guarantee the file is good, ZoneAlarm initiates a more intense scan that analyzes the file’s execution in a digital sandbox. The advanced scan starts after the download finishes and can take a few minutes.

ZoneAlarm offers integrated spam filtering, thanks to the inclusion of the SonicWall antispam component, which filters POP3 and IMAP e-mail in Outlook, Outlook Express and Windows Mail. The product also works with Microsoft Exchange. Filtering uses a combination of whitelists and blacklists, and it can protect mailing lists based on the recipient address. One nifty feature is its ability to make every new correspondent respond to an e-mail challenge the first time.

The suite features all of the expected bells and whistles, as well as a few extra capabilities such as data-leakage protection, credit report monitoring and zero-hour rootkit prevention.

Usability

ZoneAlarm has done a fine job of rolling the separate security components together into a unified suite. I found it very easy to install. Dialog boxes were kept to a minimum, requiring very little user interaction — while that does simplify the installation, it would have been nice to be presented with a little more information, such as percentage complete and what part of the installation process was occurring.

Product specs

ZoneAlarm Security Suite 2010

Company: Check Point Software Technologies Inc.
Price: $34.95 per PC (includes one year of updates and support)
Operating systems: Windows XP/Vista/7

The support documentation and integrated help screens for ZoneAlarm Security Suite 2010 provide all the information a user could need to solve most problems or activate most features. For technically challenging situations, users can turn to e-mail support, online help, online chat and user forums. The company does offer paid phone support, but that costs $49.95 per incident.

The interface offers pull-down menus and tabs to access primary features. Choices include Firewall, Program Control, Antivirus/Antispyware, Email Protection, Privacy, Identity Protection, Parental Control and Alerts & Logs. The opening window starts with an overview screen that gives the highlights of what has been recently blocked, scanned or detected. Navigation is pretty straightforward, but some of the menus could be combined to simplify things. For example, privacy and identity protection could be combined into a single element.

Scans proved to be very fast, and the application used a minimum of CPU cycles and resources, making it effective even on older systems with low-powered CPUs and on netbooks. In most cases, test scans only increased CPU utilization by 10% or less. However, more in-depth scans of executables, which execute the applications in a digital sandbox, spiked CPU usage as high as 90% for a few seconds.

Decent reporting capabilities and pop-up notifications round out the security suite, while automated updates help to keep everything secure.

Coming soon

According to ZoneAlarm’s PR representative, the company has not released any information about the next version of its product or about its plans for an updated version of ZoneAlarm Security Suite 2010.

Conclusion

All things considered, ZoneAlarm Security Suite 2010 covers the basics very well. Its integrated firewall proves to be an excellent security tool for power users who want to control and monitor all traffic in and out of a PC. I do have an issue with its Auto-learn mode — but as long as you ignore that feature, the firewall is very good. You should also expect performance hits during in-depth scans.

Thanks to the incorporation of Kaspersky’s security tools, ZoneAlarm Security Suite 2010 will protect PCs from the common ills found on the Internet, which helps to round out the product and put it into the Internet Security Suite category. The product could be a top contender with the addition of free phone support, which is the norm among the vendors in this market, and a slimmed-down interface that better hides complexity from neophyte users.

Frank J. Ohlhorst is a technology professional specializing in products and services analysis and writes for several technology publications. His Web site can be found at www.ohlhorst.net.

Source: Computerworld.com

Share on LinkedIn Share with Google+