Back in days of yore, computer hobbyists would lovingly assemble a collection of best-in-breed security components, picking this company’s antivirus, that company’s firewall, and so on. But who has time for that these days? Modern users want one stop shopping, an all-in-one security suite that covers the whole gamut of security needs. Norton Internet Security (2014) ($79.99 per year direct for three licenses) is a perfect example—it does everything you need, and all of its components are effective.
Just looking at the main window, the only way to tell the difference between this product and Norton’s standalone antivirus is by the window title. Both products feature big buttons to launch a scan or check for updates. Another button switches to the advanced view, which offers easy on/off control of security components as well as links to important features. If you prefer the advanced view, you can pin it in place as the default.
The main window also links to a variety of other Norton products and services. You can click to get a mobile security QR code, or download the free Norton Zone file sharing tool. Another click will take you to Norton’s online management tool. If you have a Norton Backup account you can quickly connect with it. And you can link to Norton Family, the source of this suite’s parental control protection.
This suite’s antivirus protection is exactly the same as what you get in Norton AntiVirus (2014), and the two products share a number of other features. I’ll summarize my findings here; you’ll want to read the antivirus review for full details.
Shared Antivirus Protection
Getting Norton installed on my twelve malware-infested test systems was a mixed experience. The product solved a few problems on its own; help from Norton Power Eraser and the Norton Bootable Recovery Tool solved others. But two systems ended up unbootable after malware cleanup. Getting those back to normal took hours of remote-access diagnostics and repair by tech support.
As far as independent lab testing, Symantec rejects many current test methodologies, static detection testing in particular. Norton includes layer upon layer of protection; they feel an accurate test should rate all layers. In fact, Norton earned an excellent score in the latest test by AV-Test, which includes both static and dynamic elements. The chart below summarizes recent results. For more about the labs, see How We Interpret Antivirus Lab Tests.
Norton Internet Security (2014) lab tests chart
Norton also did well in my own hands-on malware removal test. It detected 81 percent of the samples and earned 6.3 points. Of products tested using my current malware collection, only AVG AntiVirus FREE 2014 and Bitdefender Internet Security (2014) have scored higher. The article How We Test Malware Removal explains how I conduct this test and score the results.
Norton Internet Security (2014) malware removal chart
My malware blocking test relies in part on a product’s ability to recognize static malware samples; just the kind of test Norton doesn’t like. I do launch all the samples that aren’t killed on sight, but to exercise the full range of Norton protection I’d have to start from the beginning by downloading and launching each sample, and that’s not a test I can repeat on demand. Norton’s Web-based detection did block every current sample whose URL is still valid, which is a good sign. Overall, though, its score of 8.5 points for malware blocking isn’t the best. AVG and Ad-Aware Free Antivirus+ 10.5 scored best among current products, with 9.4 points each. For details on my hands-on malware blocking test, see How We Test Malware Blocking.
Norton Internet Security (2014) malware blocking chart
Other Shared Features
Norton’s Web-based protection also extends to blocking fraudulent (phishing) websites. Using a combination of blacklisting known frauds and analyzing unknowns in real time, Norton consistently earns a high detection rating. In fact, I use it as the touchstone for rating phishing protection by other products. Only two suites have scored better than Norton in recent phishing tests. Bitdefender and Kaspersky Internet Security (2014) both came in with a detection rate three percentage points higher than Norton’s. To learn more about how I collect the very newest phishing sites and test detection, see How We Test Antiphishing.
Norton Internet Security (2014) antiphishing chart
Norton’s Identity Safe password manager is installed automatically along with both the antivirus and the suite. This powerful tool captures and replays passwords and can also fill Web forms with your personal information. In addition, you can sync your data across multiple devices via your Norton account. Identity Safe is also available separately, as a free download.
The Network Map will warn if you’ve connected to an insecure wireless network. When you’re connected to the home network, you can use it to remotely monitor the status of other Norton installations. While the map offers a great deal of detail about the security status of other computers, it doesn’t include any remote configuration or management features.
Clicking the Performance link on the main window visibly flips the window over to show performance statistics on the “back.” Here you can also check which background tasks have completed and which are pending. The Norton Insight scan offers information about all running programs, or all programs on your PC. For each program, it reports trust level, prevalence, and resource usage, as well as a stability rating (based on how many times the program has crashed for other Norton users).
One additional “flip-side” feature appears only in the suite, not in the standalone antivirus. The Startup Manager is designed to streamline your computing experience by limiting the number of programs that launch at startup. For each startup program it displays prevalence and resource usage information. You can reversibly disable any program from launching at startup, or set it to launch after a delay.
The standalone antivirus actually includes an intrusion prevention component, something usually found only in a suite. I tested the antivirus and suite separately, attacking each test system using over 30 exploits generated by the Core IMPACT penetration tool. The two products performed identically. They actively stopped every attack at the network level and identified about a fifth of the attacks by name. No other product I’ve tested has come close to this level of intrusion prevention.
Naturally Norton’s firewall handled all the port scan attacks and other Web-based tests I threw at it. It also proved to be seriously hardened against direct attack. I got “Access denied” at every attempt to modify its Registry settings, terminate its processes, or disable its services.
The vast Norton Insight database online identifies hundreds of thousands of known good programs, and Norton’s Smart Firewall draws on this information to automatically configure network permissions for most programs. When it encounters an unknown, it doesn’t baffle the user with confusing queries. Instead, it cranks up the monitoring level on that unknown, ready to pounce if it starts misbehaving.
Leak test programs attempt to make an Internet connection without triggering program control, using techniques found in actual malicious programs. Since they have no malicious payload, Norton ignores them by default. Just to see what would happen, I disabled automatic program control and turned on Advanced Events Monitoring before checking my leak tests. This unusual configuration caught almost every single one, reporting on exactly what kind of suspicious behavior it detected.
All too many suites rely on the outmoded firewall style that bombards users with confusing queries and expects them to make important security decisions. I strongly approve of those like Norton that handle those decisions internally. The firewall in McAfee AntiVirus Plus 2014 also makes its own decisions. Kaspersky takes a different tack, assigning a trust level to every program, with increasing restrictions as the trust level goes down.
Accurate Spam Filtering
Chances are good you get spam filtering as a service of your email provider, but if you don’t, you can rely on Norton to keep the junk out of your Inbox. Norton integrates with Outlook and Outlook Express; those using a different email client will need to define a message rule to toss marked spam into its own folder.
The spam filter can import your Outlook or Outlook Express contact lists into its whitelist of approved senders; you can also add addresses manually to this list or to the blacklist. For testing purposes I left both lists empty.
After downloading thousands of messages from a real-world spam-infested email account I deleted all those over 30 days old and sorted the Inbox into valid personal mail, valid bulk mail, and undeniable spam, discarding any that didn’t clearly fit those three categories. I did the same for the contents of the spam folder and then tallied the results.
Norton didn’t discard a single valid personal message or newsletter, and it only missed 3.9 percent of the undeniable spam. That’s quite impressive! Bitdefender, Kaspersky, and AVG Internet Security 2013 all missed even fewer spam messages, but they all tossed a a few valid messages in with the spam. If you need spam filtering, Norton will definitely do the job. For a full explanation of my antispam testing methodology, see How We Test Antispam.
Norton Internet Security (2014) antispam chart
Cross-Device Parental Control
The Norton suite links to Norton Family, but you’ll need to install it separately if you want parental control. You perform all of your configuration tasks online, downloading a small client program to enforce “house rules” on each PC or other device that the children use.
To start, you’ll add a child and identify which devices or user accounts belong to that child. You can select one of four age groups to automatically configure which Web content categories will be blocked, or make your own choices from over forty categories. Norton can filter even secure (HTTPS) connections, so as long as you’ve checked the Web proxies category your kid won’t be able to circumvent content filtering.
For older children, you can choose to just monitor Web activity, or to allow blocked categories after a warning. The warning window when a site is blocked includes a place for the child to enter an explanation of why it seemed reasonable to visit that site.
You can define a weekly schedule of times when the child is permitted to use the computer, along with a maximum for weekdays and for weekends. Here’s an unusual (and useful) feature; you can choose to ignore idle time in that maximum. There’s also an option to warn that time’s up without actively locking the child out.
Norton Family enforces Safe Search in popular search portals, and keeps track of what you’re child has been searching for. If you fill in personal information like phone number, email address, and SSN, Norton Family can keep the child from sharing that information. From the online portal, you can view a summary of your child’s Web activity or dig in for details of websites visited, search terms used, and social networking activity.
The full set of parental control features only becomes available if you pay $49.99 per year for an upgrade to Norton Family Premier. Premier retains activity data for 90 days rather than seven. It adds tracking of instant messaging activity, videos watched, and applications used. Premier users can also monitor the child’s texting (on Android) and track installed apps. Weekly or monthly activity reports in email are also available.
Even the basic free edition of Norton Family offers better parental control that what’s found in most suites. Note that you can get it for free without purchasing this suite.
Small Impact on Performance
Security suites, and Norton in particular, have had a reputation for over-consuming system resources and getting in the way of day-to-day computer use. That reputation was well-deserved perhaps eight years ago, but few modern suites put any significant drag on performance.
To get an idea of Norton’s impact, I used a lengthy script that moves and copies a big collection of big files between drives. I averaged many runs with no suite installed and with Norton installed. The script took just 7 percent longer under Norton, hardly anything you’d notice. Another script that zips and unzips that same collection of files took 10 percent longer. In both cases, Norton’s impact was well below the average of current suites.
My boot time test, devised years ago with some help from a Norton engineer, measures the time elapsed between the start of the boot process (as reported by Windows) and the time when the system is ready to use. I define “ready to use” as ten seconds in a row with CPU usage of five percent or less. Averaging 100 runs with no suite and with Norton, I found the boot time to be 24 percent longer under Norton. That was a tad surprising, as its impact has been less in previous years. Even so, you’d be hard-pressed to notice this small increase in boot time.
In the past I’ve included a script to measure impact on browsing speed. My other tests are self-contained, but the browsing test could be affected by outside factors. In addition, it has proved imperfectly compatible with some security products. On consideration, I’ve removed that test. The chart below summarizes the remaining tests for recent suites. To learn more about my testing techniques, see How We Test Security Suites for Performance.
Norton Internet Security (2014) performance chart
Firing on All Cylinders
It’s awfully convenient to get all your security protection from a single, integrated suite, but that convenience can fall flat if some suite components are stinkers. All the components in Norton Internet Security (2014) do their jobs well. Some, like the intelligent firewall and accurate phishing protection, are truly outstanding. My only wish is that Symantec would expend a little effort to make the antivirus component work well both in the real world and in independent lab tests.
Norton is an Editors’ Choice for security suites; it’s what I use myself. If you can do without spam filtering and parental control, Webroot SecureAnywhere Complete 2013 is amazingly small and fast. For those who want every possible security component, Bitdefender Total Security (2014) packs a lot into one package. And if your real desire is to have a helping hand when problems arise, Comodo Internet Security Complete 2013, with its Geek Buddy support system, may be just the thing. These are all Editors’ Choice products, for different reasons.
Copyright © 2012 Ziff Davis, Inc