Sunday, August 29, 2010

July 2010 Internet Security Performance Test by AV-Comparatives

Testing organization AV-Comparatives issued a 17 page report: “Performance Test (Suite Products). Impact of Security Suites on System Performance”. This was NOT a test on Internet Security Suite effectiveness. Panda Internet Security 2011 received the top score among the products tested. The complete report can be viewed and/or downloaded at http://www.av-comparatives.org/comparativesreviews/performance-tests

Internet Security Suites Tested

The products tested were: avast! Internet Security 5.0, AVG Internet Security 9.0, BitDefender Internet Security 2010, eScan Internet Security Suite 10, ESET Smart Security 4.2, F-Secure Internet Security 2011, G DATA Internet Security 2011, Kaspersky Internet Security 2011, Kingsoft Internet Security 2010, Norman Security Suite Pro 8, Panda Internet Security 2011, PC Tools Internet Security 2011, Symantec Norton Internet Security 2011

The tasks performed (multiple times) to measure performance were - File copying, Archiving / Unarchiving, Encoding / Transcoding, Installing / Uninstalling applications, Launching applications, Downloading files, Worldbench Testing Suite (XP).

Internet Security Solutions Receiving Advanced Certification

Nine companys’ internet security solutions received AV Comparative’s advanced certification level. Panda Internet Security 2011 received the top overall score. Note above which products were 2010 and which ones were 2011 releases. The product’s overall weighted scores were as follows:

1. Panda - 195
2. Kingsoft - 185
3. Norman - 181
4. Symantec - 179
5. eScan - 179
6. ESET - 177
7. Avast - 176
8. F-Secure - 173
9. AVG - 172

The above is a weighted average summary score. The 17 page report has multiple tables and additional details.

Boot Time Measurements Not Part of Testing

The report goes into great detail as to why boot times were not part of the test. In part, they said, “We did not test boot-times on purpose. Security products need to load on systems at an early stage to provide security from the very beginning – this load has some impact on the time needed for a system to start up. Measuring boot times accurately is challenging. The most significant issue is to define exactly when the system is fully started, as many operating environments may continue to perform start-up activities for some time after the system appears responsive to the user.” It’s worth reading the complete explanation on page 4 of the reports, as some vendors “game” their install, to make it look quicker, at the cost of protecting the customer.

Considerations in Selecting an Internet Security Solution

In the end, more critical factors in selecting an internet security solution include: are: which product provides the protection I need, which product provides any additional functionality I need, what is the price. Some of these performance criteria can be used as a tie breaker. They should not be the first cut in selecting an internet security solution. For information on some of the 2011 products that were included in this test, go to. “Internet Security 2011 – The Rush to Release” http://kensek.blogspot.com/2010/08/internet-security-2011-rush-to-release.htm and ‘Internet Security 2011 – The Rush to Release Part II” http://www.mozilla.com/en-US/firefox/central/

About AV-Comparatives

AV-Comparatives is an Austrian Non-Profit-Organization, which is providing independent Anti-Virus software tests free to the public http://www.av-comparatives.org/about-us

Tuesday, August 17, 2010

Internet Security 2011 – Rush to Release Part II

Two additional Internet Security providers have joined Panda Security and Webroot with their Internet Security 2011 solutions. BitDefender and Kaspersky. Internet Security providers typically have their consumer products released by the end of the third quarter.

Leading the Internet Security 2011 Pack - Panda, Webroot, Kaspersky, and BitDefender

• BitDefender Total Security 2011 was released around August 16. BitDefender AntiVirus Pro 2011 and BitDefender Internet Security 2011 were also released. Enhancements in Total Security 2011 include: enhanced detection, QuickScan, Search Advisor, Smart Scan, Enhanced Game and Laptop Modes, an Adaptive design user interface, Dashboard Shortcuts, and Smart Tips. You can learn more about what’s new at http://www.bitdefender.com/solutions/total-security.html . A review of the product by PC Magazine's Neil Rubenking is at http://www.pcmag.com/article2/0,2817,2367844,00.asp
• Kaspersky announced Kaspersky Internet Security 2011 on August 16, as well. They’ve strengthened their real-time protection story. New in the product is Kaspersky Desktop Gadget, System Watcher, Geo Filter, Safe Surf, Safe Desktop (similar to a sandbox), communication protection via IM or Social Networks, and Online Controls, There have also put in new proactive anti-phishing protection, advanced parental controls, and built in rescue disk. You can compare their Anti-Virus 2011 and Internet Security 2011 products at http://usa.kaspersky.com/products_services/compare/. A review of the product by PC Magazine’s Neil Rubenking is at http://www.pcmag.com/article2/0,2817,2367794,00.asp
• Panda Security – Panda Internet Security Suite 2011 has been out the door for several weeks. Some of the new features, depending on the product include: Secure Browser, PC Remote Access, File Encryption, and File Shredding. You can compare their home user products at http://www.pandasecurity.com/usa/homeusers/solutions/
• Webroot - Webroot Internet Security Complete 2011 has been out the door for several weeks. You can compare their home user products at http://www.webroot.com/En_US/consumer-compare.html

The 800 Pound Gorillas

Both McAfee and Symantec were trading near 52 week lows on their respective stock exchanges (as of August 17). Intel has since acquired McAfee.

• McAfee - Total Protection is available in public beta. http://beta.mcafee.com/betamcafee/Home.aspx?cookieCheck=true
• Symantec - Norton Internet Security 2011 is in public beta. Features/benefits they’re promoting – Norton Download Insight, Safe Web, Faster and Lighter, Proactive Performance Alerts, and New Rescue tools. http://www.symantec.com/norton/beta/
• Trend Micro – Their Syncsort product is in beta but not their security suite. https://www.trendbeta.com/pages/main

Others in Beta

AVG Technologies has made no announcement as to the exact date their Initial Public Offering (IPO) will occur on the London (UK) exchange. Going public first followed by a positively reviewed and received product could provide a positive uptick in the stock price. For more on this, go to http://kensek.blogspot.com/2010/07/avg-technologies-prepares-to-go-public.html

• AVG Technologies – AVG Internet Security 10.0 (assuming this is the name) is in public beta. From their beta site - the publishing of any information on AVG Beta testing is subjected (sic) to AVG approval. http://www.avg.com/us-en/29571
• ESET – Their Mac AV product and a mobile security product. http://beta.eset.com/
• F-Secure – A public beta of F-Secure Internet Security 2011 is available. Enhancements in 2011 will include (as described on their beta site):

- Easier and faster to use -- Based on multiple usability studies, the user interface of IS 2011 has been improved, giving easy access to the most important tasks and features.
- Reliable protection -- Automated malware removal logic has been taken to a new level by utilizing prevalence information from F-Secure cloud services
- Easier to take into use
http://www.f-secure.com/en_EMEA/downloads/beta-programs/home-office/is2011beta/registration.html.

Look for more releases and reviews in the coming weeks. Bragging rights and lines of online content are at stake.

Saturday, August 14, 2010

Virus Bulletin Reactive and Proactive (RAP) Test Results and August VB100 Awards

Virus Bulletin has published their latest Reactive and Proactive (RAP) test results (February through August 2010) and posted their latest VB100 results.

Virus Bulletin Reactive and Proactive (RAP) Test

Those vendors with Reactive Detection rates greater than 90% and Proactive Detection rates greater than 70% were: Avira Pro, Ikarus, G DATA, Emisoft, Kaspersky, ESET, Coranti, Check Point, and TrustPort. TrustPort topped everyone in both categories, and G DATA had the second best Reactive Detection rate. AVG Technologies just missed being in this group.

Neither McAfee nor Microsoft nor Symantec cleared the 90%/70% hurdle mentioned above with the products Virus Bulletin tested, however.

The RAP test measures products' detection rates across four distinct sets of malware samples. The first three test sets comprise malware first seen in each of the three weeks prior to product submission. These measure how quickly product developers and labs react to new malware emerging every day across the world.

A fourth test set consists of malware samples first seen in the week after product submission. This test set gauges products' ability to detect new and unknown samples proactively, using heuristic and generic techniques. Proactive detection is becoming increasingly more important given the quantity and rate an which new viruses and malware are created.

The chart can best be viewed at http://www.virusbtn.com/vb100/rap-index.xml . Detailed information about testing methodology is at http://www.virusbtn.com/vb100/vb200902-RAP-tests . This information and the chart are available at no charge. Virus Bulletin subscribers have access to the detailed results.

Virus Bulletin VB 100 Awards

To display the VB100 logo, an anti-virus product must have demonstrated that:

• It detects all In the Wild viruses during both on-demand and on-access scanning.
• It generates no false positives when scanning a set of clean files.

54 products were tested on the Windows Vista SP2 Business Edition. http://www.virusbtn.com/vb100/archive/2010/08 . Some abbreviated results:

The free Amigo’s - Avast, AVG Technologies, and Avira all received VB100 awards. Only Avast appears to have had their “free” product tested.

