BullGuard Internet Security 2013 review

The main window for BullGuard Internet Security 2013 sticks to the basics; scan the system, check status, and manage backup, with a dashboard for other features. The antivirus component performed well in testing, other components not so much. While it's a definite improvement over the previous edition, this suite still needs work.
Photo of BullGuard Internet Security 2013

Some security suite vendors try to impress customers with their sheer quantity of protective activities and events, jamming as much as possible into the main window. BullGuard Internet Security 2013 belongs in the opposite camp. Its main window focuses on three big buttons that let you check security status, launch scans, and launch backups. At $59.95 for three licenses, it costs less than most current suites, but the quality of its components varies.

A small number on the status button lets you know how many new status messages await you. Click the button for a detailed list. Any status items that require an action on your part come with a button to trigger that action. Opening the dashboard window gets you full access to program features beyond backup and scanning.

Above-Average Antivirus
Antivirus protection in this suite is exactly the same as what you get from BullGuard Antivirus 2013. Please refer to that review for complete details; I’ll summarize my testing here.

Getting BullGuard installed on my twelve malware-infested systems was something of an ordeal. In some cases tech support asked for logs and supplied tools to fix installation problems. Other systems required hours of remote-control diagnosis and repair by support agents. I was impressed by their skill and persistence, but I would have been happier had the product simply installed with no drama.

With installation trauma out of the way, BullGuard’s full scan detected 76 percent of my malware samples and scored 6.1 points for malware cleanup. That’s better than the average of 5.5 points, and just a half-point behind tied top-scorers Webroot SecureAnywhere Complete 2013 and Norton Internet Security (2013) .

Over 40 percent of products tested with my current malware collection detected 100 percent of the samples that try to hide using rootkit technology. With 9.4 points, Kaspersky Internet Security (2013) scored highest against rootkits. BullGuard only detected 80 percent, but its score of 6.4 points for rootkit removal is still a hair above average.

The article How We Test Malware Removal explains how I conduct malware removal tests.

BullGuard Internet Security 2013 malware removal chart

BullGuard’s performance in my malware blocking test was quite impressive. Along with Daily Safety Check Home Edition and SecureIT Plus, BullGuard detected 97 percent of the samples. BullGuard scored 9.6 points, in between SecureIT’s 9.7 and Daily Safety Check’s 9.4. Only Webroot, with 9.9 points, scored higher. For an explanation of my malware blocking test, see How We Test Malware Blocking.

BullGuard Internet Security 2013 malware blocking chart

BullGuard also gets good scores in tests by major independent labs. In two kinds of file detection tests by AV-Comparatives it rated ADVANCED+, the top rating. In a dynamic test by the same lab, BullGuard rated ADVANCED. It also received the VB100 award in all of the ten most recent tests by Virus Bulletin, and it received antivirus certification under both XP and Windows 7 from AV-Test.

To learn more about the independent labs and their tests, please read How We Interpret Antivirus Lab Tests.

BullGuard Internet Security 2013 lab tests chart

Other Shared Features
Where most vendors reserve spam filtering as a suite feature, BullGuard includes it with the standalone antivirus product. Unfortunately, it didn’t perform very well in testing. Only 8.2 percent of undeniable spam slipped past the filter, which isn’t too bad. But the spam filter erroneously threw out nearly 16 percent of valid personal mail and 28 percent of newsletters and other valid bulk mail.

The spam configuration wizard did ask me to supply a folder full of valid mail and another folder full of spam for training purposes. However, I skipped that step since I figure most users will skip it. Training might have improved the filter’s accuracy, but other products manage to avoid discarding valid mail without any training at all, among them Bitdefender Total Security 2013 and Norton.

For an explanation of my antispam accuracy test, read How We Test Antispam.

BullGuard Internet Security 2013 antispam chart

BullGuard’s antiphishing component, also shared with the standalone antivirus, gave a more impressive performance than the antispam. Fewer than one in three recent products have managed to outperform Internet Explorer’s Smart Screen Filter in this test. BullGuard is among that group, but just barely, with a detection rate one percentage point better than IE’s. Norton is the consistent antiphishing champion; BullGuard lagged Norton’s detection rate by 26 percent. Given that the average among recent products is 50 percentage points behind Norton, BullGuard’s score is not bad.

The article How We Test Antiphishing explains exactly how I obtain very new fraudulent URLs and calculate these scores.

BullGuard Internet Security 2013 antiphishing chart

Standard Firewall
BullGuard’s firewall correctly stealthed all of my test system’s ports and resisted all port scans and Web-based attacks. That’s good, but the built-in Windows Firewall can handle that task.

BullGuard automatically configures Internet and network access for known good programs. If it doesn’t recognize the program that’s attempting access, it asks you to make the decision whether or not to allow it. Be sure to check the box so it will remember your decision, or you’ll have to decide again and again. It’s up to you whether you want to submit the unknown program to BullGuard for analysis; if not, un-check that box.

Advanced firewalls like Norton’s and Kaspersky’s handle program control internally. They automatically configure permission for known good programs and eliminate known bad programs. For unknown programs they limit access and monitor activity.

I launched a dozen leak test programs, tools that use the same tricks malicious programs do in order to circumvent standard program control. BullGuard’s firewall blocked exactly one, and it realtime protection reported one other as suspicious. Given that it also reported all of my in-house testing tools as suspicious I can’t give it a lot of credit for that. In this same test, F-Secure Internet Security 2013 detected every single attempt to evade program control.

Normally I would test the firewall’s defenses against exploits by attacking it across the virtual network using the Core IMPACT penetration tool. However, BullGuard blocked access between the two virtual machines, making this test impossible. Even with the firewall turned off, the connection failed. In this same test, last year’s BullGuard suite blocked about a third of the exploits.

Last year BullGuard was seriously vulnerable to direct attack. I easily disabled it by turning it off using Registry settings and by disabling its core services. The 2013 edition is somewhat improved. It immediately re-enabled any services I disabled, and I couldn’t turn off antivirus or firewall protection by tweaking the Registry. The program’s Registry settings are still unprotected, though, and I managed to turn off other less central features.

Porous Parental Control
The parental control system goes just a bit beyond the basics. Besides content filtering and Internet time scheduling, it can schedule overall computer use, block IM communication, and prevent use of specific programs. It does have a few problems, though.

Parents configure the system separately for each Windows user account. The content filtering component includes 24 categories of potentially inappropriate content, arranged in four major groups. Parents can choose by group, pick individual categories, or select one of three predefined age-based profiles.

If you choose an account with Administrator privilege, you’ll get a warning that parental controls should be used only on Standard / Limited accounts. Many parents give the kids Administrator privilege just to avoid the hassle of stepping in for every game installation. Those kids will easily wipe out BullGuard’s parental control. A simple three word network command disables it, for example.

Parents can choose to limit either Internet use or overall computer use to times specified on a full-week grid in one-hour increments. There’s also an option to set a cap for each day of the week. Here again, a child whose account has Administrator privilege can fool the scheduler by resetting the system clock.

By default, BullGuard blocks access to a number of popular instant messaging solutions, including general Web-based chat. My contacts at the company confirmed that this feature affects the protocol, not just the specific IM client, so the kids couldn’t get around it by using an IM aggregator like Trillian.

There’s also an option to block access to any parent-specified program. I tested this one out and verified that you can’t fool the system by moving or renaming the blocked program. Parents can also set the system to block transmission of too-personal information, like home address and phone number.

Even for a child who has a Limited account, the parental control system has some serious holes. It doesn’t try to block anonymizing proxy sites, so any child who finds one of these can go anywhere on the Web without being blocked or monitored. I thought at first that it doesn’t block secure HTTPS sites, because I had no trouble finding secure pages displaying unclad young ladies and bared breasts. Eventually I did see it block a secure Twitter page.

If you truly need parental control, go get a standalone parental control system like PCMag Editors’ Choice AVG Family Safety. BullGuard does do more than some suite parental control components, but its inability to handle Administrator accounts, spotty filtering of HTTPS sites, and lack of a blocking category for anonymizing proxies limit its usefulness.

Performance Enhancement
Many modern security suites include what they call Game Mode. Any time a full-screen application is running, the suite suppresses popup notifications and postpones scans and other background tasks. BullGuard takes a different approach, engaging Game Mode when it detects specific programs running. It comes with 30 predefined profiles, and you can add your own. Each profile offers fine-tuned configuration of just what security actions will and won’t occur while the game is running.

