Tag: Internet Message Access Protocol (IMAP)
This can allow a remote,authenticated attacker to execute arbitrary code with the privileges of the Domino server
When choosing a security suite, you probably look for familiar company names rather than trusting your security to an unknown. Germany-based G Data may not have huge mindshare in the United States, but it's big in Europe. G Data Internet Security includes all the features you'd expect in a suite, including an antivirus, a firewall, parental controls, and a spam filter. Unfortunately, the quality of the components spans quite a range, from very good to very poor.
Bitdefender, Kaspersky, and ESET Internet Security 10 are among the suites that cost roughly $80 for three licenses. There's another group around $60 that includes Webroot, Trustport, and Avast. G Data falls in between, with a $64.95 subscription price for three licenses. If you need just one installation, you can cut $10 from that price.
This product's main window features the familiar bold G Data color scheme, with a red banner holding a row of icons at top. Some security vendors use precisely the same component layout throughout the product line, showing unavailable features as disabled. Not G Data. The home screen shows a detailed security status, with links to important components, but there are more components displayed in the suites banner than that of the standalone antivirus. To the three top-row icons found in the antivirus, the suite adds icons for its backup, firewall, and parental control features.
Shared with Antivirus
The antivirus protection in this suite is precisely what you get in G Data Antivirus 2017. I'll summarize my findings here, but if you want full details you should read my review of the antivirus.
Four of the five antivirus labs that I follow include G Data in their tests and reports. It earned an above-average rating in the RAP (Reactive and Proactive) test from Virus bulletin, but didn't do quite as well in the three-part testing performed by AV-Test Institute. G Data earned the maximum six points for protection against malware, and six more for low false positives, but a drag on performance dropped its score to 4.5 in that category. A total of 16.5 points is good, but Kaspersky Internet Security took a perfect 18 points in this test. Bitdefender and Trend Micro were close behind, with 17.5 points.
In the real-world attack simulation tests by SE Labs, G Data took AA certification, the second-highest of five possible levels. Emsisoft, Kaspersky, Norton, and Trend Micro managed an AAA rating. Like most tested products, G Data failed the pass/fail banking Trojans test performed by MRG-Effitas. Its aggregate score of 8.7 points is good, but Kaspersky leads with 9.8 of 10 possible points, and Norton got 9.7 points.
Like Webroot, Comodo Antivirus 10, and PC Matic, G Data detected 100 percent of the samples in my malware collection. Not-quite-perfect blocking of a few samples results in an overall score of 9.8 points. That's very good, but the other three I mentioned managed a perfect 10. G Data wasn't fooled at all by my hand-tweaked samples; it blocked them all. Comodo, by contrast, missed 30 percent of the modified versions.
For a different look at malware blocking, I use a feed of recently discovered malware-hosting URLs supplied by MRG-Effitas. G Data blocked 78 percent of the samples in this test, almost all by completely blocking access to the URL. Norton tops this test, with 98 percent protection.
The same Web-based protection component should also serve to steer the hapless user away from fraudulent sites that try to steal login credentials. However, G Data fared poorly in my antiphishing test, with a detection rate 44 percent lower than Norton's. While most products lag Norton in this test, more than half of them did better than G Data. Only Bitdefender, Kaspersky, and Webroot SecureAnywhere Internet Security Plus have eked out a better score than Norton.
Other Shared Features
Exploit protection is usually associated with the firewall component, but G Data offers it in the standalone antivirus. In testing, it didn't block exploits at the network level, but wiped out the executable payload for 50 percent of the samples. That's quite good. Champion in this test is Symantec Norton Security Deluxe, which stopped 63 percent of the attacks at the network level.
My hands-on testing confirmed that G Data's keylogger protection and ransomware protection are effective. For those tests, I had to turn off all other protective layers.
Similar to the SafePay feature in Bitdefender Internet Security 2017, BankGuard protects your browsers from man-in-the-middle attacks and other data-stealing attacks. The AutoStart manager lets you reversibly disable programs from launching at startup, or set them to launch after a delay.
See How We Test Security Software
Every firewall needs to at least match the abilities of the built-in Windows Firewall that it replaces. Specifically, it must block outside attacks and put the system's ports in stealth mode, so they're not visible from the Internet. G Data's firewall fended off my port scans and other Web-based attacks, and popped up a notification that it had done so. So far, so good!
The settings page for G Data's firewall is pleasantly simple. A large slider lets you choose one of five preset security levels: Maximum, High, Standard, Low, and Disabled. Three other pages of settings are deliberately unavailable, with their configuration changed automatically as you switch security levels. True firewall experts can choose custom settings, thereby enabling access to those pages. But most should leave the firewall set to its default Standard level.
Most firewall components also keep track of how programs are using your network connection. Advanced firewalls like Norton's automatically define permissions for millions of known programs and carefully watch how unknowns behave, smacking them down if they show signs of misusing the network. Less advanced firewalls rely on the user to determine whether unknown programs should be allowed to access the network, which sometimes results in a deluge of popup queries.
G Data's firewall runs by default in autopilot mode, meaning you won't see any queries. It's not entirely clear just what it does in this mode, but as far as I can tell, it allows all outbound connections and rejects unsolicited inbound connections. That's not doing a lot.
To see the program control component in action, I turned off autopilot. Cleverly, the program offers to temporarily turn autopilot back on if it detects you're launching a full-screen application.
When I tried launching a guaranteed-unknown program (a small browser I coded myself), G Data popped up asking whether to allow or block access, once or always. That's exactly what should have happened. I tried a few leak test utilities, programs that try to gain access to the Internet without triggering the firewall's program control. G Data caught some, but not all, of these.
Unfortunately, it also popped up repeatedly for some Windows internal components. Note, too, that firewall popups appear for any user account, including non-Administrator accounts. While your toddler is playing games online, she may accidentally tell G Data to always block access by some Windows component. In that case, you'll need to open the Application Radar window from the Firewall status screen to unblock that application.
A firewall isn't much use if a malicious program can reach in and flip the off switch. I couldn't find a way to disable G Data by manipulating the Registry, though it didn't protect its Registry data against change the way Bitdefender, McAfee Internet Security, and others do. The last time I tested G Data, I found that I could terminate some of its processes using Task Manager. This time around, all 11 processes received protection.
Alas, G Data's essential Windows services are still vulnerable to a simple attack that could be carried out programmatically. I set the Startup Type for each of six services to disabled and then rebooted the computer. That effectively eliminated G Data's protection. In a similar situation, Comodo Firewall 10 Firewall seemed to succumb, but recovered on reboot.
This firewall component handles the basic tasks of protecting against outside attack and preventing programs from misusing your Internet connection, but that's about all. And the vast majority of competing products manage to harden their Windows services against tampering more thoroughly than G Data does.
Cloud Storage Backup
When you first click the backup icon, you just get a big, empty page. A bit of investigation reveals the New Task button. Clicking it brings up a disclaimer pointing out that the subscription you have offers online backup only. If you want advanced features like making local backups or burning backups to optical media, you must upgrade to G Data Total Security. You can check a box to suppress this disclaimer in the future.
To start designing a backup job, you select files and folders for backup. You do this using a folder/file tree. Checking or unchecking a folder selects or deselects all its contained folders and files. If you simply check the tree item with your username, representing all your user data, that may be enough.
The selection tree exhibits a strange redundancy that might cause trouble. For example, after the entry with your name is an entry called Libraries. If you check your username entry, the corresponding entries under Libraries (Music, Videos, Documents, and Pictures) do not get checked. But if after that you check Libraries and then uncheck it, those four entries under your username lose their checkmarks. This is just one of several redundancies in the tree, so you should carefully review your selections before proceeding.
The next step is target selection, but your only choice is cloud backup. Well, there's also an option to copy the archived data to an FTP server, but not many users are equipped to perform the necessary configuration. When I tried to continue at this point, the program admonished me, "Cloud has been selected as target, but no login has been entered." Guessing at this point, I clicked a button for network login—no joy. I finally thought to click the cloud icon. This triggered a menu titled New Account, which in turn asked me to select Dropbox or Google Drive. That could be clearer.
