Tag: Post Office Protocol
When choosing a security suite, you probably look for familiar company names rather than trusting your security to an unknown. Germany-based G Data may not have huge mindshare in the United States, but it's big in Europe. G Data Internet Security includes all the features you'd expect in a suite, including an antivirus, a firewall, parental controls, and a spam filter. Unfortunately, the quality of the components spans quite a range, from very good to very poor.
Bitdefender, Kaspersky, and ESET Internet Security 10 are among the suites that cost roughly $80 for three licenses. There's another group around $60 that includes Webroot, Trustport, and Avast. G Data falls in between, with a $64.95 subscription price for three licenses. If you need just one installation, you can cut $10 from that price.
This product's main window features the familiar bold G Data color scheme, with a red banner holding a row of icons at top. Some security vendors use precisely the same component layout throughout the product line, showing unavailable features as disabled. Not G Data. The home screen shows a detailed security status, with links to important components, but there are more components displayed in the suites banner than that of the standalone antivirus. To the three top-row icons found in the antivirus, the suite adds icons for its backup, firewall, and parental control features.
Shared with Antivirus
The antivirus protection in this suite is precisely what you get in G Data Antivirus 2017. I'll summarize my findings here, but if you want full details you should read my review of the antivirus.
Four of the five antivirus labs that I follow include G Data in their tests and reports. It earned an above-average rating in the RAP (Reactive and Proactive) test from Virus bulletin, but didn't do quite as well in the three-part testing performed by AV-Test Institute. G Data earned the maximum six points for protection against malware, and six more for low false positives, but a drag on performance dropped its score to 4.5 in that category. A total of 16.5 points is good, but Kaspersky Internet Security took a perfect 18 points in this test. Bitdefender and Trend Micro were close behind, with 17.5 points.
In the real-world attack simulation tests by SE Labs, G Data took AA certification, the second-highest of five possible levels. Emsisoft, Kaspersky, Norton, and Trend Micro managed an AAA rating. Like most tested products, G Data failed the pass/fail banking Trojans test performed by MRG-Effitas. Its aggregate score of 8.7 points is good, but Kaspersky leads with 9.8 of 10 possible points, and Norton got 9.7 points.
Like Webroot, Comodo Antivirus 10, and PC Matic, G Data detected 100 percent of the samples in my malware collection. Not-quite-perfect blocking of a few samples results in an overall score of 9.8 points. That's very good, but the other three I mentioned managed a perfect 10. G Data wasn't fooled at all by my hand-tweaked samples; it blocked them all. Comodo, by contrast, missed 30 percent of the modified versions.
For a different look at malware blocking, I use a feed of recently discovered malware-hosting URLs supplied by MRG-Effitas. G Data blocked 78 percent of the samples in this test, almost all by completely blocking access to the URL. Norton tops this test, with 98 percent protection.
The same Web-based protection component should also serve to steer the hapless user away from fraudulent sites that try to steal login credentials. However, G Data fared poorly in my antiphishing test, with a detection rate 44 percent lower than Norton's. While most products lag Norton in this test, more than half of them did better than G Data. Only Bitdefender, Kaspersky, and Webroot SecureAnywhere Internet Security Plus have eked out a better score than Norton.
Other Shared Features
Exploit protection is usually associated with the firewall component, but G Data offers it in the standalone antivirus. In testing, it didn't block exploits at the network level, but wiped out the executable payload for 50 percent of the samples. That's quite good. Champion in this test is Symantec Norton Security Deluxe, which stopped 63 percent of the attacks at the network level.
My hands-on testing confirmed that G Data's keylogger protection and ransomware protection are effective. For those tests, I had to turn off all other protective layers.
Similar to the SafePay feature in Bitdefender Internet Security 2017, BankGuard protects your browsers from man-in-the-middle attacks and other data-stealing attacks. The AutoStart manager lets you reversibly disable programs from launching at startup, or set them to launch after a delay.
See How We Test Security Software
Every firewall needs to at least match the abilities of the built-in Windows Firewall that it replaces. Specifically, it must block outside attacks and put the system's ports in stealth mode, so they're not visible from the Internet. G Data's firewall fended off my port scans and other Web-based attacks, and popped up a notification that it had done so. So far, so good!
The settings page for G Data's firewall is pleasantly simple. A large slider lets you choose one of five preset security levels: Maximum, High, Standard, Low, and Disabled. Three other pages of settings are deliberately unavailable, with their configuration changed automatically as you switch security levels. True firewall experts can choose custom settings, thereby enabling access to those pages. But most should leave the firewall set to its default Standard level.
Most firewall components also keep track of how programs are using your network connection. Advanced firewalls like Norton's automatically define permissions for millions of known programs and carefully watch how unknowns behave, smacking them down if they show signs of misusing the network. Less advanced firewalls rely on the user to determine whether unknown programs should be allowed to access the network, which sometimes results in a deluge of popup queries.
G Data's firewall runs by default in autopilot mode, meaning you won't see any queries. It's not entirely clear just what it does in this mode, but as far as I can tell, it allows all outbound connections and rejects unsolicited inbound connections. That's not doing a lot.
To see the program control component in action, I turned off autopilot. Cleverly, the program offers to temporarily turn autopilot back on if it detects you're launching a full-screen application.
When I tried launching a guaranteed-unknown program (a small browser I coded myself), G Data popped up asking whether to allow or block access, once or always. That's exactly what should have happened. I tried a few leak test utilities, programs that try to gain access to the Internet without triggering the firewall's program control. G Data caught some, but not all, of these.
Unfortunately, it also popped up repeatedly for some Windows internal components. Note, too, that firewall popups appear for any user account, including non-Administrator accounts. While your toddler is playing games online, she may accidentally tell G Data to always block access by some Windows component. In that case, you'll need to open the Application Radar window from the Firewall status screen to unblock that application.
A firewall isn't much use if a malicious program can reach in and flip the off switch. I couldn't find a way to disable G Data by manipulating the Registry, though it didn't protect its Registry data against change the way Bitdefender, McAfee Internet Security, and others do. The last time I tested G Data, I found that I could terminate some of its processes using Task Manager. This time around, all 11 processes received protection.
Alas, G Data's essential Windows services are still vulnerable to a simple attack that could be carried out programmatically. I set the Startup Type for each of six services to disabled and then rebooted the computer. That effectively eliminated G Data's protection. In a similar situation, Comodo Firewall 10 Firewall seemed to succumb, but recovered on reboot.
This firewall component handles the basic tasks of protecting against outside attack and preventing programs from misusing your Internet connection, but that's about all. And the vast majority of competing products manage to harden their Windows services against tampering more thoroughly than G Data does.
Cloud Storage Backup
When you first click the backup icon, you just get a big, empty page. A bit of investigation reveals the New Task button. Clicking it brings up a disclaimer pointing out that the subscription you have offers online backup only. If you want advanced features like making local backups or burning backups to optical media, you must upgrade to G Data Total Security. You can check a box to suppress this disclaimer in the future.
To start designing a backup job, you select files and folders for backup. You do this using a folder/file tree. Checking or unchecking a folder selects or deselects all its contained folders and files. If you simply check the tree item with your username, representing all your user data, that may be enough.
The selection tree exhibits a strange redundancy that might cause trouble. For example, after the entry with your name is an entry called Libraries. If you check your username entry, the corresponding entries under Libraries (Music, Videos, Documents, and Pictures) do not get checked. But if after that you check Libraries and then uncheck it, those four entries under your username lose their checkmarks. This is just one of several redundancies in the tree, so you should carefully review your selections before proceeding.
The next step is target selection, but your only choice is cloud backup. Well, there's also an option to copy the archived data to an FTP server, but not many users are equipped to perform the necessary configuration. When I tried to continue at this point, the program admonished me, "Cloud has been selected as target, but no login has been entered." Guessing at this point, I clicked a button for network login—no joy. I finally thought to click the cloud icon. This triggered a menu titled New Account, which in turn asked me to select Dropbox or Google Drive. That could be clearer.
Kaspersky Total Security also offers to store backups on Dropbox, but this is just one of its many options. With Kaspersky, you can also back up your files to any local, removable, or network drive, or to an FTP server.
You can optionally create a schedule, separately for a full backup of all data and for a partial backup containing only changed data. Do you know what the difference between a differential backup and an incremental backup is? If not, just leave it set at the default. For each type of backup you can choose one-off, daily, weekly, or monthly backup, or just run the backup manually when you think of it.
Now you can review the dozens of options on the final page of settings. Some are disabled, most are set to the best configuration, but there's one you might want to tweak. By default, G Data opts for fast compression, making the backup process as speedy as possible. If you're short on cloud space, consider setting it to emphasize good compression, instead.
You can create as many backup jobs as you like. You might choose redundancy, backing up to both Dropbox and Google Drive. These jobs appear in the previously blank main backup window.
As for restoring backed-up files, it's a snap. Choose the backup, choose to restore all files or just some of them, and choose whether to restore to the original location or a new location.
Norton gives you 25GB of hosted online backup storage, and makes setting up a backup job very easy. Webroot completes also offers 25GB of storage, and serves as a full file-syncing tool. The backup system in G Data does the job, but it requires that you use third-party cloud storage, and it could be much, much simpler for users.
Porous Parental Control
This suite's parental control system is minimal, consisting of content filtering and time scheduling for Internet or computer use.
The content filter can block websites matching five categories: Drugs, Hackers, Violence, Extremist, and Pornography. There's also an option to block all HTTPS sites, but it's a ridiculous option. Yes, it would prevent access to secure anonymizing proxies, but it would also block any site that sensibly uses a secure connect, including Google, Unicef, and Wikipedia.
Parents can limit time on the computer, the Internet, or both. When enabled, the default in each case is 1.5 hours per day, 10.5 hours per week, and 45 hours per month. These times line up nicely. For example, 1.5 hours on each of seven days equals 10.5 hours. You can also define a weekly schedule, in one-hour increments, for when the child can use the Internet, or the computer. This feature uses a handy grid that makes it easy to set allowed and blocked times.
When I put G Data's scheduler to the test, I found that time-scheduler relies on the system clock. Resetting the clock to an allowed time defeats it. Admittedly, I couldn't find a similar way to defeat the daily cap.
Content filtering is keyword based, and it's both too lax and too strict. Photo-based pornographic sites with no banned words in the URL or page text flew right past the filter, while perfectly innocent sites triggered the over-zealous filter. For example, it blocks any page on blogspot.com because the filter found "pot" in the URL. Pages on the American Kennel Club site that used the word bitch (perfectly valid in this context) got the axe. And so on.
You'd think the Hackers category would block secure anonymizing proxy websites, but it doesn't. By connecting to one, I completely eluded the filter—don't think your teenager won't figure this out.
G Data does report which websites it blocked for each user, along with a date/time stamp and explanation. The explanation helped me confirm that, for example the app did indeed block a blogspot.com page due to the embedded word pot.
