BullGuard Internet Security (2014) review

BullGuard Internet Security (2014) has a really sharp backup system, and the independent antivirus labs like it a lot. However, not all of its components are top-notch. You'll do better with one of our Editors' Choice suites.
Photo of BullGuard Internet Security (2014)

There’s a strong trend in the security suite industry toward making products as simple as possible. With last year’s suite, BullGuard may have gone a bit overboard; the suite’s main window was mostly white space, with just three big buttons. BullGuard Internet Security (2014) ($39.95 per year direct; $59.95 for three licenses) presents the user with more information and choices, while retaining a refreshing simplicity. In addition to the expected suite components, it offers powerful backup and tuneup components.

The main window displays the same seven panels found in BullGuard’s standalone antivirus, but in that product only the Antivirus and Spamfilter panels were enabled. The suite also enables Firewall, Backup, Vulnerabilities, PC Tune Up, and Parental Control. As with the antivirus, one button is only half-displayed, to make it clear you can slide the contents of the main window back and forth.

Just about all your everyday security activities take place right in the main window. When you launch any kind of scan, the progress bar appears in the corresponding panel. Each panel has a pull-down menu of possible actions rather than a separate page or tab.

The settings window is likewise simple. In its default Basic mode, it offers little more than on/off switches for the suite’s components. Switching to Advanced mode allows more fine-grained control. And reports from parental control and all types of scans are listed in a single Reports window.

Good Ratings from the Labs
The independent labs that include BullGuard among their tested products rate it from good to very good in most areas. BullGuard doesn’t participate in testing by ICSA Labs or West Coast Labs, but Virus Bulletin included it in 10 of the last twelve tests and awarded it VB100 certification for malware detection every time.

AV-Comparatives runs two kinds of malware detection tests, one using up-to-date malware signatures and one that forces products to use old signatures. The latter is meant to measure a product’s ability to detect zero-day threats. BullGuard earned ADANCED+, the top rating, in both. In a separate test specifically aimed at measuring how thoroughly each antivirus removes detected threats, it rated ADVANCED.

In another test, AV-Comparatives researches gather the newest malicious URLs every day and test how well each product manages to prevent malware infestation. This process goes on continually, with full reporting of results every few months. BullGuard earned ADVANCED in this test as well. AV-Test gave it 5.5 of 6.0 possible points for malware protection as well.

False positives—valid programs identified as malware—can be a serious problem. Virus Bulletin withholds VB100 certification if a product exhibits even one FP; BullGuard’s score shows it had no FPs in that test. It also didn’t generate FPs in any of the AV-Comparatives tests. AV-Test discovered some very minor false reportage by BullGuard but still gave it 5.5 of 6.0 possible points for usability.

Both AV-Test and AV-Comparatives run tests to measure a product’s effect on system performance. BullGuard took 4.0 of 6.0 possible points from AV-Test and got an ADVANCED rating from AV-Comparatives. Taken all together, its test results merit four stars in my view. For a full explanation of how I synthesize the various lab reports in to the ratings shown in the chart below, see How We Interpret Antivirus Lab Tests.

BullGuard Internet Security (2014) lab tests chart

Average Antivirus
The antivirus component in this suite is exactly the same as BullGuard Antivirus (2014). Do please read that review for full details.

When tested with my pre-downloaded collection of malware samples, BullGuard detected 94 percent of them, the same as FortiClient 5.0 and F-Secure Anti-Virus 2014. FortiClient and F-Secure both earned 9.4 points, tying with several others for top score among products tested using the current sample set. BullGuard’s lower score of 8.9 points reflects the fact that several of the malware samples managed to install executable files despite its attempts at blocking.

I also tested the antivirus by attempting to download 100 malware samples from newly-reported malicious URLs. I only recently made arrangements with MRG-Effitas to receive the necessary feed of malicious links, so just six products have been through this test. BullGuard blocked just 10 percent of the URLs, but managed to wipe out another 20 percent during download. Its overall detection rate of 30 percent is second-lowest among those tested. With 79 percent, avast! Internet Security 2014 has the best detection rate. The chart below reflects both tests. For more detail on my testing methods, see How We Test Malware Blocking.

BullGuard Internet Security (2014) malware blocking chart

If you’re installing antivirus in order to clean up malware that’s already present, you may find that the malware fights back. BullGuard’s bootable Linux rescue CD and online scanner can help when malware prevents installation or interferes with scanning. Tech support has access to a variety of diagnostic tools; if necessary, a support agent can perform remote-control diagnosis and remediation.

Better Phishing Protection
The antiphishing component is also identical to what’s found in the standalone antivirus. BullGuard’s detection rate came in 12 percentage points behind Norton’s, but that’s actually pretty good. Three quarters of recently-tested products came in worse than BullGuard. Very few do better than Norton, though Bitdefender Total Security (2014) and Kaspersky PURE 3.0 Total Security both managed to beat Norton by three percentage points.