Kaspersky Total Security also offers to store backups on Dropbox, but this is just one of its many options. With Kaspersky, you can also back up your files to any local, removable, or network drive, or to an FTP server.
You can optionally create a schedule, separately for a full backup of all data and for a partial backup containing only changed data. Do you know what the difference between a differential backup and an incremental backup is? If not, just leave it set at the default. For each type of backup you can choose one-off, daily, weekly, or monthly backup, or just run the backup manually when you think of it.
Now you can review the dozens of options on the final page of settings. Some are disabled, most are set to the best configuration, but there's one you might want to tweak. By default, G Data opts for fast compression, making the backup process as speedy as possible. If you're short on cloud space, consider setting it to emphasize good compression, instead.
You can create as many backup jobs as you like. You might choose redundancy, backing up to both Dropbox and Google Drive. These jobs appear in the previously blank main backup window.
As for restoring backed-up files, it's a snap. Choose the backup, choose to restore all files or just some of them, and choose whether to restore to the original location or a new location.
Norton gives you 25GB of hosted online backup storage, and makes setting up a backup job very easy. Webroot completes also offers 25GB of storage, and serves as a full file-syncing tool. The backup system in G Data does the job, but it requires that you use third-party cloud storage, and it could be much, much simpler for users.
Porous Parental Control
This suite's parental control system is minimal, consisting of content filtering and time scheduling for Internet or computer use.
The content filter can block websites matching five categories: Drugs, Hackers, Violence, Extremist, and Pornography. There's also an option to block all HTTPS sites, but it's a ridiculous option. Yes, it would prevent access to secure anonymizing proxies, but it would also block any site that sensibly uses a secure connect, including Google, Unicef, and Wikipedia.
Parents can limit time on the computer, the Internet, or both. When enabled, the default in each case is 1.5 hours per day, 10.5 hours per week, and 45 hours per month. These times line up nicely. For example, 1.5 hours on each of seven days equals 10.5 hours. You can also define a weekly schedule, in one-hour increments, for when the child can use the Internet, or the computer. This feature uses a handy grid that makes it easy to set allowed and blocked times.
When I put G Data's scheduler to the test, I found that time-scheduler relies on the system clock. Resetting the clock to an allowed time defeats it. Admittedly, I couldn't find a similar way to defeat the daily cap.
Content filtering is keyword based, and it's both too lax and too strict. Photo-based pornographic sites with no banned words in the URL or page text flew right past the filter, while perfectly innocent sites triggered the over-zealous filter. For example, it blocks any page on blogspot.com because the filter found "pot" in the URL. Pages on the American Kennel Club site that used the word bitch (perfectly valid in this context) got the axe. And so on.
You'd think the Hackers category would block secure anonymizing proxy websites, but it doesn't. By connecting to one, I completely eluded the filter—don't think your teenager won't figure this out.
G Data does report which websites it blocked for each user, along with a date/time stamp and explanation. The explanation helped me confirm that, for example the app did indeed block a blogspot.com page due to the embedded word pot.
This is just not a useful system. If you need parental control in your security suite, look elsewhere. The parental control component in Norton is an Editors' Choice as a standalone. ZoneAlarm's is based on ContentWatch Net Nanny 7, another Editors' Choice. And Kaspersky Total comes with the excellent Kaspersky Safe Kids.
Simple Spam Filter
The need for local spam filtering gets smaller and smaller as more people use services that filter spam at the server level. If you're one of the few who don't get spam skimmed out of your email feed before it arrives, it's nice to have spam filtering handled by your security suite.
G Data analyzes incoming POP3 and IMAP email messages, flagging suspected spam messages, messages with a high spam probability, and messages with a very high spam probability. It prefixes [suspected spam] to the subject line for the first category, [spam] for the other two. You can change these tags, if you like, but most users will surely leave them at their default values.
This spam filter integrates with Microsoft Outlook, automatically diverting marked messages into the spam folder. Those using a different email client must create email rules based on the subject tags, not a terribly challenging task.
G Data uses quite a few different criteria to develop a spam score for each message. It checks the message text for certain keywords, and the message subject for a different set of keywords. You can edit either keyword list. It also includes a self-learning content filter system that's meant to improve accuracy over time.
The spam filter can also check spam messages against real-time blacklists. This process tends to slow the email download, so by default it only uses those blacklists for suspicious messages. Digging deeper, you can configure the spam filter to reject messages written in languages you don't speak. But really, most users can just leave the spam filter settings alone.
You can put specific addresses or domains on the whitelist, to ensure that the spam filter never blocks them. Conversely, you can blacklist addresses or domains to ensure they always get filtered. There's no option to import the content of your address book, or automatically whitelist addresses to which you send mail, like you get with ESET, Trend Micro Internet Security, and others.
If you do need local spam filtering, and want your security suite to handle it, G Data is as good as any. It doesn't offer the comprehensive feature collection that Check Point ZoneAlarm Extreme Security 2017 does, but on the flip side, it doesn't require any attention from you.
On a seriously icon-infested desktop, you not notice the appearance of a new icon titled G Data Shredder. This is a secure deletion utility, for use when you want to delete a file beyond the possibility of forensic recovery. Many encryption utilities come with a shredder, for thoroughly wiping out the originals of files that have been encrypted.
Simply deleting a file sends it to the Recycle Bin, and bypassing the Recycle Bin leaves the file's data still on disk, just marked as space that can be reused. Overwriting that data just once is enough to defeat software-based recovery. Recovery experts use hardware systems to peel back the layers and find previously stored data, but those techniques run into the limitations of physics at about seven overwrites. Why G Data lets you choose up to 99 overwrites I do not know. Three should be plenty for normal use.
Once you've configured the shredder, you drag files and folders onto its icon for secure deletion. You'll also find a Shred choice on the right-click menu.
Minor Performance Impact
While testing G Data, I occasionally felt the system might be running a little slow, but then, my virtual machines necessarily don't have a lot of resources. Running my hands-on performance tests revealed only minor impacts on system performance.
The biggest hit (not big, but biggest) came in my boot time test. Averaging many runs before installation of the suite and many more after, I found that the boot process took 26 percent longer with G Data loading at boot time. Given that most people reboot only when forced to, that's not a big deal.
To check whether a security suite affects everyday file manipulation activities, I time a script that moves and copies an eclectic collection of files between drives. Averaging multiple runs with no suite and with G Data installed, I found the script took 18 percent longer. That's not bad; the average for this test among current products is 23 percent. And there was no measurable slowdown for my zip/unzip test, which compresses and decompresses that same file collection repeatedly.
While G Data didn't put much of a drag on performance, some competing products had even less impact. Webroot, in particular, didn't show measurable impact in any of the three tests.
Component Quality Varies
G Data Internet Security 2017 includes all of the expected security suite components and even offers a backup system. The antivirus performed well in testing, but the parental control system is both limited and ineffective, and the basic firewall could be disabled by a determined hacker. You're better off with a suite in which all of the components do a good job.
For the purpose of defining Editors' Choice products, I distinguish basic suites like G Data, feature-packed mega-suites, and cross-platform multi-device suites. In the basic suites arena, Bitdefender Internet Security and Kaspersky Internet Security are my Editors' Choice products. Both cost a bit more than G Data, but they also offer much better security.
Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.
Many security suite product lines form a simple progression, at least on the Windows platform. It goes like this: basic antivirus, entry-level suite, feature-rich mega-suite, and cross-platform multi-device suite. With ESET Multi-Device Security 10, you can install the antivirus or entry-level suite on Windows, but not the mega-suite. It also offers a choice of antivirus or suite on macOS devices. As for Android, you can install mobile security, parental control, or both. In fact, this suite shines under Android more than it does under Windows or macOS.
For $84.99 per year, you get six licenses to install ESET protection on your Windows, macOS, and Android devices. At the $99.99 per year level, you get 10 licenses. Kaspersky offers a bit less for $99.99, just five licenses. For $89.99 per year, Norton gives you 10 licenses plus 25GB of hosted online storage for your backups, and McAfee LiveSafe lets you protect all your devices, without limit. ESET's pricing fits right in with these products, and the fact that you get six licenses at the base subscription rate makes it a better deal than many. Also, the previous edition's requirement that one-half of your licenses go to Android devices has been lifted.
To start, you click a link in the activation email, which also contains your license key. In most cases, you'll start by installing ESET on a Windows device, but the download page offers you the choice of Windows, macOS, or Android. Additional installations require either the activation code or the username and password supplied along with the activation code. Unlike F-Secure, Symantec Norton Security Premium, Bitdefender, and others, ESET does not let you manage licenses using an online account. Rather, My ESET is the place to go for antitheft, Android parental control, and social media scanning.
If you choose to download protection for Windows, ESET Multi-Device installs ESET Internet Security 10. This suite's antivirus gets good scores in our tests and in independent lab tests. It includes a Host Intrusion Prevention System, a secure browser, and a simple spam filter. The firewall's program control is old school, however, either doing very little or spewing popups. Furthermore, the parental control is limited, and it fared poorly in our antiphishing test. For full details, read my review of this suite.
ESET's mega-suite, ESET Smart Security Premium 10, adds a number of advanced features not found in the entry-level suite. These include a password manager based on Editors' Choice Sticky Password Premium, an encryption system that creates secure virtual drives or secure mobile storage, and an anti-theft system for Windows devices. Smart Security Premium also uses an unusual pricing model, with no multi-license bundles. But, once again, ESET Security Multi-Device does not let you access these premium features.
F-Secure, Bitdefender, Kaspersky, and most other cross-platform suites assume that you'll want a full security suite on Windows. ESET gives you the option to install ESET NOD32 Antivirus 10 rather than the full suite, if that's what you prefer. To do so, you download and install the product as usual, then enter the license key you received with the activation email.
ESET on Mac
On a Mac, ESET Multi-Device likewise gives you a choice. You can install the ESET Cyber Security (for Mac) antivirus, or the ESET Cyber Security Pro suite. Note that there's no protection offered for iOS devices.
The Mac antivirus scans for malware on demand, on access, and on schedule. It also scans incoming POP3 and IMAP email messages for dangerous attachments. On the chance that your Mac might act as a carrier for non-Mac malware, it scans for Windows and Linux threats as well.
To keep you safe online, the Mac product includes Banking Protection as well as protection against malicious and fraudulent websites. You can also invoke its social media scanner to check for potentially dangerous links.
This suite's firewall aims to block malicious network attacks, and to control network usage by apps. Firewall experts can block specific services, ports, and IP addresses, but ordinary users shouldn't meddle with such firewall rules.
ESET's Parental control on the Mac is similar to what it offers for Windows, which means it's fairly limited. For each child, you can configure it to block websites matching specific categories, or just accept the default blocking categories for your child's age. It also logs attempts to reach blocked websites. That's the extent of parental control.
Security for Android
ESET Mobile Security provides a full range of expected Android security features. To get started, just install it from the Google Play Store. As with the Windows product, the installer requires that you actively choose whether to block Potentially Unwanted Applications (PUAs). PUAs are not as risky as malware, and you may have even given permission for their installation, but they tend to do annoying things, like bombard you with ads.
The installer offers a free trial of the app's premium features. These include anti-theft, automatic updates, antiphishing, scheduled scanning, and more. Don't bother with the trial, as you already have a license for the premium edition.
Activating that license is a bit awkward. You can do it by typing the registration code from the activation email, but that code is 20 characters long. There's also an option to activate using your username and password. I tried typing the username and password from my ESET account online; it failed. As it turns out, what it wants here is the random username and password assigned to you in the activation email.
ESET's antivirus component scans for malware immediately after install. Real-time protection watches for active malware. You can set up a scheduled scan, or (and this is clever) set it to scan any time it's charging.
Anti-theft isn't enabled by default, because it requires that you change your Android settings to make ESET a Device Administrator. You also must link this installation to your online My ESET account. Uninstall Protection prevents a thief from just turning off ESET.
The Proactive Protection feature snaps a screenshot after a failed unlock attempt. After a specified number of failed attempts (two, by default) a countdown starts in the background (15 seconds, by default). If the countdown finishes before the correct code is entered, the device goes into lockdown, just as if you had locked it remotely. A Good Samaritan who found your lost device could click a contact button to see your email address.
By logging in to the My ESET online portal, you can manage anti-theft remotely. When you mark a device as missing, ESET locks the device and starts monitoring, periodically sending the device's location, and snapping photos using the camera. You can trigger a loud alarm to help find a nearby device. And if you lose all hope for recovery, tapping the Wipe button erases all of the device's data.
Bitdefender Mobile Security and Antivirus (for Android) offers a similar set of anti-theft tools, but adds one unusual item. Once you pair your device with an Android Wear watch, you get a warning if you walk away leaving the device behind.
The anti-phishing component only works with browsers that support its integration. Tapping its button displays a list of supported browsers on your device. On the Nexus 9 that I used for testing, only Chrome appeared in the list. Avast Mobile Security blocks malicious sites in a wide variety of browsers.
Security Audit is disabled by default; you should turn it on. It warns if you're connected to insecure Wi-Fi, and if you've enabled debug mode, or installation of apps from unknown sources.
More importantly, Security Audit checks all your apps and reports how many of them have specific potentially risky permissions: using paid services, tracking your location, reading identity information, accessing messages, and accessing contacts. For each category, you can tap to see a list of programs. On my clean test device, only Speedtest triggered a warning—it needs to know your location to pick the closest server.
After I installed ESET's own Parental Control, described below, it triggered all five Security Audit warnings. Of course, that makes perfect sense; parental control is a kind of invasion of privacy. Note that the similar auditing feature in Norton Security and Antivirus (for Android) takes the concept to the next level, offering warnings about iffy apps before you even download them.
All of my Android test devices are tablets. On an Android smartphone, more options become available. If a phone thief changes out the SIM card, ESET can send the new SIM card details to a trusted friend that you've specified. You can also enable the device to receive remote lock, locate, wipe, and siren commands through SMS.
On a smartphone, ESET's SMS and call filtering lets you control who can call and text you. You make the rules, for specific numbers, for masked numbers, or for numbers not in your contacts list. Rules can apply to calls, SMS messages, or MMS messages. You can also set each rule to apply during specific times or date ranges. I imagine you could use this to block calls during the night but allow calls from your most important contacts.
The similar feature in Avast logs the content of blocked text messages, but just dumps blocked calls to voicemail. Bitdefender's Android app does many things, but call and text blocking isn't among its features.
The Security Audit component adds a couple entries for a smartphone. Specifically, it checks to be sure that data roaming and call roaming are not active.
Norton, Bitdefender, and Avast are our Editors' Choice products in the Android security realm. However, ESET covers most of the same features; it's a good choice for Android protection.
Android Parental Control
ESET's Parental Control app for Android is completely separate from the basic Android security app. In fact, you must use one of your licenses to activate the parental control system. However, once you've done so you can install it on as many Android devices as you wish.
Parental control on Android is significantly more feature-rich than on Windows. See my review of ESET Parental Control (for Android) for full details. I'll summarize here.
The same app that enforces the rules on a child's device can be used to make the rules on a parent's device. In fact, you can log in to the parent app from your child's device, if necessary. You can also manage and monitor the system from the My ESET console.
ESET blocks access to websites in categories you've defined as inappropriate. You can optionally have it log access to such sites without blocking them. It handles secure (HTTPS) websites, so kids won't evade its reach using a secure anonymizing proxy.
The Application Guard feature blocks the use of inappropriate apps, naturally. For apps defined as Fun & Games, it imposes a daily limit, and also lets parents define a weekly schedule for when such apps are allowed.
From the parental control home page, you can see an overview of the child's website and app usage, as well as a location map, and can click on the overviews for detailed reports. A few features work only from the app. Parental Message is perhaps the most important of these. It lets parents send a text message that locks the device until the child responds. That will teach them to ignore you!
On its own, the ESET parental control app is impressive, provided that you only need to cover Android devices. It comes close to our Editors' Choice product for Android parental control, Norton Family Parental Control (for Android).
ESET Multi-Device Security 10 lets you use a single license to install protection on your Windows, macOS, and Android devices, but it doesn't offer consistent protection across all platforms. Its Android support is the best of the lot, with a full-features antivirus and anti-theft component plus a parental control app that rivals the best. If you're an all-Android household, this could be a good choice.
