Security Suites: Big Protection, Little Fuss

Just a few short years ago, all a PC needed for protection was a basic antivirus program to guard against any malware that arrived via an e-mail attachment, embedded in a shareware application or piggy-backed on a floppy disk.

1 2 3 4 Page 4
Page 4 of 4

Trend Micro offers all of the expected capabilities, including antimalware and antispam tools, a firewall and other security features. One unusual addition is Trend Micro's Wi-Fi Advisor, which checks wireless networks for security problems. Also included is a gaming mode, which opens ports in the firewall for access to Internet games, while still retaining its antivirus and antimalware capabilities. That allows users to play games over the Internet without fear of getting viruses or spyware. There are also device access controls that prevent unauthorized USB devices from being used on a PC.

The firewall is simple to deploy. Neophytes can just choose a setting that fits their environment; options include Home Network, Office Network, Direct Connection or Wireless Connection. These all change the firewall rules to different levels and settings depending on the danger associated with each type of connection.

The product's content-filtering parental controls offer predefined settings for teens, pre-teens and adults; each of the predefined settings can be customized further for users who need to limit or allow access to more sites based upon the profile in use.

Trend Micro offers an integrated browser toolbar that makes searches simpler and offers advice when visiting new Web sites, such as whether or not the site is safe or has any security problems.

The product's spam filtering capability works with incoming POP3 e-mail and integrates with Microsoft Outlook and Outlook Express. As with other product functions, spam filtering is based upon a simple choice of how aggressive you want the antispam component to be. You can set the filtering level to high, medium or low. The high setting will eliminate the most spam but might also block legitimate e-mail, while the low setting might let some spam get through. You can further fine-tune the spam filtering by using a whitelist or a blacklist.

Usability

Trend Micro Internet Security Pro has one of the cleanest installation processes; installation was a breeze and did not require a reboot of the PC. The installer also seeks out previously installed antivirus products and can automatically remove them, which helps to prevent conflicts between incompatible applications.

Product specs

Trend Micro Internet Security Pro

Company: Trend Micro Inc.

Price: $69.95 for up to three PCs (includes one year of updates and support)

Operating systems: Windows XP/Vista/7, Mac OS X 10.4 or later, iOS 2.1 or later, Symbian S60, Windows Mobile 5.0 or later, netbook version

The application tries to keep things as simple as possible and offers a great deal of guidance. Trend Micro is also "state aware," so if you're running a presentation, watching a movie, playing a game or doing some other activity where security warnings and pop-ups are not desired, the product will suppress warnings to prevent interruptions.

Operationally, I found the product offered adequate performance, memory usage was low and the product had little impact on processor utilization, less than 5% in most cases. However, manual scans did tend to be more processor-intensive and did put a noticeable dent in overall system performance; they would frequently peak at 90% processor utilization for very short periods of time -- never more than two seconds. This suggests that the application might not be appropriate for lower-powered systems such as netbooks.

Coming soon

Trend Micro hasn't publicly announced what is planned for the next version of its product, and no public beta is available. That said, development and testing is going on behind the scenes for the next version of Internet Security Pro, according to company sources.

Conclusion

Trend Micro has an interesting and useful product. The Wi-Fi adviser can be a handy feature for people who work in unsecured locations such as Internet cafes, and the ability to control device access such as USB connectivity is a good feature to prevent unauthorized individuals from copying information from an unattended PC.

However, I was not impressed with its performance during manual scans, and would think twice before using it on less powerful notebooks or netbooks.

ZoneAlarm Security Suite 2010

ZoneAlarm, which has been around since the late 1990s, is well known for its free firewall; more recently, it has been marketing a full security suite. With ZoneAlarm Security Suite 2010, Check Point Software (which purchased the product from Zone Labs in 2004) has integrated its firewall and spyware-prevention products into a suite that incorporates Kaspersky's virus-scanning engine to create a full array of anti-malware, anti-intrusion capabilities.

Internet protection

Since ZoneAlarm Security Suite 2010 uses Kaspersky's virus-scanning engine, the anti-malware capabilities are very similar to those of Kaspersky's product. However, the company has done a good job of integrating the virus-scanning technology into the suite, providing a near seamless experience from the program's menus.

The firewall is a good fit for advanced users, since it offers granular control of ports, programs and access. The firewall manages incoming and outgoing Internet traffic, while separately managing local network traffic. That allowed me to define different access policies based upon whether or not I was talking to a local network machine or a remote, Internet-based machine.

Blocking malicious programs is easy, thanks to ZoneAlarm's SmartDefense Advisor technology, which preconfigures settings for millions of known programs and sets a trust level for each.

Unknown malware is handled by an "Auto-learn" mode, which starts by treating every unknown program as valid, allowing that program to be executed and then monitoring the activity of that program to see if it exhibits suspicious activity. Initially, all unknown applications have a rule assigned that allows continued network access. That leaves it up to ZoneAlarm to detect if the program is a problem, based upon behavior.

The goal of Auto-learn mode is to limit confusing firewall pop-up messages, making security less intrusive -- but with that comes the possibility of reduced security. If you turn off Auto-learn, then unknown programs are blocked until the user acknowledges that they are OK -- which may be more irritating, but is also more secure.

The product integrates with popular browsers and prevents malware by blocking dangerous sites. If the site is not blocked, the product allows the requested file to be downloaded. If it can't guarantee the file is good, ZoneAlarm initiates a more intense scan that analyzes the file's execution in a digital sandbox. The advanced scan starts after the download finishes and can take a few minutes.

ZoneAlarm offers integrated spam filtering, thanks to the inclusion of the SonicWall antispam component, which filters POP3 and IMAP e-mail in Outlook, Outlook Express and Windows Mail. The product also works with Microsoft Exchange. Filtering uses a combination of whitelists and blacklists, and it can protect mailing lists based on the recipient address. One nifty feature is its ability to make every new correspondent respond to an e-mail challenge the first time.

The suite features all of the expected bells and whistles, as well as a few extra capabilities such as data-leakage protection, credit report monitoring and zero-hour rootkit prevention.

Usability

ZoneAlarm has done a fine job of rolling the separate security components together into a unified suite. I found it very easy to install. Dialog boxes were kept to a minimum, requiring very little user interaction -- while that does simplify the installation, it would have been nice to be presented with a little more information, such as percentage complete and what part of the installation process was occurring.

Product specs

ZoneAlarm Security Suite 2010

Company: Check Point Software Technologies Inc.

Price: $34.95 per PC (includes one year of updates and support)

Operating systems: Windows XP/Vista/7

The support documentation and integrated help screens for ZoneAlarm Security Suite 2010 provide all the information a user could need to solve most problems or activate most features. For technically challenging situations, users can turn to e-mail support, online help, online chat and user forums. The company does offer paid phone support, but that costs $49.95 per incident.

The interface offers pull-down menus and tabs to access primary features. Choices include Firewall, Program Control, Antivirus/Antispyware, Email Protection, Privacy, Identity Protection, Parental Control and Alerts & Logs. The opening window starts with an overview screen that gives the highlights of what has been recently blocked, scanned or detected. Navigation is pretty straightforward, but some of the menus could be combined to simplify things. For example, privacy and identity protection could be combined into a single element.

Scans proved to be very fast, and the application used a minimum of CPU cycles and resources, making it effective even on older systems with low-powered CPUs and on netbooks. In most cases, test scans only increased CPU utilization by 10% or less. However, more in-depth scans of executables, which execute the applications in a digital sandbox, spiked CPU usage as high as 90% for a few seconds.

Decent reporting capabilities and pop-up notifications round out the security suite, while automated updates help to keep everything secure.

Coming soon

According to ZoneAlarm's PR representative, the company has not released any information about the next version of its product or about its plans for an updated version of ZoneAlarm Security Suite 2010.

Conclusion

All things considered, ZoneAlarm Security Suite 2010 covers the basics very well. Its integrated firewall proves to be an excellent security tool for power users who want to control and monitor all traffic in and out of a PC. I do have an issue with its Auto-learn mode -- but as long as you ignore that feature, the firewall is very good. You should also expect performance hits during in-depth scans.

Thanks to the incorporation of Kaspersky's security tools, ZoneAlarm Security Suite 2010 will protect PCs from the common ills found on the Internet, which helps to round out the product and put it into the Internet Security Suite category. The product could be a top contender with the addition of free phone support, which is the norm among the vendors in this market, and a slimmed-down interface that better hides complexity from neophyte users.

Frank J. Ohlhorst is a technology professional specializing in products and services analysis and writes for several technology publications. His Web site can be found at www.ohlhorst.net.

Copyright © 2010 IDG Communications, Inc.

1 2 3 4 Page 4
Page 4 of 4
The 10 most powerful cybersecurity companies