For a detailed explanation of where I find the freshest phishing URLs and how I conduct this test, see How We Test Antiphishing.

BullGuard Internet Security (2014) antiphishing chart

Slow but Steady Spam Filter
The spam filter also comes with BullGuard’s standalone antivirus, so please refer to that review for full details. BullGuard supports a number of email clients and automatically flags those it finds on your system. You just choose the one you use and tell it where to put the spam.

In testing, I found that its processing of incoming mail lagged way behind the incoming email stream. It downloaded 5,000-odd messages in 90 minutes, but the spam filtering took another 3.5 hours. On the plus side, it did a pretty good job, missing just 4.3 percent of spam, though it did discard 1.2 percent of valid personal mail.

The article How We Test Antispam explains just how I go about testing antispam accuracy.

BullGuard Internet Security (2014) antispam chart

Old-School Firewall
Like every decent third-party firewall, BullGuard managed to stealth all ports on my test system. It resisted all port scans and other Web-based attacks.

When I attacked the test system using 30-odd exploits generated by the Core IMPACT penetration tool, BullGuard blocked almost 75 percent of them, just slightly less than avast! did. None of the exploits managed to compromise system security. Note, though, thatNorton 360 (2014) blocked every single one.

BullGuard’s program control component automatically creates firewall rules for known programs. If it detects an unknown program attempting network or Internet access, it pops up and asks you, the user, to decide whether it should allow or block access. I’m not a huge fan of this old-school approach. I much prefer products like Norton, Kaspersky, and avast! that handle those decisions internally. Most users just aren’t qualified to answer the popup!

Leak test programs try to evade program control by manipulating trusted programs, using the same techniques found in actual malware. I tried a dozen leak test utilities; ten completely evaded BullGuard. It caught one other, meaning it asked me what to do.

However, the last one caused a big problem. Instead of blocking the leak test, BullGuard defined a rule to block the program it had subverted—Internet Explorer. I had to dig into the advanced firewall settings to find and delete the rule it created. I’m not sure the average user would have realized what happened.

Clearly the firewall component does some things well, but I’m not pleased with its retro ask-the-user program control. At least it won’t fall victim to direct attack by malware. Its processes are protected against termination from outside and its services can’t be stopped. I thought for a moment that it might be vulnerable to an attack based on setting each service’s startup type to disabled, but I noticed that within second it reversed my changes.

Porous Parental Control
Other than the updated user interface, the parental control component seems exactly the same as what I saw in BullGuard Internet Security 2013. That’s a shame, because there was definitely a lot of room for improvement.

At least BullGuard offers per-user configuration settings—parental control settings in FortiClent and Ad-Aware Total  Security 11 affect all users. For each user you can choose a predefined age-based profile or make your own choices from two dozen possibly-inappropriate categories organized into four groups.

The content filter can block inappropriate sites even when they use a secure HTTPS connection, so your teenage hacker won’t be able to evade control by using a secure anonymizing proxy. However, BullGuard is among the few parental control systems that can be disabled using a simple three-word network command. Avira Ultimate Protection Suite (2014) and avast! are the only others I’ve checked recently that cave to this attack.

Parents can set a weekly schedule for when each child is allowed to use the computer or the Internet. The default settings are pretty strict—just a few hours each afternoon and a couple more on the weekend. In addition to saying when access is permitted, you can define a daily maximum for Internet or computer use. Note, though, that resetting the system clock will totally fool the scheduler.

Content filtering and Internet scheduling are the most basic parental control components, and some suites stop right there. BullGuard goes a bit further. It can block a dozen chat-related programs, including basic IM clients, aggregators like Trillian, and Skype. There’s also an option to block using Tor for anonymous Web surfing. Parents can add any program at all to the blocking list, and the kids can’t fool it by copying or renaming the banned program.

Kids sharing too much personal information over the Internet? Privacy control can keep them from transmitting user-defined confidential data. Do note that the data you enter gets stored unencrypted in the Registry; not very wise in BullGuard’s part.

While BullGuard’s parental control is better than some, its content filtering and time scheduling components are both easily disabled. It’s true that giving each child a Standard / Limited account would prevent both hacks, but many parents find that inconvenient. If you truly need parental control, consider a powerful standalone product like Editors’ Choice AVG Family Safety.

Vulnerability Scan
When BullGuard launches, one of its seven main panels is only half-displayed. Scroll over to bring the Vulnerabilities button into view. By default, it runs automatically once a week; of course, you can manually launch it whenever you want. A similar feature in avast! runs in the background when the system is idle.

The vulnerability report identifies each found problem and rates its severity. You can click one link to view a bit more detail, or click another to download the update. Whether you use avast!, BullGuard, McAfee Internet Security 2014, or another suite that includes scanning for vulnerabilities, you should be very sure to act on the scanner’s findings.