On Windows, antivirus is ESET's best feature—other components like firewall and parental control don't come up to the same mark. In addition, Windows users don't get the premium features found in ESET's top-of-the-line suite. The Mac product does give you more than just antivirus, but it lacks many features found in the other platforms.
If you need top-notch security for your Windows, macOS, and Android devices, consider Symantec Norton Security Premium. You get 10 licenses for less than what ESET costs, along with 25GB of online backup storage. Don't want any limits? Your McAfee LiveSafe subscription is good for every device in your household, even iOS devices. These two are our Editors' Choice products for cross-platform multi-device security.
It may also sparkle with unusual bonus features, but the most important thing is that core components like firewall and antivirus excel at their jobs.
And therein lies the problem with Quick Heal Internet Security 17.
Its antivirus is good, but not great, and its firewall failed some tests that even Windows Firewall passes easily.
Cool features like ransomware protection and a hardened desktop for safe banking can't make up for weaknesses at the core. At $72 per year for three licenses, Quick Heal is less expensive than some of its competitors and more expensive than others.
A three-license subscription for a comparable suite from Bitdefender or Kaspersky costs $79.95. Norton gives you five licenses for that price, and McAfee lets you install protection on an unlimited number of Windows, Android, macOS, or iOS devices.
Trend Micro, TrustPort, and Webroot each cost just under $60 for three licenses. The suite's main window is laid out exactly like that of Quick Heal AntiVirus Pro 17, but it's tinted blue—the antivirus is red.
Both include panels linking to various security areas: Files & Folders, Emails, Internet & Network, and External Drives & Devices.
The suite adds a fifth panel, Parental Control.
And a panel across the bottom links to security news from the company. Shared With AntivirusThis suite includes everything from Quick Heal AntiVirus Pro 17, with enhancements in some areas.
I'll summarize my evaluation of the antivirus here.
If you want more details, please read the full antivirus review. Quick Heal is certified by ICSA Labs for malware detection.
In the latest report from AV-Test Institute, it earned 5.5 of 6 possible points in each of three tests, for a total of 16.5 points.
Bitdefender, Kaspersky, and Trend Micro Internet Security earned a perfect 18-point score in this test. Out of four tests by AV-Comparatives, Quick Heal earned the Advanced+ top rating in two, the minimum passing Standard grade in one, and the in-between Advanced rating in the other. In addition to the expected scan features, Quick Heal offers a boot time scan, a bootable Emergency Disk, and a separate antimalware scan that focuses on things like spyware and fake antivirus.
A full scan finished more quickly than the current average. When I ran Quick Heal through my own hands-on malware blocking test, it detected a very good 94 percent of the samples. However, incomplete blocking of installation meant that several malware executables reached the test system.
That dragged its overall score down to 8.5 of 10 possible points.
In my separate malicious URL blocking test, Quick Heal managed 92 percent protection, better than most. Norton blocked 98 percent here, and Avira Antivirus blocked 95 percent. Where most vendors reserve firewall protection for their security suite, Quick Heal includes it in the basic antivirus, along with an Intrusion Prevention System.
Almost every firewall passes my port-scan tests and other Web-based checks; Quick Heal did not.
I didn't see any reaction from the Intrusion Prevention System when I hit the test machine with exploits, though the antivirus component smacked down the malicious payload for almost half of them. On the positive side, I couldn't find any way that a malware coder could terminate the firewall's protection. Quick Heal offers a few other smaller features.
A browser sandbox aims to foil drive-by downloads and other browser-centered threats.
An anti-keylogger component proved ineffective in testing. Other bonuses include a privacy cleaner, USB protection, and diagnostic tools. Official AntiphishingThe Web protection component in the standalone antivirus scored better than half of its competition in my antiphishing test. However, according to my contact at the company, the antivirus technically does not offer phishing protection.
That feature is reserved for the full suite. As always, I tested Quick Heal using URLs that had been reported as fraudulent, but that were too new to have been analyzed and blacklisted.
At first, I thought maybe the antiphishing component wasn't turned on, because I saw the same warnings from Browser Protection that I had seen with the antivirus.
It took a while before I encountered a page that triggered Phishing Protection instead.
In fact, of all the fraudulent URLs blocked by Quick Heal, only a quarter were blocked by Phishing Protection. When I tallied up the results, I got a surprise.
Despite being tested almost two weeks apart, with completely different phishing URLs, the antivirus and the suite scored the same, at least in relation to Symantec Norton Security Deluxe.
The detection rate for both was 32 percentage points lower than Norton's. The differences between Quick Heal and the protection built into Chrome, Firefox, and Internet Explorer varied between the two tests, but the difference from Norton is what I focus on.
Few products come close to Norton's antiphishing accuracy and only a very few manage to beat Norton.
Bitdefender, Kaspersky Internet Security, and Webroot are the only recent products that have beaten Norton in this test. Anti-RansomwareRansomware is a huge and growing problem. Malware coders get a great return on investment from ransomware, because some victims pay them off with cold, hard cash. Quick Heal includes a one-two punch to protect against ransomware, but it works so silently that I didn't even notice it was included in the antivirus. Quick Heal backs up essential files and documents periodically, working in the background without bothering the user.
It also includes a special detection component that watches for activity suggesting a ransomware attack, one that got past the antivirus.
I couldn't see this feature in action, because the antivirus whacked all my ransomware samples, and turning off real-time antivirus also turned off ransomware detection. There's no sign of the silent backup, except for a strangely-named folder in the root directory of the drive with the most space available.
At present, there's no direct way for the user to recover these files—ransomware recovery requires contacting tech support.
A more interactive mode is planned for future releases. See How We Test Security Software Simple Spam FilterThe antispam component in some suites is just bristling with configuration settings.
Check Point ZoneAlarm Extreme Security 2017 lets you tweak sensitivity for various categories of spam. McAfee offers five levels of spam-filtering sensitivity. With Trend Micro, you can block messages written in languages that you don't speak, and have spam automatically removed from your webmail accounts. Quick Heal keeps things simple.
Its spam filter just handles POP3 email, not IMAP, Exchange, or Web-based email.
The spam filter is officially compatible with Microsoft Outlook Express 5.5 and later, Microsoft Outlook 2000 and later, Netscape Messenger 4 and later, Eudora, Mozilla Thunderbird, IncrediMail, and Windows Mail. However, since it marks spam messages in the subject line, it seems to me that you could use it with just about any email client. A simple plugin for Outlook and Eudora helps you whitelist known good contacts and blacklist spammers. You can also manage the whitelist and blacklist from within the program.
Finally, you can accept the Moderate filtering level, or you can choose Soft or Strict filtering.
The company recommend recommends the Moderate level.
And that's the extent of spam filtering in Quick Heal. Most users totally ignore detailed antispam configuration, so this simplicity is a good thing. Basic Parental ControlParental control in this suite covers the basics, but not much more. You can configure settings for all users, or configure it separately for each Windows user account. Quick Heal's content filter allows or blocks content in 42 categories; a somewhat awkward list lets you see just five categories at a time. You can choose from one of five age ranges to automatically select appropriate categories.
In addition, you can list specific websites that should always be blocked, or always allowed. Parents can set a weekly schedule of times when the child is allowed online, in one-hour increments.
The weekly grid is decidedly more convenient than the awkward day-by-day control found in McAfee Internet Security.
A similar grid lets you schedule overall PC access for each child. You can optionally set a daily time limit, in one-hour increments, rather than a specific schedule.
But you can't set both a schedule and a time limit the way you can with Kaspersky, BullGuard, and a few others. Quick Heal can optionally block access to programs matching 10 predefined categories, among them Email Clients, File Sharing Applications, and Media Players. You can also pick out specific individual program for blocking. I set up restrictions for an imaginary child and put this system to the test.
The time-control feature lets the child know when time is running out, with a warning to save all work and quit.
Tweaking the system date and time didn't fool the scheduler.
