avast! Internet Security 2014 review

The independent test labs give avast! Internet Security 2014 high marks. Power users will especially like its sandbox virtualization and SafeZone hardened desktop. Just watch out for its over-aggressive behavior blocker, which quarantined valid programs during testing.
Photo of avast! Internet Security 2014

The release of a new version is an opportunity for security suite vendors to add new features, enhance existing ones, and change the user interface. Those familiar with avast! Will find that the avast! Internet Security 2014 ($49.99 per year direct; $69.99 for three licenses) looks very different from what they’re used to. Under the hood, things aren’t all that different, but I noted improvements in the firewall and spam filter in particular.

The most common reason for a change in user interface is to streamline the program, eliminating any unnecessary settings and making it as easy as possible for the user. This edition looks very different from the last, but I can’t say it’s any easier to use. Quite a few times I found myself fumbling around, trying to figure out where to find a certain setting. Of course, if I used it every day I’d surely learn my way around.

As with avast! Free Antivirus 2014, four large buttons span the middle of the main window. Three of these launch a quick scan, check your browser for sketchy toolbars, and link to an offer for avast! Mobile Security & Antivirus (for Android). The fourth button is simply marked “Add,” and clicking it lets you add just about any program feature to the main window. You can also change out the other three, putting your most-used components just a click away.

Lab Results Are Positive
The antivirus protection in this suite is exactly what you find in avast! Free Antivirus 2014. For a detailed explanation of avast!’s lab results and other shared features, do please read that review. I’ll simply summarize here.

Avast! participates in testing with all of the labs that I follow. Its antivirus technology gets generally good marks, especially for effective malware removal and low false positives. Aggregating its various scores, I’d say its lab results merit four stars. That’s quite good, but as you can see in the chart below, some have done even better. Kaspersky in particular gets five stars in every category. For a full explanation of how I distill the various test results into these categories, see How We Test Security Suites for Performance.

avast! Internet Security 2014 performance chart

Good Antivirus Protection
I’ve recently added a real-world malicious URL blocking test using the very latest reports from MRG-Effitas. Avast! blocked 79 out of 100 malicious downloads, almost all of them by denying all access to the dangerous URL. I’ve only tested six products this way so far, but avast!’s score remains the best. Ad-Aware Total Security 11 is next, with 68 percent detection.

When I opened a folder containing malicious samples downloaded earlier, avast! wiped out 78 percent immediately and eliminated a few more when I tried launching them. Its detection rate of 92 percent is good, but others have managed as high as 97 percent. Avast!’s overall score of 8.9 points, which takes into account how thoroughly it blocked detected attacks, is in the bottom half of products tested using these same samples. For an explanation of my hands-on malware blocking test, please read see How We Test Malware Blocking.

avast! Internet Security 2014 malware blocking chart

On the negative side, avast!’s “evolutionary generic” detection strategy generated some unfortunate false positives. When I tried to install 20 old-ish PCMag utilities, it quarantined two immediately; two others got a reprieve after a DeepScreen scan.

It also whacked a number of my hand-written analysis utilities. When I attempted to restore them and exclude them from further scans, that feature just didn’t work. I finally succeeded by excluding the folder containing these tools.

For safety’s sake, I’m no longer challenging antivirus products to remove live malware. There’s too great a chance that the malware could use my test system as a springboard for its own nasty purposes. I do note that avast! offers more ways than many to circumvent malware that prevents installation or subverts scans. Do see my review of the standalone antivirus for full details.

Two-way Phishing Protection
Avast!’s browser plug-in tries to steer your browser away from fraudulent websites, and the Web Shield antivirus component also blocks some phishing sites. Despite this dual protection, avast! didn’t do very well in my phishing test. Its detection rate was 32 percentage points below Norton’s. Even so, it scored better than 60 percent of its competition. To learn how I obtain the newest phishing URLs and conduct this test, see see How We Test Antiphishing.

avast! Internet Security 2014 antiphishing chart

Other Shared Features
The free antivirus includes an impressive array of bonus features. It includes a browser plug-in that marks up search results with red, green, and yellow icons, representing a bad, good, or iffy reputation. You can add your own ratings by clicking thumbs up or thumbs down. In addition, the plug-in offers an active Do Not Track feature similar to what’s offered by AVG Internet Security 2014and Avira Ultimate Protection Suite (2014).

You can create a bootable rescue USB or CD from within the program; do this before you need it! A browser cleanup tool will scan for toolbars and add-ons that “have a poor reputation.” Without any effort on your part, avast! scans to make sure your browsers and important applications haven’t missed any security patches, and helps you apply any missing patches. There’s also an impressive page of protection statistics, both for your PC and for avast!’s global community of customers.

Once again, all of these features are also found in the free, standalone antivirus product; very generous!

Improved Spam Filtering
Avast!’s spam filter marks spam messages by prefixing “*** SPAM ***” to the subject. It integrates with Microsoft Outlook to automatically move spam messages to the junk folder. Those using another email client will have to define a message rule to divert the spam.

The spam filter can optionally whitelist any addresses to which you send mail. Outlook users can also have avast! automatically whitelist addresses found in the address book. You can also manually whitelist or blacklist any address or domain.

In testing, I found that avast! hardly had any effect on email download speed. I sorted through thousands of messages and determined that it did not erroneously throw any valid personal mail or valid bulk mail into the spam folder. It did, however, let almost 20 percent of undeniable spam into the Inbox. Its accuracy is almost identical to that of F-Secure Internet Security 2014.