This is just not a useful system. If you need parental control in your security suite, look elsewhere. The parental control component in Norton is an Editors' Choice as a standalone. ZoneAlarm's is based on ContentWatch Net Nanny 7, another Editors' Choice. And Kaspersky Total comes with the excellent Kaspersky Safe Kids.
Simple Spam Filter
The need for local spam filtering gets smaller and smaller as more people use services that filter spam at the server level. If you're one of the few who don't get spam skimmed out of your email feed before it arrives, it's nice to have spam filtering handled by your security suite.
G Data analyzes incoming POP3 and IMAP email messages, flagging suspected spam messages, messages with a high spam probability, and messages with a very high spam probability. It prefixes [suspected spam] to the subject line for the first category, [spam] for the other two. You can change these tags, if you like, but most users will surely leave them at their default values.
This spam filter integrates with Microsoft Outlook, automatically diverting marked messages into the spam folder. Those using a different email client must create email rules based on the subject tags, not a terribly challenging task.
G Data uses quite a few different criteria to develop a spam score for each message. It checks the message text for certain keywords, and the message subject for a different set of keywords. You can edit either keyword list. It also includes a self-learning content filter system that's meant to improve accuracy over time.
The spam filter can also check spam messages against real-time blacklists. This process tends to slow the email download, so by default it only uses those blacklists for suspicious messages. Digging deeper, you can configure the spam filter to reject messages written in languages you don't speak. But really, most users can just leave the spam filter settings alone.
You can put specific addresses or domains on the whitelist, to ensure that the spam filter never blocks them. Conversely, you can blacklist addresses or domains to ensure they always get filtered. There's no option to import the content of your address book, or automatically whitelist addresses to which you send mail, like you get with ESET, Trend Micro Internet Security, and others.
If you do need local spam filtering, and want your security suite to handle it, G Data is as good as any. It doesn't offer the comprehensive feature collection that Check Point ZoneAlarm Extreme Security 2017 does, but on the flip side, it doesn't require any attention from you.
On a seriously icon-infested desktop, you not notice the appearance of a new icon titled G Data Shredder. This is a secure deletion utility, for use when you want to delete a file beyond the possibility of forensic recovery. Many encryption utilities come with a shredder, for thoroughly wiping out the originals of files that have been encrypted.
Simply deleting a file sends it to the Recycle Bin, and bypassing the Recycle Bin leaves the file's data still on disk, just marked as space that can be reused. Overwriting that data just once is enough to defeat software-based recovery. Recovery experts use hardware systems to peel back the layers and find previously stored data, but those techniques run into the limitations of physics at about seven overwrites. Why G Data lets you choose up to 99 overwrites I do not know. Three should be plenty for normal use.
Once you've configured the shredder, you drag files and folders onto its icon for secure deletion. You'll also find a Shred choice on the right-click menu.
Minor Performance Impact
While testing G Data, I occasionally felt the system might be running a little slow, but then, my virtual machines necessarily don't have a lot of resources. Running my hands-on performance tests revealed only minor impacts on system performance.
The biggest hit (not big, but biggest) came in my boot time test. Averaging many runs before installation of the suite and many more after, I found that the boot process took 26 percent longer with G Data loading at boot time. Given that most people reboot only when forced to, that's not a big deal.
To check whether a security suite affects everyday file manipulation activities, I time a script that moves and copies an eclectic collection of files between drives. Averaging multiple runs with no suite and with G Data installed, I found the script took 18 percent longer. That's not bad; the average for this test among current products is 23 percent. And there was no measurable slowdown for my zip/unzip test, which compresses and decompresses that same file collection repeatedly.
While G Data didn't put much of a drag on performance, some competing products had even less impact. Webroot, in particular, didn't show measurable impact in any of the three tests.
Component Quality Varies
G Data Internet Security 2017 includes all of the expected security suite components and even offers a backup system. The antivirus performed well in testing, but the parental control system is both limited and ineffective, and the basic firewall could be disabled by a determined hacker. You're better off with a suite in which all of the components do a good job.
For the purpose of defining Editors' Choice products, I distinguish basic suites like G Data, feature-packed mega-suites, and cross-platform multi-device suites. In the basic suites arena, Bitdefender Internet Security and Kaspersky Internet Security are my Editors' Choice products. Both cost a bit more than G Data, but they also offer much better security.
Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.
Many security suite product lines form a simple progression, at least on the Windows platform. It goes like this: basic antivirus, entry-level suite, feature-rich mega-suite, and cross-platform multi-device suite. With ESET Multi-Device Security 10, you can install the antivirus or entry-level suite on Windows, but not the mega-suite. It also offers a choice of antivirus or suite on macOS devices. As for Android, you can install mobile security, parental control, or both. In fact, this suite shines under Android more than it does under Windows or macOS.
For $84.99 per year, you get six licenses to install ESET protection on your Windows, macOS, and Android devices. At the $99.99 per year level, you get 10 licenses. Kaspersky offers a bit less for $99.99, just five licenses. For $89.99 per year, Norton gives you 10 licenses plus 25GB of hosted online storage for your backups, and McAfee LiveSafe lets you protect all your devices, without limit. ESET's pricing fits right in with these products, and the fact that you get six licenses at the base subscription rate makes it a better deal than many. Also, the previous edition's requirement that one-half of your licenses go to Android devices has been lifted.
To start, you click a link in the activation email, which also contains your license key. In most cases, you'll start by installing ESET on a Windows device, but the download page offers you the choice of Windows, macOS, or Android. Additional installations require either the activation code or the username and password supplied along with the activation code. Unlike F-Secure, Symantec Norton Security Premium, Bitdefender, and others, ESET does not let you manage licenses using an online account. Rather, My ESET is the place to go for antitheft, Android parental control, and social media scanning.
If you choose to download protection for Windows, ESET Multi-Device installs ESET Internet Security 10. This suite's antivirus gets good scores in our tests and in independent lab tests. It includes a Host Intrusion Prevention System, a secure browser, and a simple spam filter. The firewall's program control is old school, however, either doing very little or spewing popups. Furthermore, the parental control is limited, and it fared poorly in our antiphishing test. For full details, read my review of this suite.
ESET's mega-suite, ESET Smart Security Premium 10, adds a number of advanced features not found in the entry-level suite. These include a password manager based on Editors' Choice Sticky Password Premium, an encryption system that creates secure virtual drives or secure mobile storage, and an anti-theft system for Windows devices. Smart Security Premium also uses an unusual pricing model, with no multi-license bundles. But, once again, ESET Security Multi-Device does not let you access these premium features.
F-Secure, Bitdefender, Kaspersky, and most other cross-platform suites assume that you'll want a full security suite on Windows. ESET gives you the option to install ESET NOD32 Antivirus 10 rather than the full suite, if that's what you prefer. To do so, you download and install the product as usual, then enter the license key you received with the activation email.
ESET on Mac
On a Mac, ESET Multi-Device likewise gives you a choice. You can install the ESET Cyber Security (for Mac) antivirus, or the ESET Cyber Security Pro suite. Note that there's no protection offered for iOS devices.
The Mac antivirus scans for malware on demand, on access, and on schedule. It also scans incoming POP3 and IMAP email messages for dangerous attachments. On the chance that your Mac might act as a carrier for non-Mac malware, it scans for Windows and Linux threats as well.
To keep you safe online, the Mac product includes Banking Protection as well as protection against malicious and fraudulent websites. You can also invoke its social media scanner to check for potentially dangerous links.
This suite's firewall aims to block malicious network attacks, and to control network usage by apps. Firewall experts can block specific services, ports, and IP addresses, but ordinary users shouldn't meddle with such firewall rules.
ESET's Parental control on the Mac is similar to what it offers for Windows, which means it's fairly limited. For each child, you can configure it to block websites matching specific categories, or just accept the default blocking categories for your child's age. It also logs attempts to reach blocked websites. That's the extent of parental control.
Security for Android
ESET Mobile Security provides a full range of expected Android security features. To get started, just install it from the Google Play Store. As with the Windows product, the installer requires that you actively choose whether to block Potentially Unwanted Applications (PUAs). PUAs are not as risky as malware, and you may have even given permission for their installation, but they tend to do annoying things, like bombard you with ads.
The installer offers a free trial of the app's premium features. These include anti-theft, automatic updates, antiphishing, scheduled scanning, and more. Don't bother with the trial, as you already have a license for the premium edition.
Activating that license is a bit awkward. You can do it by typing the registration code from the activation email, but that code is 20 characters long. There's also an option to activate using your username and password. I tried typing the username and password from my ESET account online; it failed. As it turns out, what it wants here is the random username and password assigned to you in the activation email.
ESET's antivirus component scans for malware immediately after install. Real-time protection watches for active malware. You can set up a scheduled scan, or (and this is clever) set it to scan any time it's charging.
Anti-theft isn't enabled by default, because it requires that you change your Android settings to make ESET a Device Administrator. You also must link this installation to your online My ESET account. Uninstall Protection prevents a thief from just turning off ESET.
The Proactive Protection feature snaps a screenshot after a failed unlock attempt. After a specified number of failed attempts (two, by default) a countdown starts in the background (15 seconds, by default). If the countdown finishes before the correct code is entered, the device goes into lockdown, just as if you had locked it remotely. A Good Samaritan who found your lost device could click a contact button to see your email address.
By logging in to the My ESET online portal, you can manage anti-theft remotely. When you mark a device as missing, ESET locks the device and starts monitoring, periodically sending the device's location, and snapping photos using the camera. You can trigger a loud alarm to help find a nearby device. And if you lose all hope for recovery, tapping the Wipe button erases all of the device's data.
Bitdefender Mobile Security and Antivirus (for Android) offers a similar set of anti-theft tools, but adds one unusual item. Once you pair your device with an Android Wear watch, you get a warning if you walk away leaving the device behind.
The anti-phishing component only works with browsers that support its integration. Tapping its button displays a list of supported browsers on your device. On the Nexus 9 that I used for testing, only Chrome appeared in the list. Avast Mobile Security blocks malicious sites in a wide variety of browsers.
Security Audit is disabled by default; you should turn it on. It warns if you're connected to insecure Wi-Fi, and if you've enabled debug mode, or installation of apps from unknown sources.
More importantly, Security Audit checks all your apps and reports how many of them have specific potentially risky permissions: using paid services, tracking your location, reading identity information, accessing messages, and accessing contacts. For each category, you can tap to see a list of programs. On my clean test device, only Speedtest triggered a warning—it needs to know your location to pick the closest server.
After I installed ESET's own Parental Control, described below, it triggered all five Security Audit warnings. Of course, that makes perfect sense; parental control is a kind of invasion of privacy. Note that the similar auditing feature in Norton Security and Antivirus (for Android) takes the concept to the next level, offering warnings about iffy apps before you even download them.