I couldn't get around program control by copying or renaming a banned file; all I got was "Access Denied." And the three-word network command that neuters some less clever parental control systems had no effect. I verified that the content filter is browser-independent by trying to visit naughty sites using my hand-written browser.
The page that replaces a blocked site reports the category that triggered the block.
There's no automated system to ask parents for an exception like you get with Norton.
It just advises the child to contact parents for permission. I didn't find any inappropriate websites that got past the filter. However, Quick Heal is hyperactive when it comes to content filtering.
In addition to checking each page the browser visits, it checks third-party content, ads and such, and pops up a notice saying "Access to website is blocked" even when it just blocked some third-party content.
Visiting PCMag.com triggered a deluge of warnings on categories including Travel, Downloads and Sharing, Advertisements and Pop-ups, and Social Networking. I also tried surfing to innocuous sites, with some unexpected results. Puppies.com was blocked for the category Crime and Violence, and Dogs.com for Fashion and Beauty.
It seems the content filter may be a little overenthusiastic. As for parental reporting, you get both too little and too much when you click Reports and select Parental Control from the list.
For every single URL that parental control blocked, there's a line with the date, time, and user account name, but not the URL itself. You may see 10 or more lines in a row with the same timestamp, indicating that Quick Heal blocked many different third-party links on a single page. The report also lists events such as attempts to launch a banned application, or attempts to log in during a time when computer use isn't permitted. What it doesn't include is the actual URLs that the content filter blocked.
If you want to see those, you first double-click one item, thereby bringing up a painfully detailed report on that specific item. You can now tediously page through the entire list one item at a time. Quick Heal's time controls do work, and kids can't fool its application control.
I found its content filter to be overzealous, blocking valid sites.
And the report it generates is so awkward as to be nearly useless.
If you actually need a parental control component in your suite, consider Norton, Bitdefender Internet Security 2017, or Kaspersky Safe Banking and Secure BrowserSimilar to Bitdefender's SafePay feature, Safe Banking is a separate, hardened desktop intended to prevent any interference or spying on your financial transactions.
As with SafePay, you can switch back and forth to the regular desktop.
SafePay kicks in automatically when Bitdefender detects that you're visiting a financial site; you must launch Safe Banking manually. There are other differences. With Bitdefender, the hardened desktop comes with a hardened browser based on Chrome. Quick Heal's Safe Banking includes taskbar icons to launch Chrome, Firefox, and Internet Explorer (assuming they're installed), using each browser's high-privacy mode.
It relies on Google's secure DNS servers to foil DNS-spoofing attacks.
And it blocks access to secure sites whose SSL certificates aren't valid. Safe Banking is designed to foil keyloggers, but for the truly paranoid it also includes a virtual keyboard.
To test it, I installed a popular free keylogger and examined what it captured in the unsecured desktop and in Safe Banking.
It clearly prevented capture of keystrokes and screen images. However, even though I disabled the option to copy/paste between desktops, the keylogger still captured text that I copied while using Safe Banking. The Secure Browser option isn't as fancy a feature.
It simply lets you get the benefits of the Browser Sandbox in a one-off browser window, rather than forcing all browser windows to use the sandbox feature.
As with the full Browser Sandbox, a glowing green border identifies the protected browser window. Small Performance HitIf your security suite puts a noticeable drag on system performance, you might be tempted to turn it off, which would be a bad idea.
Fortunately, most modern suites only have a minor effect on system performance.
Even so, there's a good bit of variation, so I run several hands-on tests to measure each suite's performance hit. My boot time test script assumes that the system is ready for use once 10 consecutive seconds pass with no more than 5 percent of CPU usage.
Subtracting the start of the boot process, as reported by Windows, yields the boot time.
I average many tests with a suite-free system to get a baseline.
Then I install the suite and run another round of tests.
Boot time rose by 10 percent with Quick Heal installed, but that's 10 percent of about a minute, so not much. On-access scanning necessarily requires that the antivirus keep an eye on file operations, and this can occasionally slow down everyday actions like moving and copying files.
For testing, I average many runs of a script that moves and copies a ton of files between drives, comparing the average before and after installing the suite.
This script took 44 percent longer with Quick Heal active.
That's well above the current average of 25 percent. On the other hand, I couldn't measure any impact on the time required to run a script that zips and unzips the same file collection. In testing, I didn't notice any slowdown.
Even so, other suites have exhibited a substantially less impact. Webroot SecureAnywhere Internet Security Plus and Norton had no measurable effect in the boot time and zip/unzip tests. Webroot also didn't slow the file move/copy test. Fails to ExcelWhen looking for a security suite, you want one in which every component (or at least the components you plan to use) excels at its job. Quick Heal Internet Security 17 isn't that suite. While it has some unusual bonus features, its antivirus is merely good, its firewall failed some basic tests, and its parental control system does only the minimum. Kaspersky Internet Security consistently ranks at the top with antivirus testing labs, and it includes an intelligent firewall and unusually complete parental control.
Bitdefender Internet Security is also a darling of the labs, with effective core components, and it goes beyond the basics with a bunch of useful bonus security features.
These two are our Editors' Choice products for entry-level security suite—either would be a good choice. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
It's to protect you, your privacy, and your data. With customer protection in mind, McAfee Internet Security (2017) installs on all of your devices. However, most of what it offers comes with McAfee's antivirus, and the additional suite-specific components don't add enough value, especially if you don't need antispam or parental control. At $79.99 per year, McAfee looks like it's right in line with the competition, price-wise.
Bitdefender and Kaspersky charge the same, within a nickel or so.
But look again. With a Bitdefender or Kaspersky subscription you can install protection on three PCs. McAfee is unlimited, and lets you protect every Windows, macOS, iOS, or Android device in your household. In fact, the Home screen in this product is a list of all the devices you've protected, along with a button that scours your network to find unprotected devices and bring them into the fold.
A panel at the top summarizes the status of your current device, and clicking Manage Security opens the local installation's main window. The main window looks, for the most part, like that of McAfee's antivirus.
Both have four squarish green-edged panels representing Virus and Spyware Protection, Web and Email Protection, McAfee Updates, and Your Subscription.
To the right of these, the antivirus displays smaller panels for Data Protection and for PC and Home Network Tools.
Those appear in this suite too, along with Parental Controls and the True Key password manager.
It should look reassuringly familiar to existing users. Shared Antivirus FeaturesAs is often the case, this suite's antivirus protection is precisely the same as that of the corresponding standalone antivirus, McAfee AntiVirus Plus.
That review goes into greater detail than the summary that follows. Lab Test Results ChartAntiphishing Results ChartMalware Blocking Results Chart McAfee's scores in independent lab tests are generally mediocre.
It received an A-level certification from Simon Edwards Labs, which sounds good until you realize that AA and AAA are even better. Of three tests by AV-Comparatives, it earned one passing grade and two grades a notch above passing.
The three-part test by AV-Test Institute maxes out at 18 points; McAfee got 16, and in particular scored only 4.5 of 6 points for protection.
Finally, in the banking Trojan test and all-types tests by MRG-Effitas, it simply failed. My lab test score aggregation algorithm yields 7.9 of 10 possible points for McAfee. Kaspersky took a perfect 10, while Norton and Bitdefender Internet Security 2017 came out at 9.7 and 9.3 respectively. This year's McAfee products use an entirely new antivirus detection method called Real Protect. Real Protect is focused on behavior, so as to catch even zero-day malware. Like Webroot SecureAnywhere Internet Security Plus, when it sees an unknown file behaving suspiciously, it starts journaling that file's actions and queries the cloud for advice.
If cloud-based analysis red-flags the file, McAfee rolls back all of its actions.
The new engine has been rolling out piecemeal over the last few months, so we can't know whether these tests included the new engine. Perhaps McAfee will score better going forward. In my own hands-on malware-blocking test, McAfee scored 9.2 of 10 possible points. However, among the samples it missed were two well-known ransomware threats.
I watched one of them as it busily encrypted documents on the test system, without a peep from McAfee about its behavior. Webroot scored a perfect 10 against this same malware collection. McAfee also protected against 85 percent of the 100 malware-hosting URLs I threw at it, mostly by diverting the browser from the dangerous URL.
