Ultimate security software guide – get the best bang for your buck

Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.

These days, however, the threat landscape has changed drastically. Now PC users have to cope not only with viruses, but also with spyware, spam, infected Web sites, adware, key loggers, phishing schemes and much, much more. It’s enough to make your head spin.

As a result, properly securing a PC now requires a layered approach that incorporates many security technologies. Although some are still sold in separate packages, most security products are currently gathered in suites, available from a multitude of security software vendors.

The crowded market makes picking a suite a bit of a dilemma for most users. Narrowing down which product to use requires a closer look at what type of protection is available.

Security suites can include some, or all, of the following: antivirus, antispyware, antispam, anti-malware (rootkits, bots, zombies, etc.) and antiphishing tools, plus a link scanner, privacy controls, parental controls, content filtering, registry protection, data filtering and password protection.

In this roundup, I look at nine security suites that include all of the features mentioned above. The suites are BitDefender Internet Security, Kaspersky Internet Security, McAfee Internet Security, Norman Internet Security Suite, Norton Internet Security 2010, Panda Internet Security, Security Shield 2010, Trend Micro Internet Security Pro and ZoneAlarm Internet Security.

How we tested

New viruses and threats arrive every day –and on any given day, one vendor may be a little quicker on the draw to prevent a virus than others. That makes evaluating the strength of a particular anti-malware or antispam product very difficult — there is never a level playing field.

With that in mind, I tested each security suite based upon factors that affect the user directly. I evaluated each for ease of installation, ease of use, notification capabilities, updating and quality of the interface.

For testing purposes, I used a Toshiba Tecra A11-S3450 notebook computer configured with 4GB of RAM, an Intel Core i7-620M CPU and a 320GB 7,200-rpm hard drive that was running the 64-bit version of Windows 7 Professional.

(Some of these products also have versions for other operating systems, such as Mac OS X, iOS and Android, and other devices, such as netbooks. These are noted in the spec boxes that are included with each review.)

Boot time increase

Suite Boot Time Increase
Seconds
BitDefender Internet Security 40
Kaspersky Internet Security 15
McAfee Internet Security 19
Norman Internet Security Suite 26
Norton Interent Security 2010 15
Panda Internet Security 24
PC Security Shield 19
Trend Micro Internet Security Pro 35
ZoneAlarm Internet Security 21
Increase in seconds of boot time after installation of security suites.

During testing, I installed each product on the Toshiba notebook and timed how long the machine took to boot up, then I compared that figure to the time it had taken the machine to boot up without a security suite installed (see table). After each test, I restored the notebook back to its pretesting condition using Paragon’s Backup & Recovery 10 Suite. That way, each product was installed under the exact same conditions, with the same software configuration… [Next Page]

During testing, I looked for telltale signs of poor performance, such as high processor utilization and slow system boots. I also noted the overall responsiveness of the interface. And I took a look at what suites proved to be overly intrusive, getting in the way of effectively using your PC by, for example, bombarding you with messages and warnings.

It’s important to note the evolution of the products tested here, each of which has changed significantly with each new version. As malware has become more sophisticated, so have security suites.

One interesting trend is the inclusion of digital sandboxes, which work by executing unknown applications in protected memory to detect any malicious behavior before allowing the application to access the system. Another innovation is application-stamping, where known good applications are whitelisted, allowing the anti-malware software/firewall to skip rescanning the applications whenever they are launched. That helps to speed up application launches and minimize the CPU cycles needed by the security software.

What’s more, security software vendors are becoming more proactive about protecting your PC, especially when it comes to updating signatures. Many of the products here check for new signatures several times a day, which is helpful for combating zero-day threats from new exploits.

All in all, today’s Internet security suites are becoming more sophisticated and are blazing new trails in protection technologies.

BitDefender Internet Security 2010

Romania-based BitDefender SRL only has a fraction of the U.S. security market, which is dominated by industry giants Symantec Corp. and McAfee Inc. But BitDefender has a solid following in Europe. BitDefender Internet Security 2010 comes at a bargain price of $49.95 for three PCs, which is $10 to $20 cheaper than the prices of most other Internet security suites.

Internet Security 2010 comes with all of the expected bells and whistles; it’s a complete suite that includes everything typical desktop users need to secure their systems, from firewall protection to antispam features.

Internet protection

BitDefender’s firewall is easy to set up. The product seems to understand what ports and protocols are normally used by a PC, as well as the standard communications performed by common applications. That helps to prevent annoying pop-ups and warnings.

Like most anti-malware products, BitDefender relies on signature files to identify problems. However, the product’s B-Have module also runs unknown files in a sandbox to detect malicious behavior. In addition, the company has added another layer of protection called Active Virus Control, which further analyzes programs and blocks them if they misbehave.

The product offers a few nifty features. For example, the integrated Wi-Fi monitor offers a way to see if anyone is trying to connect to your Wi-Fi network or to your PC using a Wi-Fi connection.

The firewall’s Game Mode is another plus. Most online games work best when a firewall is disabled; however, users can easily forget to turn the firewall back on once they’re done playing. The Game Mode acts like a switch that allows games to function and then returns the firewall to full functionality once a game is over.

Parental controls support multiple users, multiple policies and multiple exceptions, allowing you to set up custom access for each minor that might use your PC.

BitDefender’s antispam capabilities work with Outlook, Outlook Express, Windows Mail and Thunderbird; it will analyze e-mail messages and send spam into a “Deleted Items” folder. If you use a different e-mail client, you can use message rules to route obvious spam into a junk folder.

Usability

BitDefender Internet Security 2010 includes some major enhancements to improve the ease of installation and ease of use.

Product specs

BitDefender Internet Security 2010

Company: BitDefender SRL
Price: $49.95 for as many as three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, OS X 10.4.6 or later; Windows Mobile Pocket PC versions 2002 or later; Windows Mobile Smartphone 2002 or later; Symbian 60, Symbian 80

Installation and initial configuration use templates to speed and simplify the process. During the install, you choose from four user types (typical, parent, gamer or custom) and three interface levels (novice, intermediate or expert). It basically comes down to what type of user you are — do you want the product to just do its job behind the scenes, or do you want an active hand in what is happening?

I installed BitDefender using the “typical” and “expert” choices and found the custom interface straightforward to work with. You can change your user type and/or interface level later if you wish.

The interface is laid out clearly and most functions are easy to locate and find — although it does not offer the same level of polish and integrated help as some other products on the market. For example, BitDefender does not offer context-sensitive help that can drill down farther into definitions of the problem and recommended actions. The interface has features buried under menus and has some elements hidden under submenus. But on the whole, BitDefender Internet Security 2010 should not be difficult to master.

If you do run into problems, the company offers excellent tech support resources. If you need personal assistance, you can call support 24/7 or send an e-mail or instantly connect via live chat with a support specialist. The company also offers a wealth of resources on its Web site, ranging from searchable documents to a user forum.

Performance-wise, BitDefender worked well, although some initial scans were both CPU-intensive (sometimes CPU utilization hit 99%, at other times it was as low as 5%) and time-intensive, taking some 30 minutes to perform a complete scan on my Toshiba notebook. Luckily, the product builds a list of all the “scanned good” files on the system and can skip rescanning those files in the future.

Coming soon

The company is expecting to release a beta of BitDefender Internet Security 2011 sometime around August. Although details are sketchy, users can expect faster scan speeds and improvements in spyware detection that minimize false positives, as well as an antispam component that supports more e-mail clients out of the box.

Conclusion

BitDefender Internet Security 2010 comes in at a lower price than its competitors and offers all of the needed security features for the typical desktop user. However, it lacks the polish of some of the other products on the market.

Kaspersky Internet Security 2010

Moscow-based Kaspersky Labs is well known to the IT community: The company has been making security products since 1997, it reported revenue of $480 million in 2009, and it claims to have a user base of more than 300 million. Its premium PC product is Kaspersky Internet Security 2010, which offers a comprehensive suite of security features that should meet any PC user’s needs.

Internet protection

Most users will like how Kaspersky’s firewall works. It’s easy to define simple firewall policies, yet you can delve deeper down into the firewall functions and block individual ports, requests or other types of traffic.

Like BitDefender, Kaspersky has a digital sandbox — it’s called Safe Run — that allows you to run new applications and browser sessions in a sandbox.

I found that the firewall was less intrusive than others on the market, thanks mostly to its efficient use of its whitelist of approved programs. The product also offers antispam capabilities which, unlike some other antispam tools, work with IMAP-based e-mail accounts as well as common POP3 accounts.

Users in households with underage humans will appreciate the parental controls, which are easy to set up and are capable of blocking access to the Web by categories or even by a schedule — making sure that innocent eyes don’t glance upon the seamy side of the Web. And an integrated link scanner warns users of suspect Web sites and other browser-related issues before an actual problem arises.

Usability

Of the suites reviewed here, Kaspersky Internet Security 2010 was one of the easiest to install. A wizard steps you through the process, and only one reboot is required. The default settings and policies will prove quite adequate for most users.

The software proved to be relatively easy to work with as well — most of the typical technobabble has been eliminated and plain English explanations abound, making it easy for even people who are new to PC security to effectively configure the software. For those who need help, Kaspersky offers several options for support: phone, e-mail or online chat sessions. Users also have the option of accessing a community of users, where they can get advice from Kaspersky staffers.

The interface contains several submenus and is divided up cleanly by task. The scanning options are easy to locate and are split up in a logical fashion, making it easy to find a particular scan and execute it quickly.

Product specs

Kaspersky Internet Security 2010

Company: Kaspersky Lab ZAO
Price: $59.95 for as many as three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, Mac OS 10.4.11 or later, Symbian 9.1 or later, Windows Mobile 5.0 or later

Scanning runs as a background process, allowing you to continue to work while a comprehensive scan takes place. On my test system, scanning went unnoticed; it had little impact on my ability to perform other tasks. A glance at the Windows Task Manager showed processor utilization increased less than 10% during an active scan. I found that the active notifications kept me well informed of potential problems without hounding me constantly.

I was able to run the full suite on a netbook with no problems.

Coming soon

Kaspersky Internet Security 2011 is currently in private beta and should be available sometime in August.

New features will include a desktop gadget that will offer customizable buttons for quick access to product features and will display the current security status using red, yellow, or green indicators.

In addition, new tools will allow installation of the product on systems that have active infections. A new feature called “Safe Surf” will assess the reputation of an IP address and assign it a “trusted,” “suspicious” or “banned” status. Enhancements will also be made to rescue disk, parental controls and rootkit detection.

Conclusion

Kaspersky Internet Security 2010 is a good value and covers all the bases well for users of Windows 7, Vista or XP PCs. Purchasers will be happy with the fast performance and the ability to limit the barrage of security messages that most competing products unleash. The next version of the product promises important improvements that could make the Kaspersky Internet Security one of the best security suites on the market.

McAfee Internet Security 2010

McAfee software has undergone quite a few enhancements since the company started offering security products in 1987. The latest incarnation, McAfee Internet Security 2010, has a completely new interface, feel and installation process. That’s a good thing, since many neophyte users complained about all of those elements in previous versions, leaving only advanced users enamored with the product’s capabilities… [Next Page]

Internet protection

McAfee Internet Security 2010 offers a variety of malware scanning options, including on-demand, real-time or according to a schedule. As with most Internet security products, McAfee Internet Security 2010 offers a firewall, parental controls, antispam tools and filters.

The firewall monitors all data that enters or leaves your PC and keeps an eye on your computer’s ports, as a firewall should. Basic setup was easy; McAfee uses predefined settings to get your PC secured quickly. On the other hand, manually setting up firewall rules and policies was complicated, definitely more so than with competing products. The process lacks effective help and choices, and it assumes that users have advanced knowledge of how a firewall should work.

In addition, users will want to make sure to set the firewall to standard mode, because the default, out-of-the-box settings don’t block all critical ports on the firewall, leaving some open, such as FTP and POP3. McAfee should consider making the firewall’s standard mode the default mode — currently, the product leaves too many things unprotected in its default configuration, probably to suit the needs of gamers and those that have fewer concerns about security when accessing the Web.

On the other hand, you can block all network traffic between your computer and the Internet with a single click. That’s a handy way to keep your computer secure when you’re not actively using the Internet.

Out of the box, the integrated antispam application works with Outlook and Thunderbird, with no need for additional integration steps. Since the antispam application supports both IMAP and POP3, it is easily configured to work with other e-mail products that are not predefined in the product.

Parental control options are limited and only offer basic protection. I was able to block Web sites, limit time on the Internet and filter keywords, but not much more. The keyword filter lets you assign an age group to any keyword you choose. If a site has the keyword, parental controls will block it.

McAfee’s SiteAdvisor component installs into your browser and warns you about dangerous sites. SiteAdvisor uses McAfee’s Global Threat Intelligence network to identify phishing or hacked sites and warns the user before any damage can occur.

Usability

Installation was easy and the configuration wizard did a decent job of stepping me through the options. However, many of the help screens, notifications and warnings were somewhat cryptic and felt like they had been thrown together quickly — or translated from another language.

Product specs

McAfee Internet Security 2010

Company:McAfee Inc.
Price: $44.99 for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7

McAfee has put a great deal of work into improving the user experience, and those efforts do show in the product’s new interface. The GUI is divvied up into logical sections; with only a quick glance, I could tell the status of the system thanks to the color-coded status screens and bold messages that said either “No Action Required” or, if there was a problem, “Action Required.”

Each primary menu choice launches a submenu that features options that allow you to configure the product. You choose each option simply by clicking on a dialog box, which offers a green circle when enabled. However, if you are looking to set up a custom rule or setting, figuring out how to do that is a challenge — after something of a hunt, I found that I had to drill down through several menu levels to locate the custom settings.

Performance-wise, the product was fairly effective — most of the scans on the test system only increased CPU utilization a few percentage points. However, utilization spiked to almost a 100% when doing a manual scan of compressed files.

Overall, most users should not experience any slowdowns that affect day-to-day activities, with the exception of the system boot which, as was the case with most of the other suites in this roundup, increased after the product was installed.

Those looking for help with McAfee’s software will be disappointed that the company charges for technical phone support, with prices ranging from $9.95 to $59.95. The company does offer online support, user groups and the usual bevy of free support options, but if you want a human being on the phone, you have to pay.

Coming soon

Like most vendors of Internet security software, McAfee frequently upgrades its products. However, the company has not released any information on what’s in store for McAfee Internet Security 2011.

Conclusion

McAfee Internet Security 2010 covers the basics well, offers an interface that’s easy to use and comes at an affordable price. However, the lack of free technical support and the inability to easily set up custom rules and policies makes McAfee Internet Security 2010 a product to avoid for most power users.

Norman Security Suite

Oslo, Norway-based Norman ASA is well known in Europe for its security products and has started to get recognition in the U.S. with its straightforward, easy-to-use software. Case in point is Norman Security Suite, a comprehensive Internet protection offering. While it doesn’t stand out against its competition, it is a competent product that adequately does what it’s supposed to do — protect PCs from Internet-borne threats.

Internet protection

The product offers real-time, on-demand and scheduled virus scans. During on-demand scans, the product is very informative, displaying a progress graph that offers interesting tidbits of information, such as what has been found and what is being scanned. While most security products offer that capability, Norman’s is more descriptive, offering file names and a running status of problems found.

Software can be configured to automatically scan and shows a progress report in the form of a graph. The antivirus and antispyware program offers protection from instant-messaging attachments, viruses and other forms of malware. Scheduled scans can be performed in “screen saver” mode, which, during periods of inactivity, launches a screen saver that also executes a scan of the files on the PC.

Norman’s firewall offers professional-level logging that can be used to identify any activity detected by the firewall, which is useful for tracking down suspicious activity. I found the firewall pretty easy to set up and the management console quite detailed.

Although the firewall is geared toward more technically savvy users, most people should be able to figure out how to use it. I found the integrated tools, such as the port monitor and real-time packet logs, a real bonus. Those tools give you a real feel for what is exactly happening on a PC when it’s connected to the Internet.

However, neophyte users might find a few of the features a little complicated. For example, Norman offers a “digital sandbox” — questionable code is placed in a sandbox for further testing, and ideally that code (if infected) will activate in the sandbox, before entering the actual operating system. It’s an important feature, but Norman’s sandbox requires more end-user interaction than those of competing products, such as McAfee, ZoneAlarm and Trend Micro.

I found Norman’s parental controls easy to set up, thanks to a wizard that guides you through the process. You can set it for multiple users, time limitations and password-protected access. However, users looking for more granular control over parental settings will find Norman’s choices more limited; it lets you select only generalized settings such as “child” and “teenager.”

The same can be said for Norman’s antispam tool. It works with both POP3 and IMAP e-mail accounts and supports all of the popular e-mail clients. However, while it is easy to set up and configure, it doesn’t stand out among its competitors — for example, customization is limited to a few “block” or “deny” rules for e-mail messages that fall outside of the normal spam/not spam calculations.

The link scanner, Surf-Shield, worked for the most part, blocking access to scam sites and links that were known to be infected. However, the warnings were somewhat vague, offering little information on why a specific site was a problem.

The firewall also suffered from a lack of descriptiveness: It was able to block unauthorized programs but did not provide much follow-up information. It would have been nice if the firewall offered a little more guidance than just reporting that an application was trying to access the Internet.

In short, Norman lacks some of the bells and whistles found on other products — features such as extensive reporting and customizable warning screens.

Usability

Installation of Norman Security Suite is straightforward. During the install process, you will have to enter a key code and reboot your system at least one time (pretty standard fare with a security suite).

Product specs

Norman Security Suite

Company: Norman ASA
Price: $59.95 for up to three PCs (includes one year of updates and support)
Operating systems: Windows XP/Vista/7, Linux (antivirus)

One interesting thing Norman does during the installation is ask for the user’s “experience level.” You can choose experienced or inexperienced — I chose the latter, just to see what would happen. For an inexperienced user, the setup is mostly automated and only asks simple questions, such as what browser you primarily use and whether or not you are on a network. The installation for experienced users was initially more time-consuming; however, having the ability to set defaults during the installation saved time later on, because I didn’t have to go back into the configuration settings to make changes to meet my specific needs.

Once installed, Norman is fairly simple to use. The main screen, which acts as the main menu interface, offers a view of the various categories or modules that make up Norman, including the status of each (for example, whether any malware has been intercepted).

Categories include Virus & Spyware Protection, Personal Firewall, Parental Controls, Install and Update and Support Center. Each selection sports submenus that avoid technobabble, making it simple to make minor changes and understand what is going on with the product.

Virus scans were very processor-intensive — when running a scan, even on my Intel i7-powered Toshiba, there was a noticeable lag in system performance, with processor utilization spiking to near 100%. I wouldn’t recommend using this product on a netbook or an older, less-powerful PC.

Coming soon

There’s a lot of room for improvement in this product, and although Norman wouldn’t release any details about the next version, the company did tell me that it will address some of these concerns in the near future.

Conclusion

Norman Security Suite does an adequate job of protecting a PC from the ills of the Internet. The Pro version ($75.95) adds intrusion detection and prevention and may be a better choice for those looking for a more robust firewall. However, potential buyers might want to wait and see what the next version has to offer.

Check back tomorrow on ITBusiness.ca for part 2 of this security suite review.

Frank J. Ohlhorst is a technology professional specializing in products and services analysis and writes for several technology publications. His Web site can be found at www.ohlhorst.net.

Source: Computerworld.com

Share on LinkedIn Share with Google+