TrustPort Internet Security 2013 review

TrustPort Internet Security 2013 offers all the expected security suite features plus a couple of unusual ones. Unfortunately, some of those features don't work well at all.
Photo of TrustPort Internet Security 2013

The 2012 edition of TrustPort’s security suite packed a ton of status information and links to security functions into its light-colored main window. TrustPort Internet Security 2013 ($54.95 direct; $74.95 for three licenses) could hardly look more different. Seven large buttons dominate its dark-colored window, with just about everything else hidden until you need it. The effort to revamp this product’s look might better have been spent upgrading some of its less effective components, I’m afraid.

It is true that the new layout is easier on the eyes, and easier for the average user to manage. Five of the seven buttons simply turn security components on and off. The Firewall button lets you choose between four protection levels, and the remaining button checks for updates. If you need to configure the suite’s protection at a more detailed level, just click the link to the advanced configuration dialog.

Uneven Antivirus
The antivirus protection in this suit is identical to that of TrustPort Antivirus 2013, with one minor exception. For my detailed findings, read my review of the standalone antivirus; I’ll summarize my findings here.

Installation went smoothly on ten of my twelve malware-infested virtual machines. On a clean test system, I followed tech support instructions to create a bootable Windows PE-based antivirus CD. A boot-time scan cleaned up those two systems and allowed me to install the product.

TrustPort detected more of the malware samples than ZoneAlarm Internet Security 2013 did. However, better cleanup by ZoneAlarm earned it 5.3 points while TrustPort got just 4.7, the second lowest score among products tested with my current malware collection. For a full explanation of my malware removal test methodology, see How We Test Malware Removal.

TrustPort Internet Security 2013 malware removal chart

Installed on a clean system, TrustPort did a much better job of fending off new malware attacks. It detected 94 percent of the samples, tying with Ad-Aware Pro Security 10.5 for best detection. With 9.4 points, Ad-Aware has the best malware blocking score among products tested with the same malware collection. TrustPort and G Data InternetSecurity 2014 are tied for second place, with 9.0 points. To learn more about how I test malware blocking, see How We Test Malware Blocking.

TrustPort Internet Security 2013 malware blocking chart

Only a couple of the independent antivirus testing labs that I follow include TrustPort in their tests. It received VB100 certification from Virus Bulletin in eight of the last ten tests, and it got checkmark certification from West Coast Labs for virus detection and cleanup. The chart below summarizes recent tests, and the article How We Interpret Antivirus Lab Testsgoes into more detail about the labs.

TrustPort Internet Security 2013 lab tests chart

The TrustPort suite includes a Web-based malware scanner not found in the standalone antivirus, but it didn’t make a lot of difference when I tried to download my malware collection again. Web-based scanning blocked 28 percent of the samples at the URL level, and another 44 got whacked during the download, for a total of 72 percent. The standalone antivirus caught 65 percent without Web-based scanning.

Application Inspector
In addition to signature-based malware detection, TrustPort includes a behavior-based Application Inspector. Any time an application attempts specific risky behaviors, the Application Inspector pops up and asks whether to block the program, allow it, or let it run but restrict its access to sensitive areas. If you choose the blocking option, TrustPort terminates the programs and prevents it from launching again.

In testing, this feature did detect a few malicious files. The problem is, it also raised an alert for quite a few perfectly valid programs. Choosing the default block option prevented these programs from installing or running.

Basic Firewall
The firewall component has four protection levels: Permit All Connections, Enable Outgoing Connections, Use Firewall Rules (the default), and Deny All Connections. The first of these effectively turns off protection, while the last cuts off all network access. And if you choose Enable Outgoing Connections, every program will be allowed to connect with the Internet. Really, you should leave it set to the default level.

Advanced firewalls like what you’ll find in Norton Internet Security (2013) and Kaspersky Internet Security (2013) take a proactive stance on controlling which programs can use your Internet connection. They automatically configure access for known good programs, terminate known bad programs, and monitor any unknowns without hassling the user.

TrustPort’s firewall is strictly old-school. The first time an unknown program attempts to access the Internet, it will pop up and ask you to decide whether or not to allow it. In an attempt to stem the flood of popups, the product defaults to allowing all access for any program that’s digitally signed. That’s risky; some types of malware, fake antivirus in particular, may be digitally signed.

In order to regulate a program’s access to the Internet, the firewall has to notice an access attempt. Leak test utilities try to evade that notice by piggybacking on trusted programs and other sneaky techniques. TrustPort is completely vulnerable to this kind of trickery; it only detected one of the dozen leak tests I launched.

As for attacks that exploit system vulnerabilities, the firewall basically doesn’t handle that job. TrustPort did detect just under half of the exploits I threw at it, but it was the Web-based malware scanner that did the job. It did identify most as exploits and even used the precise name for some of them. At the top end for exploit protection, Norton detected all of the exploits at the network level and identified most by name.

TrustPort still hasn’t fixed a significant weakness that would allow a malware coder to disable the product’s protection. I couldn’t tweak its Registry settings to turn it off, and its processes resist termination, which is good. A program couldn’t stop TrustPort’s essential services. However, setting the startup type for those services to disabled and forcing a reboot completely disables the product’s protection.