The average score among current products is 75 percent, so McAfee is above average here. I score phishing protection by matching a product's detection rate against that of Symantec Norton Security Premium and of the protection built into Chrome, Firefox, and Internet Explorer. Last year, McAfee came very close to matching Norton's score.
This year it lagged 44 percentage points behind Norton.
Chrome and Internet Explorer beat out McAfee, as well.
Don't turn off your browser's phishing protection! Other Shared FeaturesThere's a lot more to the nominally standalone antivirus; hence "Plus" in the name.
For starters, it includes a firewall.
In testing, the firewall correctly stealthed all ports and fended off Web-based attacks. Rather than bombard the user with queries about network permissions, it handles program control internally. When I tested its ability to withstand direct attack, I found that I could terminate and disable more than half of its essential Windows services. The WebAdvisor component identifies dangerous downloads and steers the browser away from malicious or fraudulent sites.
In addition, it marks up search results with icons identifying safe, iffy, and dangerous links.
This edition adds protection for typosquatting, and it works. When I entered www.paypla.com it asked if perhaps I really wanted PayPal. Using the My Home Network feature, you can set up a trust relationship between any and all of the PCs on your network that have McAfee installed.
It doesn't even have to be the same version of McAfee. Once you've taken that step, you can use one PC to remotely monitor others, and even remotely fix configuration problems. Mac and mobile support is the same across all of the McAfee product line. Mac support is little more than antivirus, firewall, and WebAdvisor.
There's no antivirus under iOS, but you can do things like locate and wipe the device, back up contacts, and capture a photo of someone who found or stole your phone. On Android, you get a full-featured security utility with antivirus, app ratings, anti-theft, call and text filtering, and more.
And once again, there's no limit on how many devices you can add. Other shared bonus features include the QuickClean tune-up tool, a vulnerability scanner, and a secure deletion file shredder. You can also access a number of security-related online resources directly from the program. See How We Test Security Software True Key Password ManagerWith your McAfee subscription you also get a license for the True Key password manager. Read my review for a full description of this password manager and its unusual collection of authentication options. True Key's biggest claim to fame is its comprehensive multifactor authentication choices.
It does support the expected strong master password, but you have many other options. You can have it send an email each time you log in.
Clicking a link in the email allows login to proceed. More conveniently, you can associate a mobile device with True Key, and authenticate by swiping a notification. Even better, if you're using a device with a camera, you can authenticate using facial recognition, and if a finger print reader is available, you can add that, too.
If you worry that James Bond might spoof facial recognition with a photo of you, just enable enhanced facial recognition, which requires turning your head. Most password managers warn that if you lose your master password, you're hosed; you have to start over.
That's actually good, as it means that the company can't access your data even if subpoenaed.
True Key retains that same zero-knowledge benefit, but doesn't leave you in the lurch if you forget the password.
As long as you've enabled Advanced authentication, which requires a trusted device plus two other factors, you can authenticate using all the other factors and then reset your master password. True Key is a separate download, but getting it installed is easy.
After you run the installer, it adds itself as an extension to Chrome, Firefox, and Internet Explorer.
At this time, it can import passwords stored insecurely in the browsers.
It can also import from LastPass 4.0 Premium and Dashlane 4. As with most password managers, True Key captures credentials as you log in to secure sites and plays back saved credentials as needed.
The first time, it actively walks you through the process. You can also click on tiles for Google, Facebook, PayPal, and so on, entering your credentials directly.
Clicking the TrueKey toolbar icon doesn't bring up a menu the way it does with many other products. Rather, it displays the main True Key window, from which you can launch any of your saved sites. You can save personal details in the Wallet, but True Key doesn't use these to fill web forms.
The main reason to do this is that the Wallet items sync across all your devices.
The same is true of secure notes. Here's a rare feature.
If your PC has a forward-facing camera, you can configure it to unlock your Windows account using True Key's facial recognition.
True Key doesn't have advanced features like secure sharing, automatic password updates, or password inheritance, but it's far ahead of the pack when it comes to multi-factor authentication. Tepid Parental ControlsOne bonus you get by upgrading from McAfee's antivirus to this suite is a parental control system, but it's limited.
For each child's Windows account, you can choose content categories for blocking, set a schedule for Internet use, and view a report of activity for each child or all children.
That's the extent of it. The reviewer's guide for this product notes that parental controls may not work properly in a virtual machine.
I made a point of testing on a physical system to give it a fair shake. To get started, you set a password, so the kids can't just turn off monitoring.
The configuration window lists all Windows user accounts and invites you to configure parental control for each one that belongs to a child.
As with previous versions, setting up parental control for a child's account that has Administrator privileges triggers a big warning.
And yet, many parents do give older children Administrator accounts, so as to avoid constantly having to jump and supply an admin password any time the child wants to install a new game. Most other parental control systems don't have this limitation. To configure the content filter, you first choose one of five age ranges.
Doing so pre-configures which of the 20 content categories should be blocked. Rather than the usual list with checkboxes, McAfee displays a list of blocked categories and another list of allowed categories, with arrow buttons to move items back and forth between the lists. I couldn't disable the content filter with the three-word network command that neutered parental control in Total Defense Unlimited Internet Security and Alvosecure Parental Control . However, I found quite a few truly raunchy sites that the content filter didn't block. McAfee replaces naughty content in the browser with a warning message that explains why the page was blocked.
For HTTPS sites, or in unsupported browsers, it displays that warning as a popup, leaving the browser to show an error message.
The kids won't get past it by using a secure anonymizing proxy. Note, though, that Check Point ZoneAlarm Extreme Security 2017 goes even further, with the ability to filter content even over an HTTPS connection. In addition to categories, McAfee offers to block sites with "inappropriate images or language" from appearing in child's search results.
A similar feature in Trend Micro Internet Security covered up many such images. However, I couldn't find a single instance where McAfee did anything to block erotic images in search. The time scheduler is as awkward as ever.
It does let you create a weekly grid-style schedule of Internet access, in half-hour increments. Most parental control systems that use a scheduling grid let you block out rectangles on the schedule by dragging.
For example, with one drag you could block from midnight to 6am every day of the week. McAfee's system forces you to drag on just one day at a time.
The grid is so tall that you can only select about seven hours at a time, and it doesn't auto-scroll when you hit the edge.
This feature could be so much easier to use! On the bright side, time-scheduling doesn't rely on the system clock, so the kids can't fool it. The simple parental report lists all domains blocked, along with their categories.
It also logs all attempts to use the Internet when the schedule doesn't allow it. And there you have it.
That's the totality of parental control in this suite.
It's limited, awkward, and not entirely effective.
If you actually need a suite that includes high-end parental control, look to ZoneAlarm, Kaspersky Internet Security, or Norton. Broad-Spectrum Spam FilterWith so many users getting spam filtered by the email provider, the value of local spam filtering is on the decline.
But if you're one of that diminishing group whose email provider doesn't offer spam filtering, a local filter can be essential. McAfee's spam filter integrates with Outlook, Windows Mail, and Windows Live Mail.
In these email clients, it adds a handy toolbar and automatically tosses spam messages in their own folder. You can still use it if you're a fan of Eudora or The Bat!, but you'll have to define a message rule to sift out the spam. McAfee filters spam from POP3 and Exchange email accounts.
It doesn't handle IMAP accounts in your email client the way ZoneAlarm does. However, in an unusual twist, it has the ability to filter webmail accounts directly. Webmail filtering was a pretty amazing feature when first introduced years ago, but these days it's hard to find a webmail provider that doesn't implement its own spam filtering. You can view messages filtered out by this feature right in the application and, if necessary, rescue any valid mail that was misfiled. There are quite a few options for configuring the spam filter.
To start, there are five levels of protection, from Minimal, which allows more spam but doesn't throw away valid mail, to Restricted, which blocks all messages unless the sender is on your Friends list.
I'd advise leaving it set to the default Balanced level. You can define custom spam filtering rules, but I can't imagine why any user would take the time to do this.
The Friends list identifies addresses or domains that should always reach the Inbox. You can manually edit this list, add friends from the email client toolbar, or add all your contacts to the Friends list.
There's also an option to automatically block messages written using character sets for languages you don't speak. Just to see how it works, I set up filtering for the Yahoo mail account I use in testing. When I filled in the address, McAfee automatically selected the correct mail server and port. However, after I entered my password and tried to add the account, McAfee reported that it was the wrong password. In fact, the password was correct, but Yahoo rejected the login and sent me an email warning about an attempt to connect by a "less-secure app." In order to let McAfee do its job, I had to dig into Yahoo settings and enable access by less-secure apps. If you do need spam filtering at the local level, McAfee can handle it. Where many products limit protection to POP3 accounts, McAfee can filter Exchange accounts and even pull spam from your webmail. Minor Performance HitDuring my extensive testing, I didn't get any feeing that McAfee was slowing me down.
That's not surprising; these days its uncommon for security suites to exhibit a noticeable performance impact. My hands-on test did reveal some actions that took longer with McAfee installed. Most of us don't reboot often—perhaps never except when an update requires it. My boot-time test showed just a 3 percent increase in the time from the start of boot until the system was ready for use, so if you do have to reboot, you'll hardly notice McAfee's presence. Performance Results Chart Given that the new Real Protect real-time antivirus scans files when they try to execute, not on just any file access, I expected minimal impact in my file move and copy test.
This test repeatedly times a script that moves and copies a mammoth collection of various-sized files between drives.
I was surprised to see a 44 percent increase in the time required for this test. On the bright side, another test that zips and unzips the same file collection didn't have any measurable impact. While there's some variation in the results of this test, a couple products come out on top. Webroot and Trend Micro exhibited almost no slowdown in the performance test. Stuck in the Middle With YouFor $20 per year more than McAfee's antivirus, McAfee Internet Security gives you innovative password management along with parental control and antispam features that you may not even need.
Everything else—firewall, remote management, support for macOS, iOS, and Android, and more—is present in the antivirus.
For another $10 you could upgrade to McAfee's top-of-the-line suite.
This suite remains stuck in the middle, with no compelling reason to buy it rather than one of McAfee's other products. Other than the cross-platform bonus, this suite is comparable to Bitdefender Internet Security 2016 and Kaspersky Internet Security.
These two suites earn fantastic scores from the independent testing labs, their components are capable across the board, and they offer a comparable smorgasbord of bonus features.
They're our Editors' Choice winners for entry-level security suite. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
Bitdefender Internet Security 2017 brings even more to the table.
The antivirus includes such bonuses as password management, a hardened browser, and a file shredder.
The suite adds firewall, spam filtering, parental control, encrypted storage, and more.
As with previous editions, it defaults to running in AutoPilot mode, meaning it handles security in the background, without forcing you to get involved. At the lowest levels, this product's pricing hasn't changed since last year.
It's still $59.99 per year for one device and $79.99 for three.
But where five- and 10-license subscriptions used to cost $119.95 and $209.95 respectively, they're now $84.99 and $89.99.
That's more in line with Norton, which costs $89.99 for 10 licenses. Note that for Bitdefender's three-license price tag you can get unlimited installations of McAfee Internet Security. The new edition of Bitdefender sports a user interface makeover.
Its background is still shades of dark gray, and it still features a big status panel that's green when all is well, red when you need to attend to configuration.
But the icons in the new left rail make it even easier to reach any of the suite's many security components. Powerful Shared Antivirus The core antivirus protection in this suite is the same as that of Editors' Choice Bitdefender Antivirus Plus 2017.
I'll sum up my findings here.
As always, you can read my review of the standalone antivirus for full details. Lab Test Results ChartAntiphishing Results ChartMalware Blocking Results Chart Bitdefender earned a perfect 18 points in the latest three-part test reported by AV-Test Institute. Kaspersky and Trend Micro also took 18 points. I follow five of the many tests regularly performed by AV-Comparatives.
Bitdefender earned the best possible rating in all five, as did Kaspersky. Bitdefender's score in Virus Bulletin's RAP (Reactive and Proactive) test was just average.
As for the two tests from MRG-Effitas that I track, Bitdefender failed one and got partial credit for the other. However, the majority of tested products simply fail these tests, with no indication whether it was just-on-the-edge fail or epic fail.
Because of that I've reduced its weight in my aggregate lab-scoring algorithm.
Bitdefender's aggregate is 9.4 of 10. Only Kaspersky Internet Security and Norton came in higher. In my hands-on malware blocking test, Bitdefender detected 90 percent of the samples and earned 8.8 points, putting it in the middle of products tested using the current malware collection.
Tested with the same samples, Webroot SecureAnywhere AntiVirus came out with a perfect 10 point. Challenged with 100 malware-hosting URLs, Bitdefender exhibited a very good 91 percent protection rate.
Top score in this test goes to Avira Antivirus 2016, with 99 percent. Norton also did well, scoring 98 percent. Bitdefender's browser extension proved extremely effective at detecting and blocking phishing sites, fraudulent sites that try to trick you into giving away your passwords.
In fact, it earned the best score ever seen on this test.
Bitdefender also specifically flags over a dozen types of fraudulent websites. Many Other Shared FeaturesAs noted, Bitdefender's standalone antivirus actually doesn't stand alone—it includes a ton of useful bonus features.
Its vulnerability scan doesn't just look for missing Windows updates and application security patches.
It also checks for weak passwords on Windows user accounts and even checks that your home Wi-Fi is properly secured. Ransomware is a huge problem, and Bitdefender addresses it directly.
It prevents unauthorized programs from making any changes to the folders you've charged it to protect.
By default, those are the Documents and Pictures folders for each user account.
If it blocks a legitimate program, perhaps a less-used document editor, you can easily whitelist that program. Panda and Trend Micro offer similar anti-ransomware features. Bitdefender Wallet is a complete, if basic, password manager.
It captures and replays passwords, and its browser extension provides a menu of saved secure sites. You can store one or more identity profiles or credit cards and use them to fill Web forms.
Admittedly, in testing it didn't handle non-standard password pages and didn't fill all fields on some Web forms.
But it includes all the basics. When you try to open a website that Bitdefender recognizes as a financial site, it offers to open in Safepay instead.
This is a separate desktop, isolated from other processes, with its own hardened browser.
If the Wi-Fi Advisor component detects that you're connected to an insecure hotspot, it suggests that you do all your browsing through Safepay.
It also checks your home network's security configuration. Rounding out the bonus collection is the file shredder.
This is a secure deletion utility that overwrites files and folders three times before deletion, making forensic recovery impossible. Strong, Silent FirewallIn the spirit of AutoPilot mode, Bitdefender's firewall does its best to stay out of your face.
It automatically configures network permissions for known programs.
As for unknowns, it allows them access, too, but keeps an eye out for misuse of resources.
Symantec Norton Security Premium and Kaspersky both do something similar.
It makes total sense for the firewall to make these decisions, rather than bombarding users with popups asking for answers to questions they don't understand. The firewall fended off the port scans and other Web-based tests I hit it with, making all the test system's ports invisible to outside attack.
That's more of a baseline than an accomplishment, though, since the built-in Windows Firewall protects against such outside attacks. Bitdefender also blocks some exploit attacks.
To see it working, I had to turn off AutoPilot mode.
Then I hit it with about 30 exploits generated by the CORE Impact penetration tool. None of the exploits penetrated security, which is not surprising on this fully patched test system.
Bitdefender actively blocked 44 percent of the attacks, identifying the majority of them by their official name and number.
Trend Micro did a bit better, with 52 percent blocked, and Norton blocked 63 percent at the network level, before they even reached the browser. If a malware coder can programmatically flip the off switch and end firewall protection, that's bad.
I couldn't find any opening for that sort of attack.
I found that Bitdefender had four processes running, and was able to terminate the two less-important ones…but the other two resisted termination and reanimated those I did kill.
I also couldn't stop or otherwise influence Bitdefender's three essential Windows services. You might notice that I didn't mention the firewall-assisting Intrusion Detection system.
That's because it's no longer exposed as a user-adjustable component.
It's rolled into Bitdefender's active threat control. See How We Test Security Software Friendly Parental AdvisorYou manage Bitdefender's Parental Advisor online, leaving the local Bitdefender app on your Windows and Android devices to enforce the rules you set and report on the child's activity.