The 800 Pound Gorillas - Trend Micro wasn’t tested (there’s a story here). Symantec and PC Tools (two products, they’re owned by Symantec) received VB100 awards. Microsoft received a VB100. McAfee failed with both products tested.

G DATA, which did so well in the RAP testing, did not receive a VB100.

Complete details about the VB100 testing is at http://www.virusbtn.com/vb100/about/100procedure.xml

Some companies, more than others will proactively put a spin on how many consecutive VB100 awards they have received. The reality is that only the most recent few years and on platforms actively being used are important. Complete track records, by vendor is at http://www.virusbtn.com/vb100/archive/results?display=vendors . Let the spinning begin.

UK based Virus Bulletin started in 1989 (www.virusbtn.com). They provide PC users with a regular source of intelligence about computer viruses, their prevention, detection and removal, and how to recover programs and data following an attack. VB’s website is at www.virusbtn.com . The site is a great source of information on malware and spam. They are a member of the Anti-Malware Testing Standards Organization, www.AMTSO.org.

Saturday, August 07, 2010

Internet Security 2011 - The Rush to Release

August means a few things. Some nations east of the pond shut down for summer vacation. The NFL is in the midst of training camp. The Perseids meteror shower. Internet security suite providers rush to finish beta and release their Internet Security 2011 and Antivirus products before Q4. Laggards in the rush to release may not make it into the print edition of Internet Security round-ups that have early deadlines. They may find that buying decisions are being made using a 2010 review with people comparing 2010 product reviews to a competitor's 2011 release and current review.

Look for publications like PC Magazine (Rubenking), PC World (Mediati, others?), and PCPro (Graham-Smith) to get reviews of the 2011 Internet Security suites into their review queue once the products are released. Computerworld may take a little while longer since they reviewed 9 2010 suites in July “9 security suites: maximum protection, minimum fuss”. http://www.computerworld.com/s/article/9179499/9_security_suites_maximum_protection_minimum_fuss_ .

Below is the status of where some of the major security vendors are with respect to their consumer 2011 offerings (as of August 6). The list isn’t exhaustive. Sophos is business focused security play, so they’re not included below. Where a public beta is available, individuals should be able to register and download product.

Internet Security 2011 Shipping


• Panda Security – Panda Internet Security Suite 2011 is released! http://www.pandasecurity.com/usa/homeusers/ Germany based AV-Test has tested the product.
• Webroot - Webroot Internet Security Complete 2011 is released! http://www.webroot.com/En_US/consumer.html It has already been reviewed by PC Magazine.

The 800 Pound Gorillas - Beta

• McAfee - Total Protection is available in public beta. http://beta.mcafee.com/betamcafee/Home.aspx?cookieCheck=true
• Symantec - Norton Internet Security 2011 suite is in public beta. http://www.symantec.com/norton/beta/
• Trend Micro – Their Syncsort product is in beta but not their security suite. https://www.trendbeta.com/pages/main

Others in Beta

• AVG Technologies – Consumer security suite is in public beta. http://www.avg.com/us-en/29571
• BitDefender - BitDefender has a pair of consumer products available in public beta. http://beta.bitdefender.com/
• ESET – Their Mac AV product and a mobile security product. http://beta.eset.com/
• F-Secure – A public beta of F-Secure Internet Security 2011 is available. http://www.f-secure.com/en_EMEA/downloads/beta-programs/home-office/is2011beta/registration.html

No Beta Available?

• Avast - ????
• Avira – No products are available in their current beta program.
• Kaspersky - No public beta for their consumer product seems to be available. PC Pro seems to have reviewed 2011 but the product isn't on Kasperky's web site.
• ZoneAlarm – Only their free firewall.

What New Will Be In 2011 Internet Security Suites?

It will vary. Some of the above sites will have you agree to not publish any information about the beta before you can download the software. For competitive reasons, internet security providers are under pressure to incorporate new features. At the same time, industry pundits are complaining about bloat ware. Some surveys are showing that many are people are satisfied with basic protection. There’s a perception that any slowing down of a PC/laptop is due to the security software. Avira, Avast, AVG Technologies, and PC Tools (owned by Symantec) provide free basic protection and then encourage you to upgrade to a more comprehensive solution. Also, look for internet security vendors not stressing new functionality to promote things like: improved detection, smaller footprints, faster scanning time (though you can always schedule scans when you're aware from your laptop), and other under the hood enhancements.

For those interested in learning what constitutes test best practices, go to the Anti-Malware Testing Standards Organization (AMTSO) web site. www.amtso.org