When you launch the PC Tune Up scanner, BullGuard checks your computer for a variety of possible performance slowdowns. It will locate useless temporary files and broken Registry items, report whether you need to defragment the Registry, and identify a number of other settings that could enhance performance. You can click for details in each category or just proceed with cleanup.

BullGuard also offers a startup manager that lets you reversibly disable programs that launch at startup. It’s not quite as fancy as Norton’s startup manager, which reports the prevalence and resource usage for each startup item and lets you delay startup for some items.

Multi-Target Backup
Backup is an important part of this suite, as evidenced by the big Backup button on the home screen. A handy wizard walks you through the steps of configuring a backup job.

The first step is to choose what files you’ll back up. BullGuard comes pre-configured with profiles for documents, photos, music, videos, and several types of email, as well as a profile for the desktop. Initially you’ll find all of these checked except for email clients that aren’t present.

You can configure one custom profile of other files and folders. First you select one or more folders, then specify any filters. For example, you can skip backing up files over a certain size, or files that haven’t changed in a long time. You can also skip specific file types, or include only specific file types.

With your backup files chosen, the next step is to choose a backup location. You can back up to any local, network, or removable drive, or back up to writeable CD/DVD. However, your best choice is probably the 5GB of hosted online backup that comes with your BullGuard subscription. The BullGuard Online Drive appears in Windows Explorer, so it’s easy to review what’s backed up. You can also log in to your online backup sets from any Internet-equipped computer.

By default, BullGuard only runs the backup job when you launch it manually. You can a daily, weekly, or monthly schedule, or set it to run whenever the computer is idle. There’s also an option to backup whenever files change. I tried that one, but had to turn it off due to the almost continuous stream of popups reporting that it had checked on this or that profile.

As the final step, you can choose whether to encrypt, compress, or synchronize your backup. That last choice simply means that if you delete a file locally it will be deleted from the backup set as well. You can also choose to keep previous versions of files for a specified time (a month, by default).

As noted, you can restore files by copy/pasting them from the Online Drive. There’s also a wizard to help you locate and restore specific files or folders.

BullGuard’s backup system doesn’t offer the elaborate file syncing options that you get with Webroot, nor the ability to securely share backed-up files like Trend Micro Titanium Maximum Security 2013 . However, it does let you back up to local and network locations, if that’s what you need.

Minor Performance Hit
Last year’s BullGuard suite bombed my performance tests, with significantly higher than average impact in all of the tests. I’m happy to say that’s not the case with the 2013 edition. I measured the time from start of the boot process until the system was ready for use 100 times with no suite and 100 times with BullGuard installed. On average, there was no measurable difference, which is a good start.

A script that moves and copies a large collection of large files took 17 percent longer with BullGuard watching file access. The current average slowdown for this test is 20 percent, so BullGuard looks good. Another script that zips and unzips those same files took 10 percent longer under BullGuard, also better than the average of 14 percent.

Only my browsing test still showed a performance hit. This test measures the time required to fully load 100 varied websites. With BullGuard active, this test took 30 percent longer than with no suite installed, twice the average slowdown of current suites. Even so, you might not notice any difference.

For details on how I measure security suite performance see How We Test Security Suites for Performance.

BullGuard Internet Security 2013 performance chart

Some Improvement
BullGuard’s firewall has definitely toughened up since last year. It scored better at malware cleanup, and seriously reduced its impact on performance. Its phishing protection is better than many, though still not near the best. On the other hand, its spam filter threw away a ton of valid mail, and the parental control system has some holes.

I’d still recommend sticking with one of PCMag’s Editors’ Choice security suites. Norton 360 (2013) offers backup and tuneup, like BullGuard, but unlike BullGuard all of its components are highly effective. If you don’t need spam filtering or parental control, Webroot SecureAnywhere Complete 2013 gives you all the rest, including backup and tuneup, in a very tiny package.

Sub-ratings:
Firewall:
Virus removal:
Virus blocking:
Performance:
Antispam:
Privacy:
Parental Control:

More Security suite reviews:

Specifications
Tech Support 24/7 live chat and email.
OS Compatibility Windows Vista, Windows XP, Windows 7
Type Business, Personal, Professional

Verdict
The main window for BullGuard Internet Security 2013 sticks to the basics; scan the system, check status, and manage backup, with a dashboard for other features. The antivirus component performed well in testing, other components not so much. While it's a definite improvement over the previous edition, this suite still needs work.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc