The big deal about this product is that it's must faster and easier to use, something we'd forgotten existed in commercial anti-virus software and Internet security suites. What does the magic in this version is a feature called 'Norton Insight'. Using this, the suite maintains a log of the trust level of system files and other related crucial files. Once these files have been labeled with a trust level, they are not scanned the next time. Only when they're modified does the software scan them again. This sort of tracking of files is also referred to as white listing. This helps to significantly cut down the time required to scan the syste. All processes related to this feature run when the system is idle, thereby ensuring that the performance is not affected when the system being used. This feature also provides a centralized location where you can view the different processes running on the system, their trust levels and digital signatures. Another interesting feature of the software is 'Silent Mode'. If this is turned on, then any alerts or notifications will not be shown, but the necessary action required will be taken. This way, users do not get any disrutions while working. Apart from this, if any application like a movie or a presentation is run in full screen mode, Norton itself enables silent mode.
It also suspends certain background activities thereby not affecting the performance. It starts them only when it detects that the system is idle.
The security suite provides a feature which protects the web browser from
malicious web sites. These web sites detect and exploit the browser to download
malware programs to your system.
These malware are sometimes also known as drive-by downloads. This feature is available for I.E 6 or later and FireFox. After the feature is enabled, the browser is then protected by Norton for attacks and maintains the system's integrity.
|Norton Insight tells you how many files it has put in its white list. These are then not scanned repeatedly, unless they're modified, thereby improving system performance.|
The identity safe feature protects a user's information during online transactions. It can store log-in information, account numbers, passport numbers, etc in password protected and encrypted format.
It also includes a firewall, which protects the system while it is communicating with other systems over the Internet. It gives the user a choice to control the programs that access the Internet. Users can also define rules for a program for accessing net.
Apart from this, it includes a network security map that enables a user to monitor the status of other Norton protected systems connected through a network. The stealth blocked ports feature blocks unused ports on the system and it also blocks the ports from responding to incoming connection attempts. The software also scans all incoming and outgoing traffic against a set of attack signatures.
|Norton provides a feature to monitor the memory consumed by itself and the system. The yellow color shows memory being consumed by Norton.|
The Anti-phishing feature safeguards you against fraudulent websites. A warning is flashed if the website is detected to be fraudulent. This suite also provides spam filtering. Norton anti-spam uses Bayesian technology to detect spam mails. It can not scan mails that are sent through SSL connections. A user can allow and block messages from individual e-mails or domains.
Tests and results
For testing the software, we installed it on a Windows XP machine. For anti virus testing, we scanned our virus database and it was able to detect almost all viruses and clean/quarantine them. In fact, during scanning our virus database, Norton deleted/quarantined maximum number of infections as compared to 2008 versionf of TrendMicro and McAfee.
To check the firewall capabilities we used an isolated network and ran attacks through Nessus. The Norton firewall successfully blocked all attacks and we could check this by referring to the logs maintained for scans and attacks.
We tested the e-mail protection capability by trying to download virus infected mails. The software raised an alert and did not allow us to download infected mails. For spam mail testing we configured a mail account on Outlook Express and downloaded a collection of spam mails. It was able to detect 39% of spam mails with default settings. However, this percentage increases over time, as the software learns over a period of time.
Now comes the acid test--resource consumption. In this, we checked the memory and CPU utilization, and compared it against its own previous release, and 2008 releases of TrendMicro and McAfee. The latest version of Norton outperformed all, as can be seen from the graphs. It consumed the least amount of RAM and CPU power during a scan. This result would be appreciated by most anti-virus users because just about everyone today is suffering from the system hogging nature of security suites. We tested RAM consumption using a utility called FreeRAM XP Pro. Just as we were going to press, McAfee also released its 2009 suite of products, so we didn't have time to compare its resource consumption here. We hope to bring you its review in the coming issue along with a comparison.
Bottomline: Given the price, performance, and lower system resource consumption, this is a great buy for endpoint security.