All of my Android test devices are tablets. On an Android smartphone, more options become available. If a phone thief changes out the SIM card, ESET can send the new SIM card details to a trusted friend that you've specified. You can also enable the device to receive remote lock, locate, wipe, and siren commands through SMS.
On a smartphone, ESET's SMS and call filtering lets you control who can call and text you. You make the rules, for specific numbers, for masked numbers, or for numbers not in your contacts list. Rules can apply to calls, SMS messages, or MMS messages. You can also set each rule to apply during specific times or date ranges. I imagine you could use this to block calls during the night but allow calls from your most important contacts.
The similar feature in Avast logs the content of blocked text messages, but just dumps blocked calls to voicemail. Bitdefender's Android app does many things, but call and text blocking isn't among its features.
The Security Audit component adds a couple entries for a smartphone. Specifically, it checks to be sure that data roaming and call roaming are not active.
Norton, Bitdefender, and Avast are our Editors' Choice products in the Android security realm. However, ESET covers most of the same features; it's a good choice for Android protection.
Android Parental Control
ESET's Parental Control app for Android is completely separate from the basic Android security app. In fact, you must use one of your licenses to activate the parental control system. However, once you've done so you can install it on as many Android devices as you wish.
Parental control on Android is significantly more feature-rich than on Windows. See my review of ESET Parental Control (for Android) for full details. I'll summarize here.
The same app that enforces the rules on a child's device can be used to make the rules on a parent's device. In fact, you can log in to the parent app from your child's device, if necessary. You can also manage and monitor the system from the My ESET console.
ESET blocks access to websites in categories you've defined as inappropriate. You can optionally have it log access to such sites without blocking them. It handles secure (HTTPS) websites, so kids won't evade its reach using a secure anonymizing proxy.
The Application Guard feature blocks the use of inappropriate apps, naturally. For apps defined as Fun & Games, it imposes a daily limit, and also lets parents define a weekly schedule for when such apps are allowed.
From the parental control home page, you can see an overview of the child's website and app usage, as well as a location map, and can click on the overviews for detailed reports. A few features work only from the app. Parental Message is perhaps the most important of these. It lets parents send a text message that locks the device until the child responds. That will teach them to ignore you!
On its own, the ESET parental control app is impressive, provided that you only need to cover Android devices. It comes close to our Editors' Choice product for Android parental control, Norton Family Parental Control (for Android).
ESET Multi-Device Security 10 lets you use a single license to install protection on your Windows, macOS, and Android devices, but it doesn't offer consistent protection across all platforms. Its Android support is the best of the lot, with a full-features antivirus and anti-theft component plus a parental control app that rivals the best. If you're an all-Android household, this could be a good choice.
On Windows, antivirus is ESET's best feature—other components like firewall and parental control don't come up to the same mark. In addition, Windows users don't get the premium features found in ESET's top-of-the-line suite. The Mac product does give you more than just antivirus, but it lacks many features found in the other platforms.
If you need top-notch security for your Windows, macOS, and Android devices, consider Symantec Norton Security Premium. You get 10 licenses for less than what ESET costs, along with 25GB of online backup storage. Don't want any limits? Your McAfee LiveSafe subscription is good for every device in your household, even iOS devices. These two are our Editors' Choice products for cross-platform multi-device security.
It may also sparkle with unusual bonus features, but the most important thing is that core components like firewall and antivirus excel at their jobs.
And therein lies the problem with Quick Heal Internet Security 17.
Its antivirus is good, but not great, and its firewall failed some tests that even Windows Firewall passes easily.
Cool features like ransomware protection and a hardened desktop for safe banking can't make up for weaknesses at the core. At $72 per year for three licenses, Quick Heal is less expensive than some of its competitors and more expensive than others.
A three-license subscription for a comparable suite from Bitdefender or Kaspersky costs $79.95. Norton gives you five licenses for that price, and McAfee lets you install protection on an unlimited number of Windows, Android, macOS, or iOS devices.
Trend Micro, TrustPort, and Webroot each cost just under $60 for three licenses. The suite's main window is laid out exactly like that of Quick Heal AntiVirus Pro 17, but it's tinted blue—the antivirus is red.
Both include panels linking to various security areas: Files & Folders, Emails, Internet & Network, and External Drives & Devices.
The suite adds a fifth panel, Parental Control.
And a panel across the bottom links to security news from the company. Shared With AntivirusThis suite includes everything from Quick Heal AntiVirus Pro 17, with enhancements in some areas.
I'll summarize my evaluation of the antivirus here.
If you want more details, please read the full antivirus review. Quick Heal is certified by ICSA Labs for malware detection.
In the latest report from AV-Test Institute, it earned 5.5 of 6 possible points in each of three tests, for a total of 16.5 points.
Bitdefender, Kaspersky, and Trend Micro Internet Security earned a perfect 18-point score in this test. Out of four tests by AV-Comparatives, Quick Heal earned the Advanced+ top rating in two, the minimum passing Standard grade in one, and the in-between Advanced rating in the other. In addition to the expected scan features, Quick Heal offers a boot time scan, a bootable Emergency Disk, and a separate antimalware scan that focuses on things like spyware and fake antivirus.
A full scan finished more quickly than the current average. When I ran Quick Heal through my own hands-on malware blocking test, it detected a very good 94 percent of the samples. However, incomplete blocking of installation meant that several malware executables reached the test system.
That dragged its overall score down to 8.5 of 10 possible points.
In my separate malicious URL blocking test, Quick Heal managed 92 percent protection, better than most. Norton blocked 98 percent here, and Avira Antivirus blocked 95 percent. Where most vendors reserve firewall protection for their security suite, Quick Heal includes it in the basic antivirus, along with an Intrusion Prevention System.
Almost every firewall passes my port-scan tests and other Web-based checks; Quick Heal did not.
I didn't see any reaction from the Intrusion Prevention System when I hit the test machine with exploits, though the antivirus component smacked down the malicious payload for almost half of them. On the positive side, I couldn't find any way that a malware coder could terminate the firewall's protection. Quick Heal offers a few other smaller features.
A browser sandbox aims to foil drive-by downloads and other browser-centered threats.
An anti-keylogger component proved ineffective in testing. Other bonuses include a privacy cleaner, USB protection, and diagnostic tools. Official AntiphishingThe Web protection component in the standalone antivirus scored better than half of its competition in my antiphishing test. However, according to my contact at the company, the antivirus technically does not offer phishing protection.
That feature is reserved for the full suite. As always, I tested Quick Heal using URLs that had been reported as fraudulent, but that were too new to have been analyzed and blacklisted.
At first, I thought maybe the antiphishing component wasn't turned on, because I saw the same warnings from Browser Protection that I had seen with the antivirus.
It took a while before I encountered a page that triggered Phishing Protection instead.
In fact, of all the fraudulent URLs blocked by Quick Heal, only a quarter were blocked by Phishing Protection. When I tallied up the results, I got a surprise.
Despite being tested almost two weeks apart, with completely different phishing URLs, the antivirus and the suite scored the same, at least in relation to Symantec Norton Security Deluxe.
The detection rate for both was 32 percentage points lower than Norton's. The differences between Quick Heal and the protection built into Chrome, Firefox, and Internet Explorer varied between the two tests, but the difference from Norton is what I focus on.
Few products come close to Norton's antiphishing accuracy and only a very few manage to beat Norton.
Bitdefender, Kaspersky Internet Security, and Webroot are the only recent products that have beaten Norton in this test. Anti-RansomwareRansomware is a huge and growing problem. Malware coders get a great return on investment from ransomware, because some victims pay them off with cold, hard cash. Quick Heal includes a one-two punch to protect against ransomware, but it works so silently that I didn't even notice it was included in the antivirus. Quick Heal backs up essential files and documents periodically, working in the background without bothering the user.
It also includes a special detection component that watches for activity suggesting a ransomware attack, one that got past the antivirus.
I couldn't see this feature in action, because the antivirus whacked all my ransomware samples, and turning off real-time antivirus also turned off ransomware detection. There's no sign of the silent backup, except for a strangely-named folder in the root directory of the drive with the most space available.
At present, there's no direct way for the user to recover these files—ransomware recovery requires contacting tech support.
A more interactive mode is planned for future releases. See How We Test Security Software Simple Spam FilterThe antispam component in some suites is just bristling with configuration settings.
Check Point ZoneAlarm Extreme Security 2017 lets you tweak sensitivity for various categories of spam. McAfee offers five levels of spam-filtering sensitivity. With Trend Micro, you can block messages written in languages that you don't speak, and have spam automatically removed from your webmail accounts. Quick Heal keeps things simple.
Its spam filter just handles POP3 email, not IMAP, Exchange, or Web-based email.
The spam filter is officially compatible with Microsoft Outlook Express 5.5 and later, Microsoft Outlook 2000 and later, Netscape Messenger 4 and later, Eudora, Mozilla Thunderbird, IncrediMail, and Windows Mail. However, since it marks spam messages in the subject line, it seems to me that you could use it with just about any email client. A simple plugin for Outlook and Eudora helps you whitelist known good contacts and blacklist spammers. You can also manage the whitelist and blacklist from within the program.
Finally, you can accept the Moderate filtering level, or you can choose Soft or Strict filtering.
The company recommend recommends the Moderate level.
And that's the extent of spam filtering in Quick Heal. Most users totally ignore detailed antispam configuration, so this simplicity is a good thing. Basic Parental ControlParental control in this suite covers the basics, but not much more. You can configure settings for all users, or configure it separately for each Windows user account. Quick Heal's content filter allows or blocks content in 42 categories; a somewhat awkward list lets you see just five categories at a time. You can choose from one of five age ranges to automatically select appropriate categories.
In addition, you can list specific websites that should always be blocked, or always allowed. Parents can set a weekly schedule of times when the child is allowed online, in one-hour increments.
The weekly grid is decidedly more convenient than the awkward day-by-day control found in McAfee Internet Security.
A similar grid lets you schedule overall PC access for each child. You can optionally set a daily time limit, in one-hour increments, rather than a specific schedule.
But you can't set both a schedule and a time limit the way you can with Kaspersky, BullGuard, and a few others. Quick Heal can optionally block access to programs matching 10 predefined categories, among them Email Clients, File Sharing Applications, and Media Players. You can also pick out specific individual program for blocking. I set up restrictions for an imaginary child and put this system to the test.
The time-control feature lets the child know when time is running out, with a warning to save all work and quit.
Tweaking the system date and time didn't fool the scheduler.
I couldn't get around program control by copying or renaming a banned file; all I got was "Access Denied." And the three-word network command that neuters some less clever parental control systems had no effect. I verified that the content filter is browser-independent by trying to visit naughty sites using my hand-written browser.
The page that replaces a blocked site reports the category that triggered the block.
There's no automated system to ask parents for an exception like you get with Norton.
It just advises the child to contact parents for permission. I didn't find any inappropriate websites that got past the filter. However, Quick Heal is hyperactive when it comes to content filtering.
In addition to checking each page the browser visits, it checks third-party content, ads and such, and pops up a notice saying "Access to website is blocked" even when it just blocked some third-party content.
Visiting PCMag.com triggered a deluge of warnings on categories including Travel, Downloads and Sharing, Advertisements and Pop-ups, and Social Networking. I also tried surfing to innocuous sites, with some unexpected results. Puppies.com was blocked for the category Crime and Violence, and Dogs.com for Fashion and Beauty.
It seems the content filter may be a little overenthusiastic. As for parental reporting, you get both too little and too much when you click Reports and select Parental Control from the list.
For every single URL that parental control blocked, there's a line with the date, time, and user account name, but not the URL itself. You may see 10 or more lines in a row with the same timestamp, indicating that Quick Heal blocked many different third-party links on a single page. The report also lists events such as attempts to launch a banned application, or attempts to log in during a time when computer use isn't permitted. What it doesn't include is the actual URLs that the content filter blocked.
If you want to see those, you first double-click one item, thereby bringing up a painfully detailed report on that specific item. You can now tediously page through the entire list one item at a time. Quick Heal's time controls do work, and kids can't fool its application control.
I found its content filter to be overzealous, blocking valid sites.
And the report it generates is so awkward as to be nearly useless.
If you actually need a parental control component in your suite, consider Norton, Bitdefender Internet Security 2017, or Kaspersky Safe Banking and Secure BrowserSimilar to Bitdefender's SafePay feature, Safe Banking is a separate, hardened desktop intended to prevent any interference or spying on your financial transactions.
As with SafePay, you can switch back and forth to the regular desktop.
SafePay kicks in automatically when Bitdefender detects that you're visiting a financial site; you must launch Safe Banking manually. There are other differences. With Bitdefender, the hardened desktop comes with a hardened browser based on Chrome. Quick Heal's Safe Banking includes taskbar icons to launch Chrome, Firefox, and Internet Explorer (assuming they're installed), using each browser's high-privacy mode.
It relies on Google's secure DNS servers to foil DNS-spoofing attacks.
And it blocks access to secure sites whose SSL certificates aren't valid. Safe Banking is designed to foil keyloggers, but for the truly paranoid it also includes a virtual keyboard.
To test it, I installed a popular free keylogger and examined what it captured in the unsecured desktop and in Safe Banking.
It clearly prevented capture of keystrokes and screen images. However, even though I disabled the option to copy/paste between desktops, the keylogger still captured text that I copied while using Safe Banking. The Secure Browser option isn't as fancy a feature.
It simply lets you get the benefits of the Browser Sandbox in a one-off browser window, rather than forcing all browser windows to use the sandbox feature.
As with the full Browser Sandbox, a glowing green border identifies the protected browser window. Small Performance HitIf your security suite puts a noticeable drag on system performance, you might be tempted to turn it off, which would be a bad idea.
Fortunately, most modern suites only have a minor effect on system performance.
Even so, there's a good bit of variation, so I run several hands-on tests to measure each suite's performance hit. My boot time test script assumes that the system is ready for use once 10 consecutive seconds pass with no more than 5 percent of CPU usage.
Subtracting the start of the boot process, as reported by Windows, yields the boot time.
I average many tests with a suite-free system to get a baseline.
Then I install the suite and run another round of tests.
Boot time rose by 10 percent with Quick Heal installed, but that's 10 percent of about a minute, so not much. On-access scanning necessarily requires that the antivirus keep an eye on file operations, and this can occasionally slow down everyday actions like moving and copying files.
For testing, I average many runs of a script that moves and copies a ton of files between drives, comparing the average before and after installing the suite.
This script took 44 percent longer with Quick Heal active.
That's well above the current average of 25 percent. On the other hand, I couldn't measure any impact on the time required to run a script that zips and unzips the same file collection. In testing, I didn't notice any slowdown.
Even so, other suites have exhibited a substantially less impact. Webroot SecureAnywhere Internet Security Plus and Norton had no measurable effect in the boot time and zip/unzip tests. Webroot also didn't slow the file move/copy test. Fails to ExcelWhen looking for a security suite, you want one in which every component (or at least the components you plan to use) excels at its job. Quick Heal Internet Security 17 isn't that suite. While it has some unusual bonus features, its antivirus is merely good, its firewall failed some basic tests, and its parental control system does only the minimum. Kaspersky Internet Security consistently ranks at the top with antivirus testing labs, and it includes an intelligent firewall and unusually complete parental control.
Bitdefender Internet Security is also a darling of the labs, with effective core components, and it goes beyond the basics with a bunch of useful bonus security features.
These two are our Editors' Choice products for entry-level security suite—either would be a good choice. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
The 2017 edition of Symantec Norton Security Deluxe continues a long tradition of top-notch security, as confirmed by independent labs and my own hands-on testing and evaluation.
Installed in Windows, it's a top-tier security suite, and Mac users also get a suite, not just an antivirus.
As for the Android edition, it's an Editors' Choice.
Support for iOS is pretty limited, but that's typical. Overall, the suite is excellent, but it's just shy of an Editors' Choice award. A $79.99 per year Norton subscription lets you install Norton's security products on up to five Windows, Android, macOS, or iOS devices. Webroot charges the same for five licenses, while Trend Micro lists for $89.95.
For about the same as Trend Micro's price, you can install McAfee's top-level security software on all the devices in your household. Oh, and for that rare individual who just has one device, Norton Security Standard protects a single PC or Mac for $59.99 per year. You'll find that all of these prices are frequently discounted, sometimes deeply. As with many cross-platform multi-device suites, Norton's online console is central to managing and installing protection. You start by creating your account and entering your license key.
At that point you can download and install Norton Security for your Windows system. You can also extend protection for up to four other devices.
I'll go into detail about protection on other platforms later in this review. Appearance-wise, there's not much change since last year.
The main window still features four panels devoted to Security, Identity, Performance, and More Norton.
Clicking a panel slides down the whole panel row, revealing additional icons related to the panel you clicked.
For example, when you click Security, you get icons for Scans, LiveUpdate, History, and Advanced. Most of the new developments are invisible. New Protection LayersKeeping up with the very latest malware innovations requires expertise, study, and analysis. Having researchers perform that analysis can take too long, so a couple of years ago Symantec launched an initiative focusing on machine learning.
According to my Symantec contact, the team "consists of 10 PhDs and two research Engineers from top schools, with combined 100+ years of experience in applied machine learning." That's quite a brain trust. Symantec has always taken a layered approach to system protection.
At the network level, Norton fends off attacks and blocks contact with malicious websites.
If a malicious file makes it onto your disk, the antivirus scan may wipe it out. Other factors such as file prevalence and behavior-based blocking come into play. The current product line adds several new layers to the protection mix. Proactive Exploit Protection actively prevents exploit techniques such as heap spray and ROP (Return Oriented Programming).
Threat Emulation handles malware that has been encrypted, packed, or obfuscated by running it in a controlled environment and evaluating it after it self-decrypts, much like Check Point ZoneAlarm Extreme Security 2017's similar feature.
And a predictive machine-learning algorithm aims to catch even the freshest and most innovative malware. These new layers aren't visible to the user (or even the expert).
But they help Norton keep malware out of your system. Shared AntivirusAfter a brief hiatus, Symantec again offers antivirus product, Symantec Norton AntiVirus Basic.
Feature-wise, the suite's antivirus protection is identical. However, where users of the standalone antivirus must rely on FAQs and forums for support, the suite adds a full range of tech support, and a Virus Protection Promise—if Symantec's tech support agents can't rid your system of pesky malware, the company will refund your money.
But as far as features go, the suite's antivirus protection is identical. Read my review for all the juicy antivirus details. Norton doesn't participate with all of the independent testing labs that I follow, but those that do include it give it high marks.
In the three-part test performed by AV-Test Institute, it got top marks for malware protection and low false positives, though it slipped in performance, taking 5 of 6 possible points.
Its total of 17 points is good, but Trend Micro Maximum Security, Bitdefender, and Kaspersky managed 18 of 18 possible points in the latest test.
There's nothing second-rate about a perfect AAA rating from Simon Edwards Labs, though.
And Norton is one of a very few products to pass two tests performed by MRG-Effitas.
Its aggregate lab score, 9.7 points out of a possible 10, beats all others except Kaspersky Total Security. Norton also did very well in my own hands-on tests.
Its detection rate of 97 percent and malware-blocking score of 9.7 are among the best, though Webroot did manage a perfect 10 points. When I tested Norton with 100 very recent malware-hosting URLs, it blocked 98 percent of the malware downloads.
In some cases, its Web-based protection kept the browser from even visiting the malicious URL, but mostly the Download Insight feature eliminated the malware payload. Only Avira Antivirus Pro 2016 has done better in recent tests, with 99 percent protection. I use Norton as a touchstone for measuring antiphishing success, reporting the difference between the tested product's protection rate and Norton's. Webroot, Bitdefender Internet Security 2017, and Kaspersky are the only recent products that have done better than Norton.
And of course it's significantly more accurate than the phishing protection built into Chrome, Firefox, and Internet Explorer. Other Shared FeaturesDespite the word Basic in its name, Norton's standalone antivirus offers a lot more than just the basics.
It doesn't include full firewall functionality, but in testing, its Intrusion Prevention component did an impressive job blocking exploit attacks, stopping them at the network level and identifying many of them by name. You'll also find a complete antispam component that filters POP3 email accounts and integrates with Microsoft Outlook. A Norton Insight scan lists all the files on your computer, along with the trust level for each, prevalence among Norton users, and impact on system resources.
The antivirus scanner uses Norton Insight results to avoid scanning known and trusted files.
The Norton Safe Web browser extension uses red, yellow, and green icons to flag safe, iffy, and dangerous links in search results. You can click through for a full report on just why a given site got the rating it did. The Symantec Norton Identity Safe password manager is free for anyone to use, but having it integrated with your Norton protection is convenient.
It handles all basic password manager functions and syncs across all your devices, though it lacks advanced features like two-factor authentication and secure password sharing. Several of the shared features aim to improve your system's performance. Using the startup manager, you can reversibly disable programs from launching at startup, or set them to launch after a delay.
The File Cleanup tool wipes temporary files that waste space.
There's even a disk defragger, in case you don't have Windows optimizing disk fragmentation in the background. See How We Test Security Software Intelligent FirewallAs noted, the standalone antivirus includes a powerful Intrusion Prevention tool, a feature more commonly associated with firewall protection. With the suite, you get a complete two-way firewall. The built-in Windows firewall completely handles the task of stealthing your PC's ports and preventing outside attack.
Any firewall that aims to replace the built-in needs to do at least as well. Norton passed my port-scan and other Web-based tests with flying colors. What you don't get with the Windows firewall is control over how programs access the Internet and network.
Don't worry; Norton won't bombard you with confusing queries about what ports and IP addresses a given program should be allowed to access.
