Home > Categories > Software > Security > Norton Internet Security 2009 review
Key Technologies
• Antivirus
• Spyware protection
• Two-way firewall
• Identity protection
• Antiphishing
• Network security
• Botnet protection
• Rootkit detection
• Browser protection
• Internet worm protection
• Intrusion prevention
• OS and application protection
• Web site authentication
• Pulse updates
• Norton ™ Insight
• SONAR ™ behavioral protection
• Antispam
• Parental Controls & confidential information blocking More Info
• Recovery Tool
• Norton Protection System
Key Benefits
• Proven fastest and lightest security suite available
• NEW Pulse updates for up-to-the-minute protection - Delivered every 5 to 15 minutes to detect and eliminate new threats.
• NEW Intelligence-driven for faster, fewer, shorter scans - By leveraging a unique online intelligence system, Norton ™ Insight technology targets only those files at risk.
• Stops viruses, worms, spyware, bots, and more - Keeps your system protected against all types of malicious threats.
• Prevents virus-infected emails and instant messages from spreading - Feel secure while you keep in touch.
• Blocks browser exploits and protects against infected Web sites - Surf the Internet with confidence.
• IMPROVED Blocks online identity theft - Buy, bank, and browse online wherever and whenever you want.
• IMPROVED Secure network connections - Monitor your home network and more safely connect to Wi-fi networks.
• IMPROVED Blocks threats and hackers - Two-way firewall automatically makes security decisions for you.
Product reviews...
Having been one of the first to adopt Norton Internet Security back in 2000, I have always had a soft spot for the Norton's range of security products. However, as time went on I - like many - ended up being frustrated by the impact on my systems, so I reluctantly stopped using these products in order to get some of my system resources back. So it was with some great interest, and I must admit a wee touch of apprehension, that I agreed to test and review Norton's all new and improved Security package, and I must say I am now a firm advocate of Norton's once again.
The first thing I noticed about the new Norton's is the installation method, it is somewhat akin to slipstreaming a Microsoft service pack into a windows build, where rather than installing, it actually seems it integrate itself into your windows installation. This method makes for not only a more secure method of installation (Viruses and other nasties don't realise it even being installed) it also makes for a very quick install, in fact I had NIS 2009 up and fully running 20 minutes after first powering on the test PC. Now that may seem long to some of you, but this included a reboot and the fact that this test PC was so infected by ITN's (Internet Transmitted Nasties) that it takes almost 9 minutes to fully boot and login from a powered down state. So the installation itself took around 2 minutes which compared to earlier versions is pretty damn good.
Next it was the 'how many nasties can it detect' test. Well of the estimated 30 different nasties we had on the PC (which ranged from your average tracking bot, to a mass of trojans, to one or two of the newer viruses that are out there) it successfully picked up 83% on the first full scan, and after a couple of updates it had picked up another 13% in the incremental smart scans.
Another vastly improved feature is the pulse updates, which has two great advantages, firstly no more of those large updates, secondly you are protected against the newest viruses as soon as a definition update is released; no more waiting for the next daily/weekly update to get protected and hoping you don't get hit in the meantime.
The new firewall system is also a great improvement especially for those who are not exactly the most computer literate, as you will no longer get bombarded by popups asking if you want to allow this program access to the internet when half the time you have absolutely no idea what the program does in the first place.
I firmly believe that with this release Norton's has retaken it's place as the worlds best and foremost PC Security company and will, in my opinion, remain there for a few years to come.
Having had the pleasure of being given a sneak peek at this package a few months ago, I was keen to give this little beaut a try... and what a try it was. One of the biggest features introduced is: a non-install! Confused? So was I until it was explained thus... most application use, to some degree, Microsoft Installer, aka MSI, or InstallShield... a handler to deal with all the grunt work, driven and controlled by a script the developers create and include with all the bits and pieces to be put onto your machine. This means that if a nasty has gotten into your system and has attached itself to the installer engine it can infect anything you install... including antivirus software. Some 'smart' nasties can even detect an A/V being installed and abort the process, denying you any form of protection or methods of clean-up at all.
Symantec beat this one by utilising part of the technology from Ghost, their hard-drive imaging package. So NIS 09 doesn't get installed on your machine bit by bit the traditional way, it gets 'streamed' onto your machine... as a constant flow of binary data written directly onto the disc itself. Undetectable as an application, uncorruptable by infecting apps, and unstoppable unless your beast crashes on you mid-streaming. This means that a 'clean' install can be achieved even on the most infested system. With a basic kit of virus definitions, once in, it can go right on the offensive and start cleaning house.
To test this, we built a heavily infected system, with a swadge of virii, trojans, droppers and assorted other malware... I would actually say that well over half the data on the drive was malware of some kind or another. (And since we all know how bloated Windows can be, that's a LOT of nasties!)
OK, so, to the claim of "1 minute max install": Well, it was fast, faster than any previous versions we have seen, but more than a minute : 73 seconds to 'initialise', then 71 seconds to install and get to 'activation', full install finished by 224 seconds (3 minutes and 44 seconds). Then we had to download 5.5mb updates. On dial-up, pretty slow but no slower than any other download, and is usually about that with any A/V on a fresh install. So yes, 'install' can be really zippy... but that's only part of the process. Be prepared for some waiting, but far, FAR less than previous versions and most other competing products out there. Not bad, but not quite up to the claims. However... this may have been because of the hugely OTT level of infection.
A fast scan done during install detected most of the nasties, and dealt with the majority of them in a timely manner, hardly slowing things down, but obviously JUST enough to tweak it out of the 'optimum' range. Still, when we later tried the same test using some other competing products, they bogged down quite badly, even to the point of crashing the system, so even "slower than optimum" was pretty darned quick by comparison.
After the updated files were downloaded, a further scan detected nearly all remaining threats, and tagged a few we hadn't even been aware of, having been installed piggy-back by one of the 'droppers' which was carrying a different payload to what we thought! Only a single nasty made it through all this undetected... which we weren't surprised at since it was a fairly new variant... and so it was *really* impressive to discover it had been detected, cleaned up and erased an hour later, after a pulse-update had been received that carried the detection signature!
After install and clean, the rest was basic maintenance. Very simple to determine what's going on from main window, with progressive 'layers' of settings to deal with all skill-levels. Beginners or basic users can run it from no more than 2 layers deep (main window, plus 1-click-away windows), while more advanced/daring users can dig down to deeper layers of settings to tweak the tiniest behaviours and permissions for ultimate fine-tuning.
A couple of 'issues' that cropped up that I think worth mentioning...
Instant messenger scan: Does not even detect, let alone protect, Skype or GoogleTalk. With Skype becoming more popular, this is one that should be protected, even in the face of corporate 'buddy buddy' issues.
Scan outgoing email: You can choose to turn this off, but according to our traffic and system monitors, it still appears to be scanning outbound emails. This can cause trouble if you are required to send bulk batches of email, such as community notices or group newsletters. The best we managed was to send 30 at a time. More than that, and we hit server timeout errors and failed-send error codes by the tonne. Somewhat disappointing, but I am sure with enough tweaking there is a way to make it behave as desired... but we couldn't find it easily, so just left it permanently disabled. NIS doesn't like this, and keeps flashing little orange 'warning' icons at us from the system tray. Sometimes 'smart' can be too smart for it's own good.
So far, that's all we have been able to discover that may need to be addressed... and when you take into account the newness of the design, well, a couple of little glitches is hardly unexpected, or unacceptable.
Now, I want to give you a quick run-down of what makes this version so unlike anything previous...
All things evolve... include the methods of abuse. In the beginning, it was infected disc bootsectors, then came email attachments of doom. After that we evolved to Dupeware (where the user was expected to trust StrangeFileA.exe as safe, because it appeared to come from a trusted source), then we got Phished by phony bank sites and online payment systems. Once people started to get wise, we started seeing drive-by downloads, where the very sites you view try to install crap onto your machine. This was complicated even more by the fact that sometimes the site itself was uninfected, but was displaying a series of infected bannerads, inserted into the advert system server itself! (BannerAds are rarely hosted on the same server as the site, but are usually stored somewhere else and just pointed-to by the site you are looking at.) In the early days, Windows was the prime target operating system, but now the nasties are targetting the common-threads... browsers and plug-ins. The latest straw... using psychological and social knowledge to convince the users to let them in. As Dave Cole, Senior Director of Symantec's Consumer Products division says, "It's now about social engineering, hacking people, not the machine or operating system."
To combat these threats, Symantec built into NIS '09 a whole suit of tools that operate behind-the-scenes, protecting you without invading your time and space with messages, alerts and trivial questions, most of which you wouldn't REALLY understand well enough to make an informed decision. "System module eegwhisk.exe is attempting to access the internet on Port 7448. Do you want to allow this?" HUH?! How the hell do *I* know what Port 7448 is for, and what is eggwhisk.exe supposed to do exactly? So if it's unlikely the user would really be able to make the right choice, why ask? Do it, get on with the next task and let the user finish kicking orc butt and get to 60th level Mage Warrior and earn a Flaming Sword of Buttwypus.
Some of the not-so-hidden tools that make NIS '09 such a radical improvement include:
Norton Insight: An internal database of files on your machine and their status. Once a file is scanned a checksum, or snapshot, is stored. next time the file comes to be scanned, it is checked to see if it has changed. If it hasn't, don't waste time scanning it again. The database is built from the files scanned during the early stages of setup, and also using the combined resources of 14 million other users around the world. After all, win.exe is win.exe the world over. If their file is clean, and your file is identical to theirs, it stands to reason that yours is clean too... One scan to check, then it doesn't get scanned again unless it changes somehow. This means that after the initial scan, about 60% or more of your machine doesn't need to be scanned again!
Identity Safe: A great way to deal with your online identity. You can set up, and select, multiple profiles... work, personal, recreational, whatever... each profile can store your login names and passwords, and fill them in each time you hit your favourite sites. Visit the same site as 'Joseph' during work, but 'Jo' at home afterhours? No problems... different profiles, different 'faces', different data. It's file-based, so can be backed up like any other data, and uses 256-bit AES encryption. Sure, it can be beaten... but only if they happen to be able to work at lightspeed and outlive the heat-death of the universe as we know it!
Network Security: Got more than one machine? Got wireless devices? This little tool lets you *SEE* what is active, where, and whether it's even yours! It allows you an amazing level of security control, yet is simple enough for even a network noob to get a handle on.
'Bloodhound' Heurtistics: Scanning for specific data patterns isn't always effective... but a virus will do what virii do, trojans will always act like trojans. Scanning for behaviour patterns, certain bursts of network traffic in certain ports, watching what incoming data was authorised and requested, and what appears to be untagged orphan data... these are great ways to spot the hidden nasties and dig them out.
Deep Security and Recovery: The install CD is bootable, and will 'open' the system outside of the O/S for 'raw' access to the files, unaffected by any pre-loaded nasties. It's a bit like dropping laser-guided crowbars from orbit.
Overall, this is undoubtedly the biggest improvement to system security to come down the pike in the last 5 years, and will probably be the benchmark to beat for the next 2 or 3.
Random listing from 'Software'...
The revolution begins here with Strata Live 3D CX 2. Put realtime 3D in front of your clients and customers. Strata Live 3D CX makes it easy to prep your models, add interactivity, then output to the web and PDF.
YouTube style embedding is easy with the new cloud hosting option. Just use the simple "Export to Web" command. This revolution will be online and in 3D.
All trademarks, images and copyrights on this site are owned by their respective companies.
KIWIreviews is an independent entity, part of the Knock Out News Group. This is a free public forum presenting user opinions on selected products, and as such the views expressed do not necessarily reflect the opinion of kiwireviews.nz and are protected under New Zealand law by the "Honest Opinion" clause of the Defamation Act of 1992. KIWIreviews accepts no liability for statements made on this site, on the premise that they have been submitted as the true and honest opinions of the individual posters. In most cases, prices and dates stated are approximate and should be considered as only guidelines.
"Sometimes only those who love you can tell you what you need to hear, instead of what you want to hear."
anonymous