Easy, Flexible Backup
Your BullGuard subscription comes with 5GB of hosted online backup. Right-click any file or folder, choose Add to backup, and you’re done. Files will be automatically backed up to the BullGuard Online Drive any time they change. Adding new files to a backed-up folder makes them part of the backup set. By default, deleting a backed-up file also deletes it from the backup set; you can change that if you wish.

Backed-up files display a green icon overlay in Windows Explorer. You can also open the BullGuard Online Drive directly to view your files. For a quick and easy file restore, just drag a file out of the online drive.

You can also share a link to any backed-up file with friends. By default the link expires in one day, but of course you can change that. If sending by email is fine, just enter the addresses of the recipients. If you’ll be sharing some other way, BullGuard will just present you with a link.

But wait; there’s more! When you switch to advanced settings for backup, you’ll find that you can create any number of backup profiles. For each profile you start by choosing what to back up. Interestingly, this option includes backing up email messages in supported email clients, and you can even pick and choose which email folders to include.

In addition to online backup, you can choose a local, remote, or removable drive as backup destination. In that case, you’ll also choose whether to set a backup schedule or just launch it manually; continuous backup for changed files is only available if you’ve chosen to back up online.

One last page offers a few configuration settings. You can choose not to sync the backup, meaning that files you delete locally won’t be deleted from the backup. You can compress or encrypt your backed-up files; note, though, that this will eliminate your ability to browse the BullGuard Online Drive directly. Finally, you can tell it to retain multiple versions of backed-up files.

I really like this dual basic and advanced backup system. Any Joe can easily mark important files for backup, and even make use of the file sharing feature. Those with more skill can fine-tune the process and optionally choose local backup. Nice!

System Tuneup
Some of the PC Tune Up component’s abilities aren’t obvious until you actually launch it. By default, it clears browser caches, wipes unnecessary files, and defragments the Registry. You can also set it to clean up the Downloads folder, empty the Recycle Bin, and delete broken Registry entries.

When the scan finishes, you can view a report of what it did. This isn’t a detailed report; it will, for example, tell you how many browser-related files it deleted, but not what those files were.

Some cleanup tasks require user interaction. BullGuard will wait for permission before wiping out broken Registry items, for example. You’ll also find a link to the startup manager here. Like the similar feature in Norton, Avira, and G Data TotalSecurity 2014 the startup manager lets you reversibly disable any startup item, or set it to launch after a delay.

Another link brings up a list of optional Windows services. Normally I’m against inviting users to meddle with services, but BullGuard offers a very specific description of what each one does. For example, “You can set the startup type to Disabled if there is only one user account on this computer and it has administrative rights.” That’s rather well done!

Tiny Impact on System Performance
I’m seeing more and more suites whose overall score in my performance impact test is in the single digits. BullGuard is yet another, with 6 percent overall, just behind avast!, Ad-Aware, AVG Internet Security 2014, and F-Secure, all of which averaged 5 percent. (With an average of just 3 percent slowdown, Webroot SecureAnywhere Internet Security Complete (2014) wins the lightweight prize.)

The real-time protection components of some security products can slow file operations, especially if they don’t optimize to avoid unnecessary scanning. Not BullGuard. It had no measurable impact on the time required to run a script that moves and copies many huge files between drives.

Another script that repeatedly zips and unzips those files took just 4 percent longer with BullGuard installed than with no suite. The average slowdown for current suites in this test is 14 percent.

BullGuard had a larger impact on my boot time test, which measures the time from the start of the boot process until the system is ready to use. Averaging 100 runs with no suite and 100 runs with BullGuard, I found it took 14 percent longer. That’s well below the average of 25 percent, and in any case, you probably reboot your system once a day, at most.

As I mentioned earlier, the spam filter did substantially slow the process of getting new email. It took over four times as long to download and process emails with BullGuard filtering them for spam. This isn’t one of my specific tests, but it’s worth mentioning.

Good Points, Bad Points
The addition of backup and tuneup features on top of the usual suite components makes BullGuard what I call a “mega-suite.” The backup component in particular does a great job appealing to users with and without tech skills. The firewall did a nice job blocking exploits, and the spam filter proved more accurate than many.

On the downside, the firewall’s program control relies on the unqualified user to make essential security decisions, the spam filter is tremendously slow, and a clever teen could disable parental control. This suite isn’t bad, but I’d suggest you choose one of our Editors’ Choice mega-suites instead. Webroot SecureAnywhere Internet Security Complete (2014) is the smallest of these, omitting spam filtering and parental control. Bitdefender Total Security (2014) is the most comprehensive; it has just about everything. Norton 360 (2014) falls in the middle. 

Sub-ratings:
Firewall:
Antivirus:
Performance:
Antispam:
Privacy:
Parental Control:


Verdict
BullGuard Internet Security (2014) has a really sharp backup system, and the independent antivirus labs like it a lot. However, not all of its components are top-notch. You'll do better with one of our Editors' Choice suites.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc