Go to Finnish security giant F-Secure for a security suite and you’ll get all expected components without a plethora of “bonus features.” If that sounds attractive, F-Secure Internet Security 2013 ($59.99 direct for three licenses) may suit your needs. Independent labs praise its antivirus component. However, its other components don’t all meet that same high standard.
Clicking F-Secure’s tray icon brings up a small “launch pad” on the desktop. From here you can start the main security suite or the parental control component, or open F-Secure’s website online. Three panels dominate the main window of the security suite proper: Status, Tools, and Statistics. Clicking the Status panel opens a page showing overall status for the security components. From the Tools page you can launch scans, check on quarantined files, configure the firewall, and more. Finally the Statistics page offers a simple chart of recent activities.
While this interface closely resembles that of last year’s edition, there have actually been a lot of changes. The designers closely examined all configuration settings, eliminating any that a normal user just wouldn’t need to change, and also reworked all messages and notifications to avoid jargon and use clear language.
This suite’s antivirus protection is the same as what you get with F-Secure Anti-Virus 2013, so do please read that review for full details. I’ll summarize here.
F-Secure scores extremely well with the independent antivirus testing labs. In the on-demand, proactive, and real-world tests by AV-Comparatives, F-Secure received an ADVANCED+ rating, the highest possible rating.
To get antivirus certification from AV-Test a product must earn a total of 11 points, with a maximum possible score of 18 points. F-Secure earned 16.5 points in a recent test, an impressive score. Only Bitdefender Internet Security 2013 and Kaspersky Internet Security (2013) have done better recently. The article How We Interpret Antivirus Lab Tests goes into more detail about the lab tests that I follow.
F-Secure Internet Security 2013 lab tests chart
In my own malware cleanup test, F-Secure didn’t perform nearly at the level these labs scores would suggest. It detected 68 percent of the malware samples and earned 5.5 point for malware cleanup. With 6.6 points, Webroot SecureAnywhere Complete 2013 and Norton Internet Security (2013) tied for first place in that test.
To learn more about how I test malware removal, see How We Test Malware Removal.
F-Secure Internet Security 2013 malware removal chart
Like most security products, F-Secure scored better at blocking new malware attacks than at cleaning up an existing infestation. Using a combination of real-time scanning and behavior-based DeepGuard protection, it detected 95 percent of the samples and scored 9.3 points for protection. That’s good, but the competition is stiff. Webroot stands at the top with 100 percent detection and 9.9 of 10 possible points for blocking new malware attacks. For more details on how I come up with these scores, see How We Test Malware Blocking.
F-Secure Internet Security 2013 malware blocking chart
F-Secure’s suite adds protection against harmful websites that’s not found in the standalone antivirus. When I tried to download my malware collection again, the suite blocked 90 percent of the still-functional malware URLs. That’s quite good, though Norton and Trend Micro Titanium Internet Security 2013 managed to block 100 percent.
In addition to blocking URLs that host malicious files, browser protection also aims to block sites that try to steal security credentials by masquerading as banks, financial sites, or even online gaming sites. F-Secure wasn’t nearly as successful at blocking phishing sites.
I tested F-Secure’s ability to identify and block actual frauds using large collection of suspected phishing URLs. Its detection rate for verified fraudulent sites was 44 percentage points lower than what Norton, the consistent antiphishing champion, detected. It was also 11 percentage points lower than the detection rate for Internet Explorer 8′s SmartScreen Filter.
Few recent security products have managed to outscore IE8 in this test, and phishing protection in IE9 and IE10 is even better. It won’t do any harm to let F-Secure’s browser protection have a go at blocking phishing sites, but don’t turn off SmartScreen Filter. The article How We Test Antiphishing tells how I find fraudulent sites and perform this test.
F-Secure Internet Security 2013 antiphishing chart
F-Secure’s firewall has been streamlined a bit since the previous edition. By default it keeps Windows Firewall turned on, for help with blocking intruders. Indeed, in my tests this team stealthed all ports and resisted all Web-based attacks.
F-Secure allows Internet access for any program identified as trusted by DeepGuard. If an untrusted program attempts access, DeepGuard asks you to decide whether it should be permitted.
One way malware writers try to get around this type of protection involves making an Internet connection by manipulating a trusted program. Leak test programs demonstrate variations on this technique without actually doing anything malicious. In testing, not one of my leak test samples managed to slip past DeepGuard.
On the other hand, a malware writer with a grudge against F-Secure could completely take down its protection by writing code to find and stop the suite’s services. The best security suites protect their processes and services against this kind of attack.
F-Secure’s firewall now does a better job handling exploit attacks on system vulnerabilities. It explicitly identifies exploits and blocks download of their executable payloads. When I attacked it with thirty-odd exploits generated by Core IMPACT, it caught more than two-thirds of them. That’s good, but Norton blocked all thirty at the network level; none of them even got close to dropping a payload.
The F-Secure firewall is okay, and because DeepGuard “knows” a lot of programs it probably won’t pester you with firewall popups. It remains vulnerable to a service-based attack, though.
Glitchy Spam Filtering
I had a heck of a time testing F-Secure’s spam filtering component; it just didn’t work correctly. The diagnostic files I shared with F-Secure support over a period of several days allowed them to identify a problem with the product that manifested only in certain configurations. Naturally my test system’s configuration was one such, but they did solve the problem.
A different glitch in the spam filter for last year’s F-Secure suite caused my download speed to drop from well over 100 messages per minute to below four messages per minute. Tech support couldn’t reproduce that one; I wrote it off as a fluke.
Some spam filters present the user with a plethora of choices. You can tweak tolerance thresholds, block spam in specific languages or from specific countries, train the filter using your own messages, and more. F-Secure just has a simple on/off switch, which is probably better for most users.
In a test using thousands of valid and spam messages from a real-world account, F-Secure didn’t block a single valid personal message and blocked less than one percent of newsletters and other valid bulk mail. That’s a good start—a spam filter than throws away valid messages can cause big problems.
Unfortunately, F-Secure allowed more than 42 percent of undeniable spam to pollute the test system’s Inbox. By comparison, Norton didn’t block any valid mail at all and only missed 5.3 percent of the spam. If you need a local program to filter spam from your email account, don’t rely on F-Secure. Consider instead the free Cloudmark DesktopOne Basic 1.2, which also blocked no valid mail and missed just 2.6 percent of spam.
For an explanation of how I measure antispam accuracy, read How We Test Antispam.
F-Secure Internet Security 2013 antispam chart
Basic Parental Control
The parental control component hasn’t changed much since last year, which is too bad. To configure it, you launch the Online Safety console from the launchpad. For each Windows user account you can enable Web content filtering and time limitations, with per-user configuration. Browsing protection against actively dangerous sites appears here, too. It’s turned on by default, while the other two components are not.
The Web content filter will block sites matching any of seven definitely bad and six possibly unwanted categories. It has the unusual ability to block inappropriate secure (HTTPS) sites, though it can’t display its standard blocking message for these. A weekly grid lets parents define which hours of each day the child is allowed Internet access, with an optional maximum for weekdays and weekends.
Unlike most parental control systems, F-Secure’s isn’t fully browser independent. It specifically supports Internet Explorer, Firefox, and Chrome, and it’s supposed to block all access for any browser that it can’t control. However, in testing I found that feature still doesn’t work under Windows XP. Using an unsupported browser allowed me to completely evade the parental control system.
If you’re one of those parents who sets up the kids with Administrator accounts, this parental control system is completely ineffective. Anyone with Administrator privilege can simply turn off parental control. On the flip side, if you follow F-Secure’s advice and assign the children Limited/Standard accounts, they won’t be able to install an unsupported browser.
Users who really want and need parental control shouldn’t rely on F-Secure for it. You’ll be better off with a dedicated parental control product like Editors’ Choice AVG Family Safety.
Little System Slowdown
Perhaps because it sticks to the essentials and eschews needless proliferation of features, F-Secure doesn’t have a big effect on system performance. While it didn’t receive an ADVANCED+ rating in a recent performance test by AV-Comparatives, it had the best score of all those rated ADVANCED.
My own performance testing showed little impact on performance. A script that moves and copies many large files between drives took 18 percent longer with F-Secure on the job. The current average for that test is 20 percent, and F-Secure’s impact on all of my other performance tests was lighter, too. For example, another script that zips and unzips the same collection of files took just 10 percent longer under F-Secure.
Systems like F-Secure’s browser protection have potential to slow down the browsing experience, but my script that times loading of 100 websites ran just 7 percent slower. And the boot-time test, which measures the time from the start of the boot process until the system is ready for use, took just 1 percent longer with F-Secure installed. Naturally, I run all these test multiple times and average the results. For a full description of my performance tests, see How We Test Security Suites for Performance.
F-Secure Internet Security 2013 performance chart
Not the Best
The independent labs love F-Secure’s antivirus protection, though it didn’t fare as well in my own hands-on tests. Its firewall minimizes program control popups by relying on DeepGuard behavior monitoring technology, and it’s good at catching leak tests and exploits. However, spam filtering, phishing protection, and parental control are all sub-par.
For a full-scale traditional security suite you’ll do better with Norton Internet Security (2013) or Norton 360 (2013) . If you’d a tiny suite with big protection, including backup and password management, consider Webroot SecureAnywhere Complete 2013. PCMag considers all three worthy of the title Editors’ Choice.
More Security suite reviews:
|Tech Support||Online search support, phone and 24/7 online chat support .|
|OS Compatibility||Windows Vista, Windows XP, Windows 7|
|Type||Business, Personal, Professional|
Copyright © 2012 Ziff Davis, Inc