The point of getting a security suite rather than a collection of individual security components is to have all elements of your security protection working together. Kaspersky Internet Security (2014) smoothly combines antivirus, firewall, phishing protection, antispam, parental control, and more. The components all do a good job; no slackers in this bunch! Do note that “(2014)” isn’t actually part of the name, as Kaspersky has gone number-free. I include it simply to distinguish this version from others.
The product’s main window looks very, very similar to Kaspersky’s standalone antivirus. It reports basic security status and offers quick access to four important components. The real visible difference comes when you click the up-arrow at bottom right to see the full component list; now you can see that the suite does more, a lot more.
Kaspersky’s protection against viruses, spyware, Trojans, and all other types of malware is the same as what you get in the standalone Kaspersky Anti-Virus (2014), so you’ll want to read my review of that product for full details. I’ll briefly summarize my findings here.
Getting the product installed on my twelve malware-infested test system took quite a bit of back-and-forth with tech support. It stretched into several days due to time-zone differences. In the end all of the problems were solved by use of Kaspersky’s own ancillary security tools, which is good.
Kaspersky detected 81 percent of the malware samples and scored 6.1 points for removal. The best product among those tested with the same collection of samples was Bitdefender Internet Security (2014), which detected 83 percent and scored 6.6 points. For a full explanation of my hands-on malware removal test, see How We Test Malware Removal.
Kaspersky Internet Security (2014) malware removal chart
In my malware blocking test, Kaspersky scored lower than many, with 86 percent detection and 8.2 points. That’s decent, but Ad-Aware Pro Security 10.5 beat all others tested using this same sample set with 94 percent detection and an impressive 9.4 points. For details on how I perform the hands-on malware blocking test, see How We Test Malware Blocking.
Kaspersky Internet Security (2014) malware blocking chart
Kaspersky always seems to score better with the independent labs than in my hands-on test; I give it credit for those good ratings. It earned top ratings in all the tests that I track from AV-Comparatives and averaged 15.8 of 18 possible points in AV-Test’s three-fold evaluation. Only Bitdefender has earned consistenly higher scores. To learn more about the independent antivirus labs and their tests, please see How We Interpret Antivirus Lab Tests.
Kaspersky Internet Security (2014) lab tests chart
Other Shared Features
The same Web Anti-Virus technology that prevents accidental access to malware-hosting websites also serves to keep users away from fraudulent (phishing) websites. Like all truly effective antiphishing solutions, Kaspersky uses a combination of cloud-based lookup for known phishing sites and heuristic analysis of unknowns. When I tested it using extremely fresh phishing URLs, Kaspersky’s detection rate was just one percentage point behind that of consistent phishing champ Norton Internet Security (2013). For an explanation of how I locate the newest phishing URLs and perform this test, see How We Test Antiphishing.
Kaspersky Internet Security (2014) antiphishing chart
As with the standalone antivirus, Kaspersky’s suite builds tech support right into the product. Both also offer a useful collection of security-related bonus tools, including a bootable Rescue Disk, a vulnerability scanner, and tools to wipe traces of computer and Internet use.
Kaspersky’s antispam module analyzes incoming POP3 and IMAP email messages and marks spam messages by modifying the subject line. It marks suspected spam messages in the same way. The spam filter integrates with Microsoft Outlook and Outlook Express. In supported email clients it can automatically delete spam messages, or divert them to a user-specified folder. Those using other email clients can simply create a message rule to handle messages flagged as spam.
The spam filter defaults to a middle-of-the-road recommended security level. You can tweak it higher (and risk having valid mail flagged as spam) or lower (and risk letting more spam into the inbox). Most users should do as I did for testing and leave it at the recommended level. I also left all of the advanced settings at their default values.
I tested the spam filter by downloading a ton of email from a real-world spam-infested test system. Timing the process carefully, I found that the time to download 1,000 messages averaged a bit under twice as long as the time required with no spam filter. That’s not a slowdown you’d notice. After discarding those over 30 days old, I still had over 6,000 messages in my test group.
Kaspersky’s accuracy was spectacular. It didn’t discard any valid personal messages and flagged only 1.9 percent of valid bulk mail as spam. As for actual, undeniable spam messages, it missed just 2.5 percent of those, beating out Bitdefender, the previous antispam champion among security suites. Only our two Editors’ Choice antispam tools, Cloudmark DesktopOne Basic 1.2 and OnlyMyEmail Personal (2013), have done better.
To learn more about how I run my antispam accuracy test, see How We Test Antispam.
Kaspersky Internet Security (2014) antispam chart
Virtually every third-party firewall follows the lead of the built-in Windows Firewall by placing all of the system’s ports in stealth mode. For some years now, Kaspersky has marched to a different drummer. My Kaspersky contact explained that stealthing ports “essentially slows down the operation” and caused problems for some users. “You want to ports closed,” he continued. “That is where we are preventing brute force attacks.”
Indeed, when I ran my usual port scans and other Web-based attacks, none actually penetrated security. It did seem odd to me, finding all ports closed but not stealthed. However, the firewall overall is advanced enough that I tend to believe Kaspersky’s contention that stealthing the ports wouldn’t add more security.
The firewall itself is tough. Every attempt I made to disable it using techniques that could be replicated in a malicious program was met with “Access denied.” It also did a better job than most when I attacked it with 30-plus exploits generated by the Core IMPACT penetration tool. None of the exploits penetrated security, and it actively blocked over 60 percent of them, identifying many by name.
Kaspersky takes a different approach to program control than many firewall tools. Where the less-advanced firewalls query the user in order to decide which programs should have Internet access, Kaspersky uses a system of trust levels. Known good programs from their immense database get a Trusted rating and are permitted full access to resources. Known bad programs receive an Untrusted rating and can’t even launch. Unknowns are rated Low Restricted or High Restricted, depending on their behavior, with corresponding limits on access to system resources.
I saw this system in action when I tried launching a collection of leak test utilities. These utilities use the same sneaky techniques found in malware that attempts to evade program control. The antivirus component blocked one, and a couple managed to connect despite Kaspersky’s protection, but most simply failed in their attempts to connect with the Internet.
By default, the suite simply handles security events without bothering the user. I put it into Interactive mode and re-ran the leak tests; this time I got multiple very detailed reports on just what sneaky tricks the firewall detected.
I’m impressed with this firewall. It manages to fend off exploits and handle program control without bombarding the user with popup queries. Norton’s firewall accomplishes the same success in its own way; few other firewalls can boast this level of built-in intelligence.
Well-rounded Parental Control
The parental control system in this year’s Kaspersky suite looks rather different, but feature-wise it hasn’t changed a lot. It remains one of the more powerful parental control tools supplied within a security suite. Since not everyone needs parental control, this component isn’t enabled by default. Once you enable it, you must define a password to protect its settings, so the kids can’t just turn it off.
The main parental control window simply lists all Windows user accounts. An on-off switch next to each turns overall parental control on or off. Clicking the account name opens a page of detailed settings. New in this edition, you can apply predefined settings for three profiles: Default (monitor only), Child (block inappropriate sites and downloads), and Teen (block inappropriate sites). Of course you can also tune the settings yourself.
Many parental control systems let parents schedule or limit each child’s Internet access. Kaspersky takes a slightly different approach. You can set an overall schedule for computer use, either on a simple weekday/weekend system or using a full-week grid. You can also set a daily cap for computer use on weekdays and weekends, along with a separate cap for Internet use.
Parents may appreciate the unusual “Outage” feature, which forces the kids to take a break from computer use every so often. This feature makes a lot of sense, but I haven’t seen it before in a PC product.
As expected, the parental control system blocks access to inappropriate websites. Where many product simply check URLs against a database of known sites, Kaspersky actually performs real-world analysis. For example, on a short-story site it only blocked access to stories with erotic themes. Kaspersky can also apply category-based blocking to secure (HTTPS) sites, so your clever teen can’t evade monitoring by using a secure anonymizing proxy.
The product monitors which applications each child is using, along with an option to block access to specific programs or program categories. There’s also an option to block games based on their ESRB rating. ZoneAlarm Internet Security Suite 2013 and Trend Micro Titanium Internet Security 2013 are among the few other suites that offer this kind of game control.
I tested the system by blocking an innocuous program (Solitaire) and then trying various ways to get around the system. I couldn’t launch it, couldn’t copy it, couldn’t rename it… nothing I did allowed me to run the blocked program.
If your kids are still communicating with friends via instant messaging (as opposed to social media) Kaspersky will let you monitor and control their conversations. It handles all common IM services, and some uncommon ones. Parents can ban contact with specific usernames, limit access to pre-approved contacts, or filter out user-specified keywords. It will also record both sides of each IM conversation for parental review.
The main thing you won’t find in Kaspersky’s parental control is remote management and monitoring. Time-limits apply to one computer, not all computers in the house. Even so, it’s more complete than most suite-based parental control systems. Bitdefender is one of the few that does offer remote management and monitoring.
Safe Money for Safe Surfing
Introduced last year, Safe Money is specifically designed to protect your online financial transactions and other sensitive online activities. When you visit a known financial site, Kaspersky automatically offers to open that site in a browser protected by Safe Money. You can tell it to do that automatically next time, and you can apply this protection to any site you choose, even if it doesn’t offer protection automatically.
Before it even opens a website, Safe Money verifies that it isn’t a fraud, and double-checks the site’s security certificate. If your own system suffers security vulnerabilities that could put your private data at risk, it won’t continue until you fix them. Once it does launch, it protects the browser against attacks like code injection and reading data from browser memory. It also blocks key logging and screen scraping.
If you want to really, really be sure nobody can capture your password, you can enter it using the floating virtual keyboard. Even if you don’t use the virtual keyboard, Safe Money invokes a special secure keyboard driver for all fields in the protected browser and for password fields on other sites. You’ll get a visual confirmation that the secure keyboard is active when you enter a password.
Do be sure to accept all offers to open sensitive sites in the protected browser. Before allowing the connection Safe Money will verify that the site is safe, the connection is safe, and your system is safe. That’s definitely good for your peace of mind!
Small Performance Impact
When I first ran my boot time test script on Kaspersky, I thought something must be wrong. Instead of measuring how much longer it took to boot the system, I was finding the boot time about five percent less than with no suite.
I found the solution in the Performance settings. There’s a box, checked by default, that tells it to “Concede resources to operating system when the computer starts.” This does speed the boot process, but according to the settings page, “may affect the security level of your computer.” Testing again with that box turned off, for full security, I found that booting the system took 28 percent longer with Kaspersky installed, a little bit more than the average but not so bad.
Kaspersky checks websites for signs of malware and phishing, and parental control watches for inappropriate sites. Even so, my browsing script, which measures the time required to fully load 100 websites, only took 23 percent longer with Kaspersky watching. This measurement is also a little greater than the average, 18 percent, but it’s not something you’d notice.
The real-time protection component in some security programs can slow simple file manipulation activities, and this in turn can have a noticeable impact on system performance. Not Kaspersky! A script that moves and copies a big collection of huge files took only 3 percent longer with Kaspersky watching than with no suite at all, and another script that zips and unzips those same files took just 10 percent longer. Given that the average suite’s impact on those two scripts comes in at 22 percent and 16 percent, Kaspersky looks pretty good.
This suite isn’t a total lightweight, in terms of performance impact, but you shouldn’t notice any appreciable slowdown. For full details on my test scripts and testing methodology, see How We Test Security Suites for Performance.
Kaspersky Internet Security (2014) performance chart
A Good Choice
Kaspersky Internet Security (2014) offers all the security features you expect in a suite, and they all pull their weight. Its intelligent firewall won’t bombard you with queries, its spam filter is top-notch, and it detects fraudulent (phishing) sites with impressive accuracy. My own hands-on antivirus tests gave it a bit of trouble, but the independent testing labs give it a high rating.
Our Editors’ Choice security suites are Bitdefender Total Security (2014), Norton Internet Security (2013), and Webroot SecureAnywhere Complete 2013. But if for some reason you just don’t like these choices, you won’t go wrong relying on Kaspersky.
|Tech Support||Free email, IM, phone support during business hours|
|OS Compatibility||Windows Vista, Windows XP, Windows 7, Windows 8|
Copyright © 2012 Ziff Davis, Inc