Missing some spam isn’t as bad an offense as throwing away valid mail, for sure. However, Norton and McAfee also didn’t throw out any valid mail, and both missed less than 4 percent of spam. Avast!’s spam filter is good; others are better. For full details on my antispam testing and analysis, see see How We Test Antispam.

avast! Internet Security 2014 antispam chart

Advanced Firewall
The firewall component in this suite correctly stealthed all ports and fended off all port scans and other Web-based attacks. An outside attacker simply wouldn’t see this PC from the Internet.

When I attacked the test system with exploits generated by the Core IMPACT penetration tool, avast! fended off most of them. It identified 28 percent of the exploits by name, and the real-time protection component caught another 48 percent when they tried to drop a malicious payload. That’s better than most, but note that Norton Internet Security (2014) caught every single one.

Avast! handles program control in much the way Norton does. It automatically configures network and Internet permissions for known good programs, destroys known bad programs, and keeps watch on unknowns, making its own decisions about access. By default it will pop up a notification when it chooses to block an unknown; you can suppress that behavior, or tell it to also notify you when it allows an unknown program to access the network. I definitely prefer this style of program control to products that bombard the user with confirmation queries.

The firewall is tough, too. Any attempt to change its Registry settings or kill its processes ended in “Access denied.” A malicious program attempting to stop avast!’s essential services will fail, because the firewall won’t allow that without user confirmation. Last year I managed to change the startup status of those services to Disabled; this time around that, too, ended in “Access denied.” That’s progress!

Safe Play in the Sandbox
Probably the smartest thing you can do with a program of dubious provenance is delete it permanently. If for some reason you need to run such a program, you can keep it from doing permanent damage by running it in the Sandbox. To identify sandboxed applications, avast! adds a tag outside the window border saying “avast! Sandbox.” If you prefer, you can set it to use a colored border for those windows.

A sandboxed application seems to have full system access, but actually all of the changes it makes are virtualized. When you dig into the settings dialog and delete the sandbox’s contents, those changes vanish. Expert users can choose to run sandboxed applications with the privileges of a Limited/Standard account, limit the memory and CPU resources available to sandboxed applications, and prevent screen capture of those applications.

Remember that deleting sandbox contents wipes out changes made by every sandboxed program. Once you’ve identified a program as benign, your best bet is to clear the sandbox and run it in normal mode.

Browsing in the Safe Zone
Running a program in the sandbox prevents it from reaching out and doing damage. Switching to the SafeZone desktop is almost the opposite; it keeps other processes from reaching in to your protected session.

A hardened, Chrome-based browser launches when you switch to SafeZone. By default, avast! automatically offers to make the switch when you visit a known banking or shopping site. You also set it to use SafeZone for any arbitrary site, and you can run other trusted applications inside the SafeZone. If you try to run an app that’s not digitally signed or that’s otherwise suspicious, you’ll be advised to refrain.

The appearance of the SafeZone desktop has changed radically since the previous edition. Its background used to look like dark, industrial metal; now it’s a stylized orange mountain range. Focus groups showed that the concept of switching desktops confused some users, so now you switch simply by minimizing SafeZone. You can also opt to switch using a hotkey combination.

When you switch away from SafeZone and then switch back, all of you running protected apps come back with it. If you close SafeZone, the apps get closed. And at any time you can dig into the settings and wipe SafeZone back to its default configuration, eliminating all changes.

The SafePay browser in Bitdefender Internet Security (2014) is similar, but it’s very specifically a hardened browser, not a separate desktop.

Other Tools
The suite includes a page for avast!’s SecureLine VPN, but actually using it requires a separate purchase. In a similar fashion, there’s a page for AccessAnywhere remote control, but it will only connect to computers using avast!’s Premier security suite. I’ll cover that feature when I review Premier.

More useful is the My Devices page. Once you connect to your online avast! account, you get a list of all your avast! installations, with an icon reflecting security status. You can dig in for more info about the installation, and even view statistics on recent security activity. As with Norton, if there is a problem you’ll have to correct it at the problem system, not remotely.

Tiny Performance Hit
Most modern security suites impose only a minor slowdown on everyday activities. Some, like avast!, have hardly any measurable effect. I measure the performance hit using a number of simple scripts; avast!’s results were great.

It’s not uncommon to find that booting a protected system takes a bit longer, due to the need for security services to load. However, averaging 100 tests with no suite and 100 with avast! installed, I couldn’t measure any slowdown at all. That’s darn good, considering the average for current suites is a 25 percent drag.

Avast! also had very little effect on the time required to run a script that moves and copies a massive compilation of large files. With avast!’s real-time protection active, the script took just 2 percent longer.

Interestingly, another script that zips and unzips those same files took 14 percent longer with avast! active than with no suite. That’s not bad; it’s precisely the average for current suites. Based on my tests, I’d say you won’t be able to notice any performance impact from avast! For more on how I test suite performance, please read How We Test Security Suites for Performance.

avast! Internet Security 2014 performance chart

A Nice Choice
As long as you don’t need parental control, avast! Internet Security 2014 can be a good choice for your security suite. With a smart (and now tougher) firewall and advanced features like sandbox virtualization and SafeZone secure desktop, it may appeal in particular to power users. However, the spam filter missed a bunch, as did the antiphishing component, and the behavior-based malware blocking can be hard on valid programs.

Avast! gets good marks from the independent labs, but Bitdefender Internet Security (2014) scores even better, and its antispam and antiphishing features are strong. It also offers bonus features similar to avast!’s. Editors’ Choice Norton Internet Security (2014) pioneered the “smart firewall” no-hassle style now displayed by avast! For most users, one of these two security suites will be an even better choice.

Parental Control: n/a

The independent test labs give avast! Internet Security 2014 high marks. Power users will especially like its sandbox virtualization and SafeZone hardened desktop. Just watch out for its over-aggressive behavior blocker, which quarantined valid programs during testing.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc