Norton Internet Security 2007 beta

You might think that with Norton 360 (formerly code-named "Genesis") on the horizon, the venerable Norton Internet Security suite would be headed for a nice rocking chair on the porch of the Old Suites Home. But like many an aging baby boomer, NIS is far from retirement: In fact, Symantec has just released NIS 2007 to public beta. Company spokesperson Cecilia Daclan explains: "[One] segment of the market prefers to use security solutions like Norton Internet Security that they can control completely. Another segment wants the same level of protection, plus additional capabilities, but through a 'set it and forget it' service like Norton 360." We'll see how things shake out for the two products. For now, I took the new NIS 2007 beta out for a test drive.

The beta installer is available on dozens of download sites, but unless you get it straight from the source, you'll miss the essential activation code. You can download the beta here. Although a screen in the installer suggests the beta will run for 15 days without activation, in truth it needs activation after just one day. If you've already downloaded or even installed the beta from another site, follow the steps at the Symantec download page, but stop short of actually downloading the file. You'll get the activation code via e-mail, and it's good for several installations (Symantec says five; my experience says three). On all five of my test systems, the activation process was wonky. It successfully progressed through all the steps, then reported it had failed to activate. Retry didn't help, but when I clicked Cancel, it suddenly decided it had activated after all. Go figure!—Continue Reading: Mashing the Malware

Mashing the Malware

A full installation on a clean system, including a quick preinstall scan for malware, took about 20 minutes. Right away, NIS warned me that my security needs attention and invited me to Fix Now by clicking a button. Doing so launched a full scan that took almost 50 minutes. Compare that with the 7 minutes it took Spy Sweeper 5.0 or Spyware Doctor 4.0 to scan the same system. Symantec touts "an improved and faster full system scan"—I sure didn't see it. In fact, installing the NIS 2007 beta had a visible impact on performance overall. Even simple tasks such as opening a folder for display or rebooting the system were noticeably slowed.

For a sanity check, I tested the beta's ability to clean up a subset of my standard malware samples—a dozen spyware threats and three commercial keyloggers. NIS's handy preinstall scan (which was slipped into NIS 2006 this past May) caught all three keyloggers and four of the spyware samples. One of the samples is a wild card that has directly attacked nearly every major security product I've tested. It did take a swipe at NIS 2007 by damaging the Windows Installer. But the NIS installer noticed the problem, fixed it, and proceeded to a successful conclusion—smart!

Every single one of the infested test systems hit one glitch or another during installation of the beta, but I worked around them all, in some cases using information automatically provided by Symantec. I eventually got NIS installed on four malware-infested virtual machines, then launched a full scan on each and sat back to wait for results. And wait . . . and wait . . . because scanning a malware-infested system is even slower than scanning a clean system. Overall, it did a good job of removing the test malware, though not as good as NIS 2006. It wiped out all three of the commercial keyloggers and nine of the twelve spyware samples in the full scan. It did miss two spyware threats and tried but failed to remove a third. When the product is closer to release, I'll run it against a full set of malware samples.

The AutoProtect feature, introduced back in December, cranked up NIS's ability to keep spyware out of a clean system. But its behavior as an element of this beta was notably peculiar. When I opened a folder containing a bunch of malware installers, it noticed one threat and initiated the removal process. After a while it asked to reboot to complete the cleanup. Post-reboot, it nabbed another file in that same folder and went through the whole process again. For some lower-risk threats, it asked me whether to proceed with removal (I had configured it to ask). Over about 45 minutes and eight or more reboots, it whittled this particular sample set from fourteen items down to five. I can't think why it didn't just whack all the bad guys in a single pass.

The results were quite different when I just launched the malware installers rather than waiting around for AutoProtect's leisurely inspection. Unlike Spy Sweeper or Spyware Doctor, NIS apparently doesn't scan each program as it launches. Most of those same samples that were slowly weeded out in the earlier test managed to install completely or partially before NIS woke up and decided to whack them. To give it credit, it did block or undo the installation of three keyloggers and ten spyware samples. But two spyware samples completely got past it. Well, that's what beta testing is for—I assume this feature will improve.

NIS automatically removes high-risk threats when it finds them. By default it ignores lower-risk threats, which seems like a bad idea to me. I set it to ask me about those, even though I have always hated the way NIS interrupts a full scan to ask about a low-risk threat. It used to offer three choices: scan now (hey, I'm already scanning), ignore the threat for a half-hour (so I'll get another warning before the scan finishes) or ignore it permanently. I can't say for sure, but it looks like they've gotten smart and suppressed this type of pop-up during a scan—at least I didn't see any during my testing. At other times when the pop-up query did appear, its options were a bit more sensible. I could remove the specific threat, ignore it once, or ignore it always. Thanks, Symantec!—Continue Reading: A Smarter Firewall

A Smarter Firewall

The firewall module's power remains impressive, and it's now amazingly free of the pop-up queries that make most personal firewalls so irritating. The new firewall decides for itself what to do when a program attempts Internet access instead of hassling the user with a confusing query.

In my limited testing the firewall seemed to make good decisions, allowing normal programs and blocking malware. Even if you switch it into "ask me" mode, it still automatically configures permissions for programs that it recognizes. If you want it to block advanced malware techniques that evade normal program control, you must first put it in "ask me" mode. But non-techie users will happily trade the minor risk of ignoring those advanced techniques for the major stress relief of automated protection.—Continue Reading: The New Interface

The New Interface

The product's main screen reflects an attempt to keep things simple, or at least simpler, for the user. It's divided between a "Norton Protection Center" tab that reports on security status and a "Norton Internet Security" tab that lets you change settings and take action. Like McAfee Total Protection, the new Norton's first level of configuration involves simply turning features on and off; advanced users can dig into more detailed configuration settings. Both tabs are divided into multiple sections with only one section at a time visible in detail.

I expected some kind of linkage between a status item marked as needing attention and an action area that would let me give it attention, but alas, it wasn't so. And the "Learn More" links on the status tab weren't hooked up yet. Because of the limited visibility of options on both tabs, it took me quite a while to notice the absence of Norton AntiSpam, privacy control, and parental control, all prominent in NIS 2006. According to Symantec's Declan, these aren't "core" features, so to help performance, they're not included in the basic package. Antispam and parental control will be available as free add-ons, and the privacy-control feature has been effectively replaced by the new antiphishing module. I'm not sure that this counts as a solution to the performance issue that has dogged NIS for years, because many people who choose NIS will also download the antispam modules. The add-ons are not present in the current beta, which is one reason I've declined to assign it a star rating.

The proposed price for NIS 2007 is $69.99, and this allows installation on up to three computers (possibly spurred by similar pricing for Windows Live OneCare). Besides the expected signature updates this price also covers updates to the product itself for a year, pushing NIS 2007 in the direction of "software as service."

Security suites can be threatening and confusing for many users. Like McAfee Total Protection, Norton Internet Security 2007 beta is clearly aiming to make security protection friendlier. The option to eliminate firewall queries is a great step in that direction, as is automatic handling of high-risk spyware threats. The two-tab main display also seems like an attempt at user-friendliness, though I'm less sure of its effectiveness. We'll see how this product shapes up in its final release.

More security suite reviews:
•   MicroWorld eScan Total Security Suite with Cloud Security
•   MicroWorld eScan Internet Security Suite With Cloud Security
•   Kaspersky Internet Security (2015)
•   Bitdefender Internet Security 2015
•   Webroot SecureAnywhere Internet Security Complete (2015)
•  more