Topic: Neowin Review: Symantec Norton Internet Security 2009

[Samker]

Back when I got my first PC, there wasn't a need for Antivirus software, malware wasn't heard of, and Spam came in a can, and could arguably be called a tasty treat. Now, you just about can't run a PC without some sort of Antivirus/spyware protection, especially if you're connected to the internet (something we'd only be able to use if we were students at the local college). Back in late 1990, Symantec released their first Antivirus software, called Norton Antivirus (from the original company name, and founder, Peter Norton). At the time, it was considered one of, if not THE best AV software out there. Given, there weren't a huge number of viruses out there, but the number was increasing every day. As more and more viruses appeared, the software required to detect them became more sophisticated, and in turn, became larger and slower. Antivirus companies added more features, which in turn made them larger, utilizing more memory, and more cycles to do their jobs. They then added features like Internet firewalls, intrusion detection, spam detection, all of which further increased their footprints. During this time, the Norton Antivirus acquired a reputation for being one of the more bloated packages out there (arguably anyway).



With the release of Norton Internet Security 2009, it appears that Symantec has put their flagship AV software on a much-needed and overdue diet, and raised the bar on Internet protection. From the cover of the box, they say it's Strong on protection, light on system resources. It looks like they've listened to their customers who want great protection for their PC, without sacrificing a large portion of their system resources.

One of the things that Symantec touts for the 2009 edition is that their new installer is a 1-click, 1-minute process. While the actual install routine is quite fast, the entire install process takes about 8 minutes (depending on your internet connection), since it downloads the current updates from Symantec's servers. It also requires more than just a single click, since you have to enter your Product Key. I know I'm splitting hairs here, but if you say it's 1 click, 1 minute, I should be able to put in the disk, click install, and be sitting back at the desktop after installation as close to the one minute time-frame as possible. To be clear though, once the updates were downloaded, and the Key entered, installation took just a few seconds over 1 minute to complete.

Norton has also added a new Identity protection feature, which will manage your web-site logins, as well as manage credit card information. I've not used the Card features yet, but the password safe built into the system seems to work pretty well, has ability to be toggled on and off per-site, and can be set to require your Identity Safe password to be entered before filling out any forms/logins. There's other software out there for this, but it seems better integrated into both IE & Firefox than some of the other solutions I've tried in the past.

Also added is a Network Monitoring module that shows you a visual picture of the devices on your network, and will let you determine the amount of trust to give to a particular device, to determine amount & types of traffic you want to allow to your PC from that device. This goes from Full Trust (all traffic allowed from that device), to restricted (NO access from the device), to the default of Protected (Full threat protection, but normal traffic is allowed through). You can also monitor the status of other PC's running the 2009 suite from the Network Monitor.

Another great feature is called Silent Mode. Have you ever been watching a movie on your PC, or been playing a game, and had your protection software pop up some piece of info that switches you back to the desktop, or dumps you out of what you were doing? Well, that shouldn't be a problem anymore. If you go into a full-screen application, Silent Mode is activated by default for everything except critical notifications. If you require more aggressive message suppression, you can go into the Misc. settings and turn on Manual Silent mode, which asks you how long you want to be in silent mode, and further reduce the chances of interruption by Norton.

Two other new features are the Performance meters, and Norton Insight. With the new performance meters, you can see exactly how much CPU and memory usage you've had, and also see what percentage of that was used by Norton. This is shown on the main dashboard page via two meters (one for the total system usage, one for Norton's percentage), as well as a detailed display that also shows you what background jobs Norton has run, when they last activated, and their current status. Norton Insight shows you the currently running processes, and whether they are a Norton trusted process, or a process that needs further scanning. In theory this should allow Norton to use less resources scanning processes that it knows are legitimate, and concentrate on processes that appear suspicious, which should lessen the amount of scanning the system has to do. On my test systems, I never noticed more than 2 or 3% in the Scan needed category, and a few times as low as 1%. Once it's scanned a particular file, as long as the file stays the same, it's not scanned again. On my test system this seems to help quite a bit, especially when opening and closing the same applications (Outlook for example), and accessing the same files multiple times.



What most people are going to want to know is about the performance improvements for the system, especially memory usage. On my test system (under Windows XP), the 2009 system typically uses about 11m at idle, and 0% CPU usage, with spikes of 18m and 8-10% CPU during real-time scanning. On the Vista test machine, idle memory is about the same, but the memory spikes were lower, at about 16m memory. When receiving mail in Outlook 2007 (in Pop mode), CPU usage spiked at about 20%, and memory usage went to about 18m. When you take into account that this is the full Norton system usage, those numbers are quite good. That's roughly one eighth of the memory that Eset's NOD32 Antivirus uses at idle (on my main system NOD32 idles at 36m for the service, and 3m for the GUI). Symantec's own Endpoint Protection weighs in at about 18-20m at idle on one of my work systems, and it doesn't have half of the features of the 2009 package. Eset's Smart Security suite uses a bit more on idle (a bit over 40m). During a full system scan, memory usage goes much higher with the 2009 package, weighing in between 74 – 80mb total memory usage. While this is quite a jump in memory usage, this was during a scheduled full system scan, not the normal real-time scanning. All in all, I perceived a definite boost in system responsiveness on my test box over my normal AV of choice, NOD32. In daily use, the system seemed to be more unobtrusive than other AV suites, and did it's job well.



To put the new protection features through the wringer, I set the system up on my wife's PC (which the kids seem to use more than she does), and told them to break the system. Usually our youngest daughter can bring a system to it's knees pretty quickly (she seems to be able to ferret out any malicious MySpace pages with surprising speed and ease, and has a knack for finding sites that want to install things like Windows Antivirus 2009 quickly), and the system caught everything they could throw at it. The add-on Parental control module kept the kids out of places we didn't want them to go (the Parental Controls aren't installed by default, and require you to download an add-on pack from Symantec), but did seem to be a bit more rudimentary than other systems I've used in the past. One of my tests was going to a site that was known to attempt to install fake multimedia codecs, and Norton caught it at every attempt, in both Internet Explorer, and Firefox.






I was also surprised with the Anti-Spam and Email scanning features, as they caught a few mails that happened to get by our GFI Mail Essentials on our Exchange server, but also noticed that it got more false positives with the initial tests. The Spam filter can be trained on the good mail you currently have, so the false detection of junk mail can be mitigated somewhat. For a typical home-user target audience, it is more than adequate. It caught much more junk than the built-in filtering in Outlook 2007, and integrates into both Outlook, and Outlook Express. Interestingly enough, on Vista, you only get the SMTP & POP scanning when using Microsoft Mail, as there's no direct integration into the software. I found this odd in that the Microsoft Mail application has been around for over a year, yet there's still no direct support for it. As far as anything else Vista-specific, it does include a desktop Gadget that shows if the system is running correctly, or needs attention. The Vista support felt more like an afterthought though, although everything does function well in a Vista environment.



When I was given the NIS 2009 package to review, my initial thought was ‘Great, lets see how big Norton's package is now, and bring my C2D to it's knees', but after using the system for a few days, I'm fairly impressed with how little the performance impact is, and plan on keeping it on my work Laptop and home desktops. The systems feel faster, and I do feel a bit safer with the additional protection. In my opinion, Norton's got a definite hit on their hands, and NIS 2009 should go a long way towards repairing their AV-software bloat image. The days of telling friends to dump the NAV software off their system and install something leaner are over, and I'll have no problem recommending NIS 2009 in the future.

Download Trial: http://nct.digitalriver.com/fulfill/0184.077

(Neowin)