Based on user feedback, the designers made a few changes, making this component even more simple and friendly. To start, you create a profile for each of your children. Name, gender, and birthdate are required. You can optionally add a photo. Next, you identify the devices this child uses.
It assumes just one user for Android devices. On Windows devices, you can either associate the entire device, or just one user account. Note that you can't tie one user account to one child and another to a different child on the same device. My Bitdefender contact commented that while reviewers might want to do this, customer research shows that virtually no actual users want to. Click on a child's name to open the online console, which has six tabs: Dashboard, Activities, Interests, Friends, Places, and Social.
Activities refers to the programs and apps that the child has used recently.
If you see something off-key, just click it to prevent use of that program. Note that a checkmark means the program is blocked while a plus-sign means it is allowed. Your child won't fool this feature by creating a renamed copy of the blocked program. Click on Interests to see a list of the 42 content categories that Bitdefender tracks.
Based on the child's birthdate, this component selects a set of categories to be blocked, but as always, you can make your own selections.
In testing, I couldn't find any inappropriate sites that weren't blocked, even in my massively off-brand hand-written browser.
Bitdefender filters HTTPS pages too, so your child won't evade parental control using a secure anonymizing proxy. A teen who just wants to look at naked ladies can get an eyeful simply by doing a Google image search.
It's no longer possible for parental control to force Safe Search on search portals that default to HTTPS.
Trend Micro is one of the few products that address this issue, attempting to detect and cover up prurient images. If the child profile has an associated Android device, the Friends tab displays a list of contacts. You can click a contact to block calls and texts. The last time I reviewed this product, it also included the ability to block specific keywords in messages.
I couldn't find this feature. My Bitdefender contact explained that after consulting with actual users, they removed it. Parents had trouble using it, and kids had no trouble avoiding it by using slang and leet-speak. Places is another feature that's only functional if your child has an Android device associated.
By selecting a point on a map and choosing a radius from 100 to 2,000 meters, you define named places and identify them as safe or restricted.
Bitdefender takes note when the child enters or leaves one of these places. To make use of the Social tab, you must get the Bitdefender app installed on your child's Facebook account.
If you know the credentials you can just log in and add it.
There's also an option to email the child a request to install the app.
There's no way to prevent the child from later uninstalling it, but by default you get a notification if that happens. With the app in place, the Social page becomes useful.
To start, it reports on settings that are, or could be, a threat to privacy.
For example, having email, relationship status, or birthday visible are considers high threats to a child's privacy.
Exposing location or education data could be a threat, especially if a cyber-bully targeted your child, so Bitdefender suggests exposing this data only to friends. You can also view all of the pages your child has liked, and click any of them to view the page.
Another sub-tab shows photos from the last few months, specifically tagged photos, profile pictures, cover photos, mobile uploads, and timeline photos.
I do wish this page displayed the photos in a thumbnail grid rather than in a long, long scrolling list. Finally, the Dashboard gives an overview of the child's activity.
It reports recent locations, if the child has an Android device.
It summarizes what website categories interest the child most, lists the programs and apps that were used, and reports how long the child spent using each device. I tried to drill down from the list of content categories to the actual list of allowed and blocked URLs, but couldn't figure out how. My Bitdefender contact explained that this feature was removed. "We categorize websites based on content, not just the URL, and content can change," she noted.
The point is to give parents insight into the child's interests, not to nitpick a precise list of URLs. Bitdefender also has the ability to control how much time your child spends using devices, but it's a little bit hidden.
In the section of the dashboard that shows the time spent on each device, there's a link to set sleep time. When you click this, you can set a span of time during which the child's devices are unavailable, separately for weekdays and weekends.
During the designated sleep time, the child can't log in to Windows and can't go online on an Android device.
The designers chose not to block all use of Android devices, given the child might need emergency access to phone home. Under its simple-looking façade, this is a full-featured parental control system, more than you get in most suites.
The geofencing and call blocking features stand out, as does the analysis of Facebook privacy settings.
If you want your parental control integrated with a security suite, Bitdefender is a dandy choice. Smooth, Simple AntispamThese days it seems that almost everyone gets spam filtered by a webmail service or at the email server.
If you're that rare individual who still needs a local spam filter, Bitdefender has you covered, as long as your account uses POP3 and not IMAP or Exchange.
According to my Bitdefender contact, while it aims to block all spam, it particularly focuses on blocking spam that contains malware or ransomware. The spam filter integrates with Microsoft Outlook and Thunderbird. You can still use it with a different email client, but you will have to create a message rule to divert marked spam messages away from your Inbox.
That's a distinction from Trend Micro Internet Security, which only works with its supported clients. For those two supported clients, Bitdefender installs a toolbar that lets you mark any spam messages that reached the Inbox, or rescue valid messages that got tossed in with the spam. You can also add senders to the Friends list or the Spammers list, either by clicking a button or by editing the lists manually.
In the latter case, you can blacklist or whitelist a whole domain, if desired. By default, when you flag a message as spam or not spam Bitdefender asks permission to submit the message to its cloud-based filter system, so as to improve detection rates. You can set to never do this, or to always do it without asking.
Those concerned with privacy might consider automatically submitting spam messages that slipped through, but suppressing upload of valid messages that were originally marked as spam. In addition to those settings that affect submitting messages to the cloud, Bitdefender includes the option to block any messages written in Asian characters, or in Cyrillic.
There are a few more settings, but really, you'll do well to just leave them at their default values.
There's very little to configure in this smooth, simple spam filter. File Encryption and File ShredderEncrypting ransomware locks up your files and threatens to throw away the key unless you pony up cash, or Bitcoins. Not nice! But when you control the encryption keys, keeping your most sensitive files in encrypted storage can be a very smart way to protect them. Previously reserved for Bitdefender's Total Security mega-suite, file encryption is now available in the entry-level suite. Creating a vault is simple. You give it a name, accept or change the location for the file that represents the vault, sets its size, and give it a password. You can also choose to accept whatever drive letter Windows assigns or use a hard-coded drive letter. When the vault is open, you use it like any other disk drive. When it's locked, its contents aren't even visible, much less accessible. As with the similar feature in Kaspersky, you can't change the vault size after creation.
Trend Micro Maximum Security 2016 lets you create just one vault, but its size isn't set in stone.
Even better, if your computer is lost or stolen, you can remotely seal the vault, so it won't open even with the password. Copying a super-sensitive document into encrypted storage doesn't do much good if you leave the unencrypted original lying around, and just deleting that original, even if you skip the Recycle Bin, won't prevent forensic recovery.
Instead, run the original through Bitdefender's File Shredder.
This tool, also found in the standalone antivirus, overwrites the file's data three times before deletion, making forensic recovery impossible. Mixed Performance ImpactThe days when installing a security suite meant giving up peppy performance are long over.
Consumers won't accept it, nor will Microsoft.
Even so, there are variations in how much a given suite's background activities impact performance. Every antivirus that includes on-access scanning has the potential to slow down normal file operations.
To check on this, I average the time for multiple runs of a script that moves and copies a large collection of files between drives.
Comparing the times before and after installing the suite, I come up with an impact percentage.
I also time another script that zips and unzips the same file collection. Performance Results Chart Bitdefender had no impact at all on these two tests.
In fact, the two scripts actually ran faster with the suite installed.
I repeated the test, with the same results. I also measure boot time using a script that calculates the time-span between the start of the boot process and the point where the system has gone ten seconds with CPU usage no more than five percent. Looking at average values before and after installing the suite, I saw an increase in boot time of 45 percent. Discussing this finding with my contacts at the company, I learned that the suite very deliberately stretches out the loading of any components not essential to security, so as to reduce impact on boot time.
It may well be that this feature and my exact test methodology aren't compatible.
In any case, most users reboot as infrequently as possible.
The low impact on day-to-day file operations is more important. Still a Winner Bitdefender Internet Security 2017 goes way beyond the minimum suite features. Yes, it has antivirus, antiphishing, antispam, firewall, and parental control.
But it also offers password management, secure browsing, ransomware protection, and file encryption, among many other bonus features.
Along with Kaspersky Internet Security, it's an Editors' Choice security suite. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.