It handles such matters internally, automatically assigning network permissions to the vast number of known and trusted programs in its online database. When Norton encounters an unknown program attempting Internet access, it cranks up the sensitivity of its behavior-based malware detection for that program, and keeps an eye on its connections.
If the program misbehaves, Norton cuts its connection and eliminates it.
This isn't quite the same as the journal and rollback technology that McAfee and Webroot SecureAnywhere Internet Security Complete apply to unknown programs, but it's effective. I always do my best to disable firewall protection using techniques that would be available to a malware coder. Norton doesn't expose any significant settings in the Registry, so that route is out.
Both of its processes resist termination.
And its single Windows service can't be stopped or disabled.
It's worth noting that this isn't always the case.
I completely disabled all processes and services for ThreatTrack Vipre Internet Security Pro 2016, for example.
And while the majority of McAfee's 14 processes and 13 services resisted attack, quite a few succumbed. Excellent Android ProtectionNorton's standalone antivirus is PC-specific. With the suite, you can cover your Mac, Android, and iOS devices as well.
Click More Norton in the program's main window, then click the Show Me How button to get started.
Sign in to your Norton account and enter the email address used on the device you want to protect. Unlike the similar feature in McAfee LiveSafe, you don't have to choose the platform.
Clicking the emailed link on the device automatically selects the proper download. On an Android device, you get Norton Security and Antivirus (for Android).
Along with Bitdefender Mobile Security and Antivirus, this product is an Editors' Choice for Android security. Please read our review of that product for a deep dive into its features.
I'll summarize here. Note that the Android app has gotten a significant user interface redesign since our review, and more new features are due in the coming weeks. Immediately after installation, the antivirus runs an update and a scan. You also must activate the app for Device Administration in order to make use of its anti-theft features, and give it Accessibility permission so it can scan apps on Google Play. Norton scans for malicious and risky apps, as expected. More interestingly, its App Advisor works inside Google Play, checking every app you tap and reporting the risk level.
Tap the small notification at the bottom to see details of App Advisor's findings. Norton's extensive set of anti-theft features can be triggered either by logging in to the Web console or by sending coded SMS commands. Naturally you can use it to locate, lock, or wipe the device, and the scream feature helps find a misplaced device at home. When you lock the device, it displays a contact message of your choice, so someone who finds your lost device can arrange to return it. The Sneak Peek feature lets you remotely (and silently) snap a photo of whoever is holding the device. When you lock a lost or stolen device, it automatically snaps a photo every 10 minutes, and reports its location every five minutes. You can also remotely back up your contacts before resorting to the Wipe command, which performs a factory reset. There's a link to install the free separate App Lock app, and another to install a trial of the Norton WiFi Privacy VPN (Virtual Private Network).
It offers call blocking on Android smartphones.
And you can extend protection to another device directly from within the Android app. Suite for macOSIt's fairly common for multi-platform suites to give macOS short shrift, but Norton doesn't follow that trend. Norton Security on a Mac is a full security suite, not just antivirus. My Norton contacts say that the definition file size is down by two thirds in the current edition, which means faster scans and lower memory usage. As expected, the antivirus component scans files on access, on demand, and on schedule.
It can also scan inside ZIP files.
The full-scale firewall blocks dangerous network connections and controls how programs access the network.
The related Vulnerability Protection feature blocks port scan attacks and attacks attempting to exploit system vulnerabilities. Norton's Safe Web website reputation monitor installs in Chrome, Firefox, and Safari, marking up search results and optionally blocking access to dangerous sites, just as with the Windows edition. Phishing protection is likewise parallel to what you get with Windows. The File Guard feature aims to protect your most important files from unauthorized modification. You can set it to guard up to 250 specific files.
It doesn't protect an entire folder the way Trend Micro's Folder Shield or Bitdefender's Data Shield do.
Files under guard can't be opened, moved, copied, or deleted. You can optionally let system processes like Finder and Spotlight manage guarded files.
If you want to manipulate or modify a file that's under guard, you simply enter your password in the popup notification. Find Your iOS Devices You may want to think twice about using up one of your five licenses to protect an iOS device, as the feature set on iOS is seriously limited. Norton does offer to back up your contacts, just as it does under Android. You can use the Web portal to locate your iOS device.
And you can trigger a loud alarm to help find a nearby device.
Is it under the sofa? Or in that scruffy guy's backpack? But that's the extend of anti-theft. You can't lock or wipe the device, and you certainly can't snap a sneak peek photo. The iOS version does offer one unusual feature.
As long as you're using a device with microphone and speakers, say, a laptop or another mobile device, you can make an Internet call to the lost or stolen device. Note, though, that this won't work if the device is locked with a PIN or passcode. That's the extent of mobile security on iOS devices. No Performance WorriesAround 10 years ago, Norton had a reputation for being a resource hog, offering security at the expense of performance.
The developers quashed that reputation by spiffing up the suite's performance, and they continue to work toward less and less performance impact. I check performance using three tests that measure boot time, the time to move and copy a ton of files between drives, and the time to zip and unzip that same collection of files.
I average the results of multiple tests with no suite installed, then install the suite and average another round of testing. Norton's results were outstanding, quite a bit better than last year's.
They were so outstanding that, just to be sure, I uninstalled the product and repeated the whole process.
The results were the same within a few percent. Norton had no measurable effect on the boot time test or zip/unzip test.
The file move and copy test took 16 percent longer with Norton watching over the test system, well below the current average of 24 percent.
It's pretty clear that you don't have to worry about Norton dragging down your system's performance. Overshadowed by PremierAntivirus protection in Norton Internet Security Deluxe is excellent, with very high marks in my hands-on tests and in independent lab tests.
Its phishing protection is so good that I use it as a touchstone for evaluating other products.
Add a self-sufficient, tough firewall and a straightforward antispam tool and you've got a fine suite for your Windows devices. Norton's Android security product is an Editors' Choice, and it offers more under macOS than many.
Granted, it doesn't do a lot on iOS devices, but they do tend to need less protection. The main reason this product isn't an Editors' Choice for cross-platform multi-device suite is that its big brother, Norton Internet Security Premier, is significantly better.
For just $10 more, Premier gets you twice as many licenses, plus some significant added features.
It's a seriously better deal, well worth an Editors' Choice. Our other top pick in this category, McAfee LiveSafe, doesn't offer quite the stellar protection that Norton does, but a single subscription lets you install protection on every device in your household. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: n/a Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
The plus sign in the name of Trend Micro Antivirus+ Security refers to the fact that it includes spam filtering and a firewall booster component, items more commonly seen in full-scale security suites.
It earns great scores in all of our hands-on tests, though not all of the independent labs give it top ratings.
It's definitely worth your consideration. This product costs $39.95 per year for a single computer, a price that seems to be the standard these days. You pay the same for Bitdefender Antivirus Plus 2016, Webroot SecureAnywhere AntiVirus, and many other competing products. During installation, you must create or log in to your Trend Micro account online.
This account lets you manage your subscriptions and even view security reports remotely.
Immediately after installation, it prompts you to enable the Folder Shield ransomware protection component; more about that shortly.
It also installs browser extensions for Chrome, Firefox, and Internet Explorer. The main window's lively, quirky appearance hasn't changed since the previous edition.
A large, round Scan button dominates the squarish window, and icons across the top represent Device, Privacy, Data, and Family (though clicking Family just gets you an invitation to upgrade to the security suite).
The icons bounce as you mouse over them.
If that's not lively enough for you, you can change the background of the window's top half to any of eight predefined skins, or use a photo of your own, perhaps that selfie you took at the Insane Clown Posse concert. Ransomware ProtectionMalware coders are in it for the money, and distributing ransomware is a great way to rake in cash.
It's an instant payoff, not like using a Trojan to steal credit card numbers and sell them cheaply on the black market. New in the latest Trend Micro antivirus is a strong focus on ransomware protection. Most PC-based ransomware focuses on encrypting your essential documents and making you pay to get the decryption key.
The new Folder Shield component foils such attacks by preventing any unknown application from modifying documents in its protected folder.
By default, it protects the Documents folder and all of its subfolders.
If you habitually keep important documents in other folders, consider moving those folders into the Documents folder.
A similar feature in Panda's suite protects multiple folders, but that feature isn't included in Panda Antivirus Pro 2016. I tried to test this feature with a real-world ransomware sample, but the antivirus wiped it out. When I turned off antivirus protection, I found that doing so also turned off Folder Shield.
I created my own simple-minded file-encryption tool and tried to encrypt files in the Documents folder, but even that was blocked by the antivirus component due to its malware-like behavior.
Finally, I wrote a tiny text editor and tried to use it to modify protected files.
Folder Shield kicked in to warn that an unknown program was attempting to open protected files.
It works! I also found in my testing that ransomware samples got called out specifically, instead of the generic "Threat Detected" warning. Likewise, ransomware-hosting websites were identified as such. Trend Micro has also set up a ransomware hotline that even non-customers can call on for help.
The information page includes links to ransomware-removal utilities. One type defeats ransomware that simply locks the screen so you can't use the computer.
The other type decrypts files encrypted by some (but not all) older file-encrypting ransomware. Mixed Lab ResultsMost of the independent antivirus testing labs that I follow include Trend Micro's technology in their testing, and some of them rate it quite highly.
AV-Test Institute scores antivirus products on protection, performance, and usability, with that last category meaning a low rate of false positives.
A product can earn up to six points in each category, for a maximum total of 18.
Trend Micro took 5.5 for protection, 6.0 for performance, and 6.0 for usability.
Its total score of 17.5 makes it a "top product." Only Kaspersky Anti-Virus did better in the latest test, with a perfect 18 points. I follow five of the many tests performed regularly by the diligent researchers at AV-Comparatives.
A product that passes one of these tests earns Standard certification; those that go above and beyond can earn Advanced or Advanced+ certification.
Trend Micro participates in three of these five tests.
It took an Advanced rating in two malware-detection tests and Standard in a test of performance. (In a more recent priate test commissioned by Trend Micro, that performance score improved.) Bitdefender and Kaspersky managed Advanced+ in all five tests. The grueling real-world antivirus testing performed by Simon Edwards Labs requires a lot of time and resources, and necessarily includes fewer products.
Trend Micro is among those few, and it earned an impressive AA certification. Norton, ESET NOD32 Antivirus 9, and a few others took this lab's top rating, AAA. Earlier this year I added MRG-Effitas to the list of labs that I follow.
I particularly look at a test specific to banking Trojans and another that's meant to cover all kinds of malware.
These tests are a bit different, as the majority of products fail the all-kinds test, and fail or receive partial credit for the banking Trojans test.
Trend Micro failed both, but due to the pass-fail nature of the test I don't give this lab's results as much weight in my aggregate rating. Very Good Malware BlockingTrend Micro performed significantly better in my hands-on tests than it did with some of the labs. When I opened the folder containing my current sample collection, it quickly eliminated 68 percent of them. Rather than display multiple popups reporting its discoveries, it showed the total number of samples found in a single popup, with a link to view details. Normally I launch the samples that remain after this initial onslaught, selecting three or four at a time for processing and deleting the rest.
I was surprised to discover that Trend Micro caught a number of files as I was deleting them.
I reverted the virtual machine to an earlier state and copied the surviving files to a new folder, at which point the antivirus wiped out another 26 percent, for a total of 94 percent eliminated before ever being launched.
Trend Micro's overall detection rate was 97 percent, and it scored 9.7 of 10 possible points, just as Norton did.
Tested with this same collection, Webroot SecureAnywhere AntiVirus earned a perfect 10 points. While wiping out malware files from your PC is good, keeping them from ever landing on the PC is even better.
To test the product's ability to keep users from accidentally downloading malware, I challenged it with a collection of very recent malware-hosting URLs supplied by MRG-Effitas.
For each URL, I noted whether Trend Micro blocked access to the URL, eliminated the downloaded malware, or did nothing.
I kept at it until I had recorded data for 100 malicious URLs. Trend Micro blocked 89 percent of the malware downloads, the vast majority by replacing the dangerous page in the browser with a big warning.
In a couple of cases, it specifically identified the site as hosting ransomware.
This score is quite a bit better than the current average of 69 percent.
Avira Antivirus 2016 holds the top score in this test, with 99 percent protection, and Norton managed 98 percent. As a false-positives sanity check, I install 20-odd PCMag utilities and note any reaction from the antivirus.
Folder Shield did quite reasonably warn about one utility that creates a database in the Documents folder. Otherwise, Trend Micro kept mum…except in one case.
Its heuristic analysis actively identified one of the utilities as malware, and deleted it. Looking back at the independent lab tests, I noted that Trend Micro lost points for false positives in one test by AV-Comparatives, too. Excellent AntiphishingPhishing URLs are actually more insidious than URLs that host malware.
These frauds masquerade as PayPal, eBay, bank sites, even online gaming sites, and try to trick you into entering your login credentials.
If you do, you're hosed.
The fraudsters can clean out your bank account, or steal your level 110 Paladin.
And as soon as they've scammed a few people, they take down the site and pop up another. To test phishing protection, I gather hundreds of reported phishing URLs, ones too new to have been analyzed and blacklisted.
I launch each one simultaneously in five browsers, one protected by the product under evaluation, one by antiphishing leader Symantec Norton AntiVirus Basic, and one each by the built-in protection in Chrome, Firefox, and Internet Explorer. Because the URLs are necessarily different for every test, I report results not as the raw detection rate but as the difference between the product's detection rate and that of Norton and the browsers.
Trend Micro lagged just two percentage points behind Norton and handily beat all three browsers.
It's right up there in the winner's circle. See How We Test Security Software Web and Social MarkupMany people these days get their news via Facebook or other social media.
Friends post links, Facebook suggests links, and you click, click, click.
But what if the link is bogus? What if your friend's social media account were taken over by a hacker? What if a clueless friend unknowingly shared a malicious site? Trend Micro has you covered.
By default, it automatically highlights links in social media: green for safe, yellow for iffy, red for dangerous, and gray for untested.
If the link isn't green, don't click it! Each link also displays a small icon. Pointing to the icon gets a popup that explains the rating, but there's no link to a detailed report online such as you get from Norton. The browser extension also rates links in popular search engines. You can optionally enable it to rate links on any webpage when you hover the mouse over a link. Firewall BoosterTrend Micro doesn't include a firewall component as such in its security suite products, but the suites and antivirus all offer a component called Firewall Booster.
This component specifically aims to detect botnets. In the past, I've found no way to see the booster in action.
This time I got a little help from my Trend Micro contacts.
They supplied a file that the booster detects as the Nimda worm, though it's actually innocuous.
I used network tools to send the file to the test system, and, sure enough, I got a Network Threats Blocked popup. I also ran my exploits test, figuring those might also trigger a response from the Firewall Booster (even though my Trend Micro contacts said they would not).
Indeed, I got no reaction from the booster component, but the regular Web-protection system blocked access to over half of the exploits. Norton's Intrusion Prevention System blocked nearly two-thirds of these at the network level, identifying many by name. Spam FilterThese days, most consumers get their spam filtered by the email provider.
It's gotten to the point where some vendors are considering dropping the antispam component from their security suites.
Bucking that trend, Trend Micro includes antispam in the standalone antivirus product. The spam filter integrates with Windows Mail, Windows Live Mail, and Microsoft Outlook (2003-2016).
Since all of this component's configuration takes place in the toolbar it installs, you simply can't use it with a different email client.
It filters POP3 and Exchange email, but not IMAP. The first time you launch your email client after enabling the spam filter, it offers to import your contacts into its whitelist, so their messages will never be blocked.
By default, it whitelists any address to which you send mail. You can also manually import contacts into the whitelist at a later time. The main page of this component's settings dialog features a big slider for spam filter sensitivity. Most users should leave it set to the default Medium setting.
If you wish, you can enable the Link Filter feature, which discards messages containing dangerous links. On the Blocked Languages tab, you can set the filter to discard messages written in any language you don't speak. A Definite PlusWhile Trend Micro Antivirus+ Security didn't earn top scores with all of the independent labs, it scored very well in all of my hands-on tests.
Its ransomware protection doesn't go as far as Webroot's, which claims the ability to reverse encrypting ransomware after the fact, but it should be effective.
If ransomware has you in a panic, and especially if you also need spam filtered from your email, this is an excellent choice for antivirus software. Even so, I'd suggest you consider our Editors' Choice products in this area.
As noted, Webroot SecureAnywhere Antivirus also handles ransomware, and it's the tiniest antivirus around.
Symantec Norton AntiVirus Basic, back after a two-hear hiatus, is a dependable favorite. McAfee AntiVirus Plus costs a little more, but protects all of your devices, not just one.
Bitdefender Antivirus Plus and Kaspersky Anti-Virus and both score top marks with the independent labs across the board. Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
That left me needing to repeatedly explain to software conspiracy theorists why Norton didn't show up in my roundup of the best antivirus products.
Apparently those commenters and I weren't the only ones who missed the antivirus, as Symantec has brought it back, very successfully. Norton AntiVirus Basic is a winner. With a list price of $39.99 per year to protect one computer against malware, Norton AntiVirus Basic is more expensive than some of the company's other products on a per-device basis, but it's completely in line with its standalone antivirus competition.
Symantec Norton Security Premium, on the other hand, protects up to 10 devices for $89.99 per year, and includes 25GB of hosted online backup. Note that AntiVirus Basic is currently on sale for half its list price. I asked my Symantec contact why the company decided to bring back a standalone antivirus tool. "We saw there was a need for a low-cost, robust, PC-focused solution," he answered. "This need is not adequately addressed by freeware.
This product is primarily aimed at the value-oriented, tech-minded user who may already have a firewall, backup system, and so on." He went on to point out that Norton AntiVirus Basic offers the same enterprise-grade protection found in the suite. The suite offers full-scale tech support, with a guarantee that support agents will do everything necessary to keep your system virus-free, or your money back.
That guarantee doesn't come with Norton AntiVirus Basic, however.
In fact, tech support for this product is limited to self-help and community forums.
That's probably fine for the value-oriented, tech-minded customer mentioned above, but it is one drawback to the product. Note that Norton AntiVirus Basic isn't yet available in all markets.
If you're in Australia, Canada, France, Germany the US, or the UK, you can get it.
If you're elsewhere, you may have to wait a bit. Quick Install, Intensive ScanWhen you launch the Norton installer, it downloads the very latest version of the software, including the latest antivirus definitions.
I like that. Why doesn't every antivirus install the latest definitions, rather than prompting the user to update after installation is finished? Once Norton is installed, it is totally ready to go. Well, almost.
A little while after the installation, you get a prompt to enable the Norton extensions in your browsers.
I'll talk more about the extensions themselves later on. Norton walks you through the process of installing the extensions, with explanatory panels and animated arrows. The main window itself is laid out much like the Norton suite, with four big buttons across the bottom and a panel above that reflects your security status.
If the green You Are Protected notification changes to You Are At Risk in red, just click the Fix Now button to set things right. A full scan of my standard clean test system took almost an hour and a quarter, whereas the average scan time for recent products is about 45 minutes.
It was thorough, for sure, checking more than 250,000 items.
I also ran a Norton Insight scan, which found 88 percent of the files on this system to be among those that should be trusted, not scanned.
A repeat of that full scan took just 10 minutes. This product includes Norton Power Eraser, a more aggressive scanner that aims to root out really persistent malware.
If you think the regular scan may have left something behind, a scan with Norton Power Eraser should fix it. Excellent Lab ResultsSymantec doesn't submit the Norton antivirus to all the labs I follow, but those that do include it in testing give it excellent marks. Like Kaspersky Anti-Virus (2017), Symantec doesn't participate in certification testing by ICSA Labs. Neither of these two have been rated in Virus Bulletin's RAP (reactive and protective) test lately, either. AV-Test Institute rates antivirus products on protection against malware attack, low performance impact, and minimal false positives, assigning up to six points in each of the three areas.
Symantec aced the protection and false positive components of the tests but lost a half-point in performance, for a total of 17.5. Kaspersky managed a perfect 18 in this test, while Bitdefender Antivirus Plus 2016 slipped to 17 in the latest report. I track five of the many tests regularly performed by AV-Comparatives.
Bitdefender and Kaspersky earned the top rating in all five of these tests.
Due to a long-standing disagreement over testing methodology, Symantec doesn't participate in this lab's testing. However, it received AAA certification, the best of five certification levels, from Simon Edwards Labs. Kaspersky also rated AAA, as did a few others. This year I've added a pair of tests by MRG-Effitas to my collection. One specifically focuses on banking malware, the other on the whole range of malware.
The majority of products simply fail these tests.
Symantec, Kaspersky, ESET, and Webroot SecureAnywhere AntiVirus (2016) are the only products that passed the banking malware test.
In the full-range test, products earn Level 1 certification if they completely prevent installation of every malware sample, or Level 2 certification if they remediate all malware infestations within a set time. Nobody got Level 1 certification in the latest round of testing. Kaspersky, Symantec, and Webroot were among the very few that managed Level 2 certification. Overall, Symantec's lab results beat out most competing products. With three labs reporting, my aggregate calculation yields a score of 9.7 points, out of a possible ten.
See the chart linked above for details. Kaspersky tops this chart, with 9.9 points for testing by four labs. Excellent Malware BlockingIn addition to closely following reports from the independent testing labs, I also run my own hands-on tests.
If my results don't jibe with the labs, I give the lab results more weight.
In this case, I didn't have to, as Norton performed equally well in my tests. For most products, my malware blocking test begins the moment I open the folder that contains my collection of malware samples.
The minor file access that occurs when Windows Explorer checks the file's details is enough to trigger on-access scanning.
Indeed, Norton eliminated 52 percent of the samples at this point.
That's actually on the low side. Kaspersky wiped out over 70 percent on sight, and Emsisoft Anti-Malware 11.0 caught over 80 percent. However, when I started launching the samples that survived that initial massacre, Norton proved its worth.
In almost every case, it either blocked the malware from launching or caught it based on behavior and completely reversed the malware's effects on the system. With 97 percent detection and 9.7 of 10 possible points, Norton scored very well. Webroot took the brass ring on this test, with a perfect 10 points. The samples in my malware-blocking test necessarily remain the same for many months, because it takes me weeks of work to prepare a new set.
For another view of each product's protective ability, I try to launch malware-hosting URLs from a feed supplied daily by MRG-Effitas.
I note whether the product diverted the browser away from the dangerous URL, wiped out the malware during or right after download, or sat idly without doing anything useful. I keep at this test until I accumulate data for 100 verified malicious URLs. Norton demonstrated excellent protective abilities, blocking fully 98 percent of the malicious downloads.
In most cases, the Download Insight component did the job, quite visibly.
It interrupted the download for known malware, but in many cases it performed on-the-fly analysis after the download, which identified the file as malicious. Only Avira Antivirus Pro 2016 has scored better here, with 99 percent protection, all by fending off the malware-hosting URL completely. Excellent Phishing ProtectionFor many years, Norton's browser extension has done a great job protecting users from phishing websites, fraudulent sites that try to steal login credentials by masquerading as PayPal, eBay, banks, and so on.
In fact, when I test antiphishing solutions, rather than give them a straight percentage rating I report on how their detection rate compares with Norton's. For this test, I set up five browsers, one protected by the product under test, one by Norton, and one by the built-in antiphishing components in Chrome, Firefox, and Internet Explorer.
I scrape the Web for the newest reported phishing sites, as much as possible using sites too new to have been blacklisted.
I do this because phishing sites are ephemeral.
By the time they're blacklisted, they may well be gone. Norton, like all the best phishing fighters, uses real time analysis to supplement its blacklist. I launch each one in all five browsers simultaneously.
If any of the browsers displays an error page, I discard that URL.
And of course, if the link is not actually a phishing attack, I discard it.
As with the malicious URL blocking test, I aim for at least 100 URLs. In this case, Norton itself is the product under test, which is a bit different.
To get its score against the three browsers, I averaged the difference from all of the other tests I've performed. Norton's detection rate came in 53 percent better than Firefox, 35 percent better than Internet Explorer, and 23 percent better than Chrome. Nearly a quarter of recent products fared worse than all three browsers in this test. Few products come close to Norton's accuracy, and even fewer do better. Webroot beat Norton's detection rate by 1 percentage point, and Bitdefender managed 2 percent better than Norton. Kaspersky came out at the top, with a detection rate 4 percentage points better than Norton's. Intrusion PreventionI typically think of intrusion prevention as a feature that goes with firewall protection, but it doesn't in any way require a firewall.
In fact this product, which has no firewall, has the same powerful intrusion prevention found in the Norton suite. My Symantec contact explained, "We couldn't imagine delivering a product under the Norton brand without including intrusion prevention." I tested this feature using about 30 exploits generated by the CORE Impact penetration tool.
An exploit attack attempts to gain control of the victim's operating system or of an important app by taking advantage of a security hole in its target. Norton aims to block these attacks at the network level, before even a trace reaches the protected PC. I found that after the first couple of exploits were caught, I started getting error messages for all the rest.
Sure enough, Norton's Intrusion AutoBlock noticed multiple exploits from the same IP address and set itself to block all traffic from that address for a half-hour.
I had to disable this feature in order to continue my test. Norton blocked 63 percent of the attacks overall.
For 37 percent, it identified the attack by name, and reported a generic name for another 26 percent. Norton's performance in this test is better than most competing products, and it catches the attacks at the network level where many competitors resort to eliminating the exploit's payload file. See How We Test Security Software Bonus FeaturesI've already mentioned the Norton Insight scan, which speeds up antivirus scanning by identifying known good files that don't require scanning. Norton Insight lists all of the files it checked, along with the trust level, the prevalence of that file in the network of Norton users, and the item's impact on system resources. Here's a surprising bonus feature—this antivirus includes the same antispam component found in the full Norton suite.
It filters POP3 email accounts and integrates with Microsoft Outlook, automatically tossing spam messages into their own folder.
If you're among the rare few who don't get spam filtered out by your email or webmail provider, this is a handy bonus. The Norton toolbar manages such things as keeping your browser from accessing malicious or fraudulent websites.
It also marks up search results with color-coded icons, green, yellow, and red for safe, iffy, and dangerous, as well as a special Norton Secured marker for verified shopping sites.
If you want to know just why Norton flags a site as red or yellow, you can click through for a detailed report. You can optionally install Norton Safe Search as your search provider, and make it your home page as well. Norton AntiVirus comes with the Symantec Norton Identity Safe password manager as a bonus.
It's true that you can get Identity Safe for free, but having it bundled with your antivirus is convenient.
There's also a link to Symantec's online password generator in the antivirus. Disk fragmentation isn't such a problem these days, now that modern Windows versions handle defragmenting in the background.
If you're using an old version, Norton's Disk Optimization component can help.
If your disk is only minimally fragmented, the tool doesn't waste time tweaking it. If your PC's pace is seriously dragging, you can put a spring back into its step with a tune-up utility. Norton's File Cleanup component doesn't come close to the abilities of those purpose-built tools, but it is a quick and easy way to wipe temporary files, both for Windows and for Internet Explorer. As time goes on, many of us tend to accumulate applications that launch at startup and then hang around using up memory and other system resources.
The more of these you have, the longer it takes to boot your system, too. Norton's Startup Manager lists all programs that launch at startup, identifying the resource usage of each as well as its prevalence in the community of Norton users. You can reversibly disable any of them that don't really need to launch at every boot, or delay launching some, to speed the process. Note that some standalone tune-up utilities also provide this feature. Great Antivirus and MoreI'm pleased with the return of Symantec Norton AntiVirus Basic.
It earned excellent test scores across the board, both with the independent testing labs and in all of our hands-on tests.
Bonus features like intrusion prevention, password management, and spam filtering make it even better.
It's an excellent addition to Symantec's security line, which for the last few years has consisted only of suites. Norton AntiVirus Basic joins the extensive pantheon of antivirus Editors' Choice products.
Its fellow honorees are Bitdefender Antivirus Plus, Kaspersky Anti-Virus, McAfee AntiVirus Plus, and Webroot SecureAnywhere Antivirus. Yes, there really are that many excellent choices when it comes to antivirus. Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.
It also comes with quite a few useful bonus tools, and there are no duds in this collection of components.
They range from very good to excellent. Kaspersky Internet Security is a winner. The typical three-license pack costs $79.99 per year, but for $10 more you can get five licenses.
Got a ton of devices? For $139.99 per year you can get ten licenses.
And all of these prices are frequently discounted, sometimes steeply. You can use each license on Windows, Mac, or Android, but the Windows product is by far the most feature-rich. Like the standalone antivirus, the suite's main window has changed just a bit since the previous edition.
Four large horizontally aligned icons dominated the previous edition's main widow: Scan, Update, Safe Money, and Parental Control.
The current edition has six icons, in two rows of three: Scan, Database Update, Safe Money, Privacy Protection, Parental Control, and Protection for all devices.
As always, the large green banner across the top turns red if there's a problem.
Clicking for problem details gets you easy access to the necessary fix. Shared AntivirusAntivirus protection in this suite is exactly the same as what I described in my review of Kaspersky Anti-Virus (2017).
I'll summarize that review here. Kaspersky no longer bothers with certification from ICSA Labs or West Coast Labs, but it gets fantastic scores from four of the five independent testing labs that I follow.
It earned a perfect score in the three-part test administered by AV-Test Institute. Of the AV-Comparatives tests that I follow, Kaspersky took the top rating in all five. Simon Edwards Labs certified Kaspersky at the AAA level, the very best.
And Kaspersky even did well in the tough tests from MRG-Effitas, where the majority of tested products simply fail. My aggregate lab test score algorithm comes up with 9.9 of 10 possible points for Kaspersky. In my own hands-on malware blocking test, Kaspersky didn't fare as well, earning 8.4 of 10 possible points.
Top score among products tested with this same malware collection goes to Webroot SecureAnywhere Internet Security Plus (2016), which earned a perfect 10. My malicious URL blocking test checks how well each antivirus fends off very new malware-hosting URLs. Kaspersky's 64 percent protection rate doesn't begin to compare with the 99 percent protection exhibited by Avira Antivirus Pro 2016. Note, though, that when the labs overwhelmingly praise a product, I give those results significantly more weight than I do my necessarily limited hands-on tests. Kaspersky was much more effective at protecting against phishing websites, fraudulent sites that try to trick you into giving away you passwords. Webroot and Bitdefender Internet Security 2016 are among the few products to best Symantec Norton Security Premium in this test, but Kaspersky outdid them all. This suite shares quite a few bonus tools with the antivirus.
The On-Screen Keyboard lets you enter passwords without rising capture by a keylogger, even a hardware one.
A Kaspersky Rescue Disk can clean up your PC even if malware rendered it unbootable.
Several scans check for problems with system optimization, security configuration, and privacy.
The antivirus includes a vulnerability scan, but as I'll explain below, this suite does even more to handle unpatched security holes. Low-Key FirewallAntivirus and firewall are the two central components of most suites.
In some suites, the firewall might as well be a fireworks show, popping up an endless series of confusing queries that force the uninformed user to make important security decisions.
Fortunately, Kaspersky isn't one of those.
It handles program control internally.
For known trusted programs, it automatically configures necessary Internet and network permissions. Known bad programs get the boot, straight into quarantine.
As for unknowns, it imposes limits on their activity, so they can't do any harm. If you dig into the firewall configuration, you can see exactly which programs have been assigned to each of four trust levels: Trusted, Low Restricted, High Restricted, and Untrusted. You can even change the trust level of any program, though I wouldn't advise doing so. Kaspersky also protects against network intrusion from the outside, but it doesn't attempt to put all ports in stealth mode, the way most firewalls do. My contacts at the company have explained that they don't see the value in stealthing ports when the product is fully equipped to block any attack. Certainly Kaspersky isn't vulnerable to the kind of direct attack that a malicious coder might attempt.
It doesn't expose any important settings in the Registry. When I tried to kill its single process, I got "Access denied." In the same way, I couldn't stop or disable the Windows service that powers Kaspersky's protection. Not all firewalls attempt to block network-based exploits that try to attack security holes in Windows or in popular applications. Kaspersky specifically includes a component to block this kind of attack, Automatic Exploit Prevention, which is part of System Watcher.
In a commissioned real-world test by MRG-Effitas, Kaspersky's Enterprise product exhibited 100 percent protection, followed closely by Symantec with 98 percent. In that test, researchers spent a good deal of time installing precisely the most vulnerable versions of popular browsers, Java, Adobe Reader, and so on.
That's important, because Automatic Exploit Prevention relies in part on detecting exploit behaviors, behaviors that don't happen if the vulnerable software isn't present. My own exploit testing isn't as rigorous, as I don't have the resources of the big labs. My test, which uses exploits generated by the CORE Impact penetration tool, takes place on a fully patched test system.
Even so, Kaspersky blocked half of the 30 exploits I threw at it, identifying several of them by name, which is better than many suites. Norton takes the prize in this test.
It blocked all of the exploits at the network level. Good Spam FilterNot everyone needs a spam filter, so Kaspersky's is disabled by default. Webmail providers typical filter out spam automatically, as do some email servers.
If you do need this feature, you want it to divert that deluge of spam from your Inbox while carefully refraining from throwing away any valid mail. Kaspersky filters both POP3 and IMAP email accounts, marking messages as spam or probably spam.
It integrates with Microsoft Outlook, adding a toolbar and automatically tossing spam in its own folder.
If you use a different email client, you'll find it's not hard to create an email rule for filling spam. Some suites come bristling with antispam configuration options; K7 Ultimate Security Gold 15 is an example. Kaspersky is the opposite.
A simple slider starts off at the Recommended security level. You can tweak it to High or Low, but you probably shouldn't.
Even if you dare to click the link for Advanced Settings, you won't find all that many options.
As always, I tested using default settings. Kaspersky's antispam didn't have any noticeable effect on the speed of downloading messages. When it finished draining my real-world spam-infested account, I discarded all messages more than 30 days old.
I sorted both the Inbox and the Spam folder into three bins: valid personal mail, valid bulk mail (newsletters and such), and undeniable spam.
Anything that didn't clearly match one of those categories, I discarded. Like ESET Smart Security 9, BullGuard Internet Security (2016), and several others, Kaspersky didn't discard a single valid message, personal or bulk. However, it missed 16.1 percent of undeniable spam.
That's nearly twice as much as the previous edition. Bitdefender and Trend Micro Internet Security 2016 were a hair less careful than Kaspersky about valid mail.
Both discarded 0.1 percent of valid personal mail.
But Trend Micro only missed 3.9 percent of the spam, and Bitdefender missed just 1.8 percent. Kaspersky's accuracy is still good, but I hope to see it score better the next time around. Secure ConnectionNew in this edition, Kaspersky includes a VPN component called Secure Connection. While it was developed by Kaspersky, it relies on Hotspot Shield's worldwide network of servers.
At the basic level, included in the suite, you can use 200MB of data per day on any number of devices.
For unlimited access you pay $4.99 per month or $29.99 per year, When you pay, you also get the option to select which server you want to use. However, unlimited data comes with its own limit—five devices. Using Secure Connection is a snap.
All you do is click a button to turn it on.
I turned it on and off ten times, over a period of two days, and got a server in Canada every time. Maybe it always connects through Canada? A few times, I got the message, "Secure connection is not available." However, clicking Retry banished that message. By default, it connects to the VPN at system startup. You'll probably want to disable that setting, as you might well burn through your 200MB before leaving the house.
Secure Connection prompts you to use its VPN service when you connect to an insecure Wi-Fi hotspot, which is handy.
In the advanced settings screen, you can configure it to automatically kick in when you visit banking sites and other secure sites. VPN protection is great to have, especially when you're not on your home network.
I like Secure Connection's ability to automatically connect when needed. One thing that'd make it even better would be a Kill Switch feature.
This feature, found in quite a few competing products, kills Internet connectivity for browsers and other applications if the VPN connection is lost. Competent Parental ControlKaspersky has always had a more complete parental control offering than the average suite. Recently, though, the parental control development effort at Kaspersky has all been aimed at Kaspersky Safe Kids.
That product comes as part of Kaspersky Total Security; those using the plain Internet Security suite get the same protection found in last year's edition. Per-child configuration of the parental control system is based on Windows user accounts; naturally parents can exempt their own accounts.
The content filter can block 14 websites matching 14 categories.
It works even in off-brand routers, with one exception.
I found that I could visit a secure anonymizing proxy in my hand-coded off-brand browser, but not in Internet Explorer. Once connected through the proxy, I encountered no restrictions from the parental control system.
That's a way for a clever teen to avoid parental control and monitoring. Kaspersky offers quite a few ways to limit a child's screen time. Parents can define a time span during which computer access is allowed, as well as a daily maximum time, with separate values for weekdays and weekends.
Those who want more fine-grain control over computer time can mark allowed times on a full-week grid.
There's also an option to force breaks in computer usage.
The default is set at a 15-minute break each hour.
And parents can separately limit the amount of Internet time per day. Don't want your kids playing too-gory games? You can limit them based on ESRB's age-rating, or even block based on specific ESRB categories such as fantasy violence or use of tobacco.
There's also an option to ban application types, including torrent clients and download managers, or to ban specific applications.
The kids won't fool this feature by making a renamed copy of the banned file. Parents can forbid certain social networking contacts, or limit contact to those that are pre-approved.
For more fine-grain control, parents can choose to log social networking chats that include parent-specified keywords. Kaspersky can also prevent transmission of too-personal data like your home address.
And it offers an overview of your child's activities, with the option to dig in for details. The parental control component in this suite doesn't come up to the features found in Kaspersky Safe Kids, or in other top-rated standalone parental control systems. However, it offers more features than are found in many competing suites. Safe MoneyKaspersky has offered Safe Money for some years now.
It kicks in automatically when you visit a financial website, offering to open it in the smart, hardened Safe Money browser.
If you accept, next time you visit that site it will open in Safe Money. You can edit the list of sites that always use Safe Money to add any site you like. The protected browser displays a glowing green border, so you won't get mixed up. Kaspersky isolates this special browser from other products and, when possible, keeps other processes from capturing the screen. Bitdefender offers a similar feature to protect your sensitive online transactions.
Its SafePay is a whole separate desktop, not just a protected browser, but either way, you're protected. Software Cleaner and UpdaterKaspersky's Software Cleaner and Software Updater are new in the current edition.
Software Updater runs in the background to identify browsers and other important applications that haven't been updated to the latest version. You can also launch the scan on demand. When you have unpatched vulnerabilities, the main window's top banner turns yellow. Unlike the simple vulnerability scan found in the standalone antivirus, this tool performs the updates automatically, when possible. Just click Update All and sit back. Software Cleaner also runs in the background, but with a different purpose.
It looks for programs that you rarely use and offers to recover resources by uninstalling the apps.
It also watches for programs with deceptive installation behaviors, hidden installations, and other unwanted behaviors. On my test systems, this uninstaller found some rarely used programs, but none of the other types. Bonus FeaturesThe list of valuable security features packed into this suite just goes on and on.
If you have a computer that's stable and rarely has new software installed, consider enabling Trusted Applications Mode.
In this mode, no program is permitted to launch unless it is marked as known and trusted in Kaspersky's massive database.
At the moment, it contains over 1.6 million known safe items and about 900,000 known dangerous items.
Before enabling this mode, you should run its lengthy scan that checks all programs already on your system. On my test system, it found seven system files that weren't in the database, three related to the fact that the test system is a virtual machine and four involved in manage that annoying Windows 10 upgrade popup.
These files wouldn't be allowed to run in Trusted Applications Mode, so the program advised against enabling that mode. Application Control (previously called Change Control) watches for suspicious changes to things like browser settings, asking the user to confirm that the change is desired.
Its new Installation Assistant component works against installers that try to install additional software not requested by the user.
And you can dig into it details to see all programs that launch at startup.
If you wish, you can reversibly block any of them from launching.
The startup list displays each program's trust level, as well as its popularity within the Kaspersky network. You may have heard that it's possible for hackers to spy on you through your webcam without triggering the little light. Kaspersky can block all access to the webcam, or allow specific programs access.
This applies to snooping via the microphone as well.
An active Do Not Track feature for browsers and a banner ad blocker round out the collection of privacy features. Performance ImpactWith all of this suite's features running to protect you, there's the possibility of an impact on your system's performance.
Indeed, my simple hands-on tests showed some degree of performance impact, but nothing that would cause real trouble.
It's worth noting that both AV-Test and AV-Comparatives gave Kaspersky top marks in their performance tests. To check for a security suite's impact on boot time, I run a script that repeatedly reboots the test computer, waits for ten seconds with less than five percent CPU activity, and subtracts the start of the boot process (as reported by Windows).
That gives me a measure of how long it takes for the system to be usable.
I install the suite and then run the test again, comparing the before and after averages. With Kaspersky installed, this test took 18 percent longer.
In real terms, that was 15 extra seconds, which isn't much. A script that moves and copies a massive collection of various-sized files took 29 percent longer under Kaspersky's watchful eye, but the suite made no measurable difference in the time to run another script that repeatedly zips and unzips that same file collection.
As with the boot time test, I averaged multiple runs of each test with no suite, then installed Kaspersky and averaged multiple runs again. Hardly any modern products impose a significant impact on performance, but some are less of a drag than Kaspersky. Webroot in particular aced this test, with no measurable impact in any of my three tests. See How We Test Security Software Other PlatformsAs noted, you can use your Kaspersky licenses on Windows, Mac, and Android devices, but the available features differ from platform to platform.
Fortunately, the online portal makes things very clear.
Click on the Licenses tab, click on the Downloads link, and you'll see what's available. Kaspersky Internet Security for Mac has some, but not all, of the same features found in the Windows edition.
It includes on demand, on access, and on schedule malware scanning.
Safe Money is present, as is parental control.
It blocks malware-hosting URLs and phishing attacks in the browser.
And its Network Attack Blocker performs many functions of a firewall. Other shared features include webcam protection, active Do Not Track for browsers, and the on-screen keyboard. For a full discussion of Kaspersky Internet Security (for Android) please read PCMag's separate review.
Briefly, it offers excellent malware protection as well as Kaspersky's winning protection against phishing.
Antitheft features include the ability to remotely locate, lock, or wipe the device, and also grab a mugshot of whoever took it.
It can hide special contacts from view, block unwanted calls, and notify you if someone swaps out your Android smartphone's SIM. PCMag's Max Eddy found it to be good, but not great. You Won't Go WrongKaspersky Internet Security is an excellent suite, with all the expected features and much more.
The independent testing labs rave about its antivirus, and it outscored all others in my hands-on antiphishing test. Not all of the components rise to that same pinnacle of excellence, but none are less than very good. You won't go wrong choosing this suite to protect your devices. Along with Bitdefender Internet Security, Kaspersky is our Editors' Choice for basic security suites.
At the mega-suite level, the Editors' Choice honor goes to Bitdefender Total Security.
For those looking to protect a ton of devices on a mix of platforms, McAfee LiveSafe and Symantec Norton Security Premium share the Editors' Choice crown. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Antispam: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.