I try my best to review the latest security suite and antivirus releases from all the security companies, but occasionally I miss one. The 2016 product line from TrustPort slipped past me. I hoped that with two years of innovation rather than the usual one, I would see remarkable improvements in TrustPort Internet Security Sphere, which fared poorly in my last review. Sadly, it didn’t score any better than when I last reviewed it in 2015.
At $37.95 per year for three licenses (or $29.95 for a single license), TrustPort is significantly less expensive than most competing products. Bitdefender, Kaspersky, and Norton all cost just a little more than twice as much. On the other hand, those three are much more effective than TrustPort. For the same price, McAfee Internet Security lets you install protection on every Windows, Mac, Android, and iOS device in your household.
The main window for Trustport’s antivirus features a single row of five square buttons, while the full suite has two rows of five, to accommodate its additional features. The six green buttons turn components like the real-time scanner and parental control on and off. Blue buttons invoke actions such as running a scan or checking for updates. It’s a different arrangement of square buttons from the version I reviewed previously, and a different color scheme, but not a lot else has changed, appearance-wise.
Shared Antivirus Features
This suite’s antivirus protection includes everything found in TrustPort Antivirus Sphere, plus an additional Web scanner component. Please read that review for full details of features common to both. I’ll summarize here and focus on the suite’s additional antivirus abilities.
Several high ratings from the independent testing labs marks a highly effective antivirus. Alas, only one of the labs that I follow includes TrustPort. In its RAP (Reactive And Proactive) test, Virus Bulletin scored TrustPort at 85.34 percent, a little above the average score. But that’s not enough data for me to come up with an aggregate lab rating. On a scale of 10 possible points, Kaspersky Internet Security earned an impressive aggregate score of 9.8, while Norton managed 9.7 points.
In my own hands-on malware-blocking test, TrustPort detected 87 percent of the samples and earned 8.5 of 10 possible points. That’s one of the lower scores among products I’ve tested with this sample set. Webroot SecureAnywhere Internet Security Plus, Comodo, G Data, and a few others detected every single sample. Webroot, Comodo, and PC Matic earned a perfect 10 points in this test.
My malicious URL blocking test uses very new malware-hosting URLs. Products get equal credit for blocking all access to the URL and for eliminating the malicious executable during download. Handicapped by lack of any Web-based protection, TrustPort’s antivirus managed to wipe out 70 percent of the samples during download. When I tested the suite, its Web scanner blocked access to 21 percent of the URLs, and the real-time antivirus took care of another 55 percent. The total protection rate of 76 percent is still pretty low. Tested in the same way, Symantec Norton Security Deluxe blocked 98 percent of the samples.
Other Shared Features
The antivirus includes a feature called Anti-Exploit, but it’s not about blocking attacks that exploit unpatched vulnerabilities, as you might expect. Rather, it looks for suspicious activity, things like programs attempting to manipulate other programs. In its default silent state, it doesn’t do anything at all. When I took it out of silent mode and tested it with some valid programs, it found 40 percent of them to be suspicious. To get those programs working, I had to add them to the trusted list.
Next I switched from Anti-Exploit to an alternate tool called Application Inspector and tested again with a collection of valid programs. The Application Inspector flagged 30 percent of them for a different set of suspicious behaviors than Anti-Exploit did. You’re better off just leaving this feature in its silent, do-nothing mode.
Clicking the Extra Applications button doesn’t actually get you any extra applications, at least not in the standalone antivirus. Rather, it offers access to two different but equally complicated techniques for creating a bootable antivirus. You can use a bootable antivirus to clear up malware infestations that resist normal disinfection. However, the options offered by TrustPort are just too complex for the average user. The full security suite does offer extra applications, which I’ll describe below.
Poor Phishing Protection
Phishing is the practice of creating fake versions of sensitive websites and hoping some poor chump takes the bait. Victim who log in to a fake PayPal site, for example, have just given away their credentials to their real PayPal account. These fraudulent sites get blacklisted and taken down quickly, but the fraudsters just reopen with a new fake site.
To test phishing protection, I use the newest phishing URLs I can find, preferably ones that have been reported as fraudulent but not yet analyzed and blacklisted. I try to visit each in a browser protected by the product under test, and in another browser protected by Norton, which has a long history of effective phishing detection. I also launch each URL in Chrome, Firefox, and Internet Explorer, relying on each browser’s built-in fraud detection.
The first time TrustPort blocked anything, it popped up the standard notification it uses when it detects malware in a file. I resolved to track such events separately from times when the Web scanner denied all access the fraudulent site. But I didn’t need to do that. Not once did I see a page replaced by the Web scanner’s warning window. In addition, I found that even when TrustPort reported that it found phishing, the fraudulent page was completely accessible, and I had no trouble entering my (fake) credentials.
Very few products can match Norton’s detection rate in this test. Of all recent products, ZoneAlarm tied Norton, while Webroot, Kaspersky, and Bitdefender Internet Security 2017 did a little better. Every other product lagged Norton’s detection rate, some by a little, some by a lot.
TrustPort falls in the “by a lot” category. Its detection rate came in 66 percentage points behind Norton’s. Chrome and Internet Explorer also beat TrustPort by a wide margin. This is a poor showing.
TrustPort’s firewall handled the basic task of fending off outside attack just as well as Windows Firewall. It put the system’s ports in stealth mode, making them invisible from the outside, and fended off my port scans and other Web-based attacks. In a recent test, G Data Internet Security 2017 went even further, presenting a notification that it blocked a port scan attack.
Of course, merely doing as well as Windows Firewall isn’t a huge accomplishment. Most personal firewalls, TrustPort included, also take control of how programs connect to the Internet and network. Early personal firewalls foisted decision-making on the poor, uninformed user. Should I allow netwhatever.exe to connect with the computer at IP address 126.96.36.199 over port 80? Who knows! Some products, ZoneAlarm among them, cut down on these popups by maintaining a huge database of known good programs and automatically configuring permissions for those.
Norton takes this concept to the next level. If a process isn’t in the database, Norton doesn’t ask the user what to do. Rather, it monitors that process extra-closely for any suspicious network activity. That’s much better than relying on the untrained user for important security decisions.
TrustPort offers four levels of firewall protection, but if you read the text associated with each, it doesn’t actually recommend any of them. The default level is called Use Firewall Rules, but the text states this is only recommended for experienced users. The description of the less-strict Enable Outgoing Connections level includes a warning that it can’t defend against Trojans and spyware. And there’s no point in the options that block or allow all network traffic. For testing, I stuck with the default, Use Firewall Rules.
In this mode, TrustPort is totally old-school. It did correctly pop up a query about my hand-coded browser’s use of the network, and it managed to detect a couple leak test programs trying to evade its view. But it also popped up queries for numerous internal Windows components. A user who accepted the default action, blocking that process from Internet access now and forever, would wind up disabling parts of Windows.
Fixing a program blocked in error is also tough with this suite. You click Advanced Configuration, find the Firewall section, and open the Filter Definitions page. Scrolling past dozens and dozens of confusing default rules, you’ll eventually find application-specific rules. You could jump in and edit the rule that’s blocking the program, but you’re better off just deleting the entry and choosing to allow access next time the firewall asks.
Protection against exploit attacks is often a firewall feature. I tested TrustPort’s protection by hitting the test system with several dozen exploits generated by the CORE Impact penetration tool. Its Web protection component jumped in to block 30 percent of them, identifying all but one of the exploit attacks by name. Tested in the same way, G Data blocked 50 percent of the exploits. Norton has the best score in this test. It blocked 63 percent of them, all at the network level, before any portion of the exploit reached the test system.
I always investigate methods that a nefarious coder might use to disable firewall protection. TrustPort doesn’t seem to store anything in the Registry, so there’s no way I could flip the Off switch. I tried to kill its six processes using Task Manager, with no result beyond six Access Denied messages.
However, like G Data, F-Secure Internet Security, and a few others, TrustPort doesn’t protect its essential Windows services. I set the Startup Type for all six to disabled and rebooted the system. On reboot, TrustPort didn’t run at all. Comodo also didn’t protect its services, but on reboot it reported the problem and offered to fix it automatically.
This firewall handles the same tasks that the built-in Windows Firewall does, which is no great feat. Its program control component pops up queries about Windows components; a hapless user who chooses the default block action may disable part of Windows. And the firewall isn’t properly hardened against attack. It’s not an impressive showing.
See How We Test Security Software
Clicking the big Extra applications button on the main window lets you launch Portunes (rhymes with fortunes) and Skytale (rhymes with Italy). Portunes offers static storage for your passwords and other important data. Skytale encrypts messages. And neither is very useful.
Portunes stores passwords, credit cards, contacts, addresses, and more. You define what it calls a PIN to protect the collection. Last time I reviewed this product, it required a four-digit PIN; now you can enter a respectable master password. That’s an improvement, albeit a minor one.
However, Portunes doesn’t have any password management features other than including passwords among the things it stores. You can, if you wish, sync your data between multiple installations. To do so, you give Portunes access to your Dropbox account.
As for Skytale, it’s easy enough to use. Type or paste in some text, click Encrypt, enter a password, and email or otherwise transmit the resulting gibberish to the recipient, sending the password separately. The catch is, the recipient must also be a TrustPort users. Quite a few encryption utilities don’t have that kind of limitation. Some let you create a self-decrypting EXE file, while others offer a free decryption-only tool. Without any similar feature, Skytale isn’t terribly useful.
Optimalize Your PC
“Optimalize” may not be precisely English, but it’s what the button says. Clicking it launches TrustPort Optima, a simple tune-up utility that deletes temporary files, wipes out useless and erroneous Registry entries, and defragments your disk drives.
You start by clicking Analyze. On my test system, this step went quite quickly for the temporary files and Registry data, but it took quite a while to finish analyzing disk fragmentation. In a similar fashion, the actual cleanup of temp files and Registry went quickly, while defragmentation took quite a bit longer. You can click for a retro view that shows the defrag process as it happens.
If you rely on Web-based mail for your personal email account, you probably don’t see much spam, as the major webmail providers filter it out. Likewise, your business email account probably gets filtered at the email server. Given that few people need a spam filter these days, and that my antispam testing was the most lengthy and laborious of all my tests, I dropped that hands-on test last year.
That’s a good thing for TrustPort. The last time I reviewed this suite’s spam filter, I found it to be quite dismal. It noticeably slowed the process of downloading email, and certain messages caused it to hang, cured only by quickly turning spam filtering off and on again. And its accuracy was terrible. We can hope that the designers have tuned this component since that time.
The spam filter supports Outlook, Outlook Express, Windows Mail, Thunderbird, and The Bat!, but not Windows Live Mail (the replacement for Outlook Express and Windows Mail). Even with these supported email clients, you still must define a message rule to put the spam in its own folder.
You can manually add email addresses or domains to the whitelist or blacklist. However, there’s no option to automatically whitelist addresses to which you send mail, or import the address book to the whitelist, the way you can with ESET, Trend Micro Internet Security, and others.
Spam filtering in Check Point ZoneAlarm Extreme Security 2017 is extremely comprehensive and boasts pages and pages of configuration choices. I’m happier with a reduced set of choices, things users can actually understand. TrustPort’s advanced spam filter settings are decidedly reduced—there are just four of them—but the average user will get no benefit from meddling with these.
Not everyone has kids, and not every parent wants a parental control utility. For those who do want it, having parental control integrated with the security suite can be convenient. That is, if the parental control component does its job.
TrustPort’s Parental Lock is a content filter, nothing more. If you turn it on by clicking its button on the main window, it immediately starts filtering access to websites in five categories: Violence, Porn, Warez, Hacking, and Spyware. You can tweak the configuration to also filter out seven more categories, among them Chat, Shopping, and Drugs.
By default, the filter applies to all users. It’s possible to configure it one way for your teen and another way for your toddler, but it’s far from easy. Doing so requires using the arcane Windows Select Users dialog. Guys, couldn’t you just give Mom and Dad a simple list of user accounts?
In testing, I found that quite a few seriously raunchy sites got past the filter. It doesn’t handle secure sites, so any HTTPS porn sites slipped right through. Logging in through a secure anonymizing proxy lifted any limitations by the content filter.
This so-called parental control system is worse than useless. If you want a suite that includes a full-functioning parental control system, look to Norton, Kaspersky, or ZoneAlarm.
More Drag Than Most
The days of resource-hogging security suites that bogged down performance are gone. Users wouldn’t accept it, and security companies changed their ways. Few modern suites put a noticeable drag on performance. Even so, there’s still a range, and in my hands-on testing TrustPort’s performance drag came in on the high side.
Getting all the protective components of a security suite loaded can have an impact on the time it takes to boot up your PC. My boot time test waits for 10 seconds in a row with less than five percent CPU usage, defining that as the time the system is ready for use. Subtracting the start of the boot process, as reported by Windows, yields the boot time. I ran this test 20 times before installing TrustPort and 20 more times afterward, then compared the averages.
The result was so high that I tried again, this time watching the process closely. I found that at each reboot, the firewall was popping up queries about system processes. I manually rebooted the system over and over, responding to all the popups until they stopped coming. When I re-ran the test it still showed a 54 percent increase in boot time. That’s one of the biggest impacts among current products. Fortunately, most of us don’t reboot any more than we’re forced to.
I also measure the suite’s impact on simple file manipulation. One test times a script that moves and copies a mixed collection of files between drives. Averaging multiple runs with and without the suite, I found the script took 28 percent longer with TrustPort present. That’s a little more than the current average of 23 percent. On the plus side, it didn’t exhibit any measurable drag on another script that repeatedly zips and unzips those files.
The average of TrustPort’s three performance scores is 27 percent, one of the largest among current products, but I didn’t actively notice the test systems seeming slow. At the other end of the spectrum, Webroot had no measurable effect on any of the three tests. Norton averaged just five percent drag, which is quite good.
Typically I’d conclude by summarizing the good and bad points of TrustPort Internet Security Sphere, but there’s just not much I can say on the plus side. The independent labs don’t rate it, and it fared poorly in our hands-on tests. Its firewall pops up warnings even for Windows internal processes, and it isn’t defended against hacking. And the parental control system is worse than useless.
Forget about this suite. Look instead to one of our Editors’ Choice security suite products. For a basic security suite, those are Bitdefender Internet Security and Kaspersky Internet Security.
Note: These sub-ratings contribute to a product’s overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.