Dismal Spam Filtering
TrustPort’s email protection scans your incoming POP3 email stream for viruses and for spam. By default it also checks outgoing emails, on the off-chance that your system might be sending infected messages. It integrates with Microsoft Outlook, Outlook Express, Windows Mail, The Bat!, and Thunderbird. Those using a different email client will need to define a message rule to divert spam messages into their own folder.

For some reason the Outlook integration didn’t “take” on my antispam test system, but I had no trouble creating the necessary message rule. Downloading mail with the spam filter active took about twice as long as with no spam filter, but that’s not a slowdown you’ll actually notice.

The real problem is that TrustPort did a terrible job of filtering spam. It let nearly 85 percent of undeniable spam messages into the Inbox, and still managed to throw away 3.7 percent of the valid mail. That’s a slightly different balance from the previous edition, which only missed 44 percent of spam but discarded almost twice as much valid mail. Either way, it’s not good.

Norton and Bitdefender Internet Security 2013 didn’t throw away any valid mail and missed just 5.3 percent and 6.8 percent of spam respectively.

If you do install TrustPort, turn off the spam filter. It’s worse than useless. Replace it with the free Cloudmark DesktopOne Basic 1.2. Cloudmark didn’t toss any valid mail and missed a mere 2.6 percent of spam.

For information on how I analyze antispam accuracy, please read How We Test Antispam.

TrustPort Internet Security 2013 antispam chart

Dismal Phishing Protection
TrustPort does include phishing protection, but it’s buried as a category in the parental control system. Fortunately it’s turned on by default. Unfortunately, it’s barely functional.

The best antiphishing protection uses both a list of known fraudulent sites and some form of heuristic analysis that can identify a brand-new fraud. TrustPort’s parental control nominally performs heuristic analysis, but I didn’t see any evidence that this analysis is effective.

On the positive side, this edition of TrustPort scored quite a bit better than the previous edition. On the other hand, better doesn’t necessarily mean good. In this test, it lagged only 81 percentage points behind Norton’s detection rate, up from 92 points behind. Internet Explorer’s SmartScreen Filter alone was significantly more effective than TrustPort, beating TrustPort’s detection rate by 32 percentage points.

For more details on how I obtain very fresh phishing URLs and score this test, kindly read the article How We Test Antiphishing.

TrustPort Internet Security 2013 antiphishing chart

Dismal Parental Control
TrustPort’s Parental Lock component gets its own button in the product’s main window, but there’s very little behind that button. By default, it blocks all users’ access to sites matching six categories: Violence, Porn, Warez, Hacking, Spyware, and Phishing/Malware. Parents can enable blocking of seven additional categories.

If you don’t enable blocking the category called Redirector, a child can evade the product’s Web content filtering by using any anonymizing proxy website. Even if you do add the Redirector category, Parental Lock can still be defeated by using a secure anonymizing proxy website.

It’s possible to configure the product differently for different Windows user accounts, but doing so is absurdly complex. Instead of offering a list of accounts, TrustPort forces you to use a confusing Windows dialog box designed for selecting a variety of system object types.

In any case, this parental filter is among the poorest I’ve seen at actually blocking inappropriate sites. I had no trouble finding a variety of totally pornographic sites that slipped right past the filter. And since it doesn’t log your child’s online activity, there’s no way you’d know it failed.

Portunes and Skytale
No, Portunes aren’t magical teleportation devices; you’re thinking of portkeys. Actually, the names of these two features come from ancient history. Portunes was an ancient Roman god of “keys, doors, and livestock.” The skytale (rhymes with Italy, not with hightail) was an ancient Greek cryptographic device.

Reached from the Tools menu in TrustPort’s main window, Portunes serves as an encrypted storage area for passwords, credit card numbers, addresses, and a number of other types of personal data. It defines appropriate input fields for each data type, and also offers a free-form secure note type.

Don’t confuse this with an actual password manager like what you get with Kaspersky, Webroot, or Trend Micro Titanium Internet Security 2013. It doesn’t capture passwords, doesn’t fill in credentials to help you log in, and doesn’t enter your personal data in Web forms. Everything that goes into Portunes must be typed into it by you.

There’s no option to sort the list alphabetically or by data type, but there is a search box. Each letter you type in the search box narrows the list to items whose description contains the text you’ve typed. Note, too, that you can search only the description, not any other data fields.

You can optionally sync your Portunes data with other TrustPort installations via DropBox. There are also free Portunes apps for iOS and Android, once again synced through DropBox.

The ancient skytale was a simple wooden rod. To send a cipher, you’d wrap a parchment strip around the rod, spiral-fashion, and then write your message. To decrypt the cipher, the recipient would simply wrap the strip around a rod of the same diameter.

TrustPort’s Skytale is almost as simple. To use it, you type or copy/paste a message into the Skytale window click Encrypt, and enter a password. Skytale can send the encrypted message using your default email client or simply copy it to the clipboard for any other kind of transmission. The recipient will copy/paste the encrypted text into Skytale and click Decrypt. Simple!

Of course, the recipient must also be a TrustPort user in order to perform that decryption. As with Portunes, there are free Skytale apps for iOS and Android.

Little Impact on Performance
Based on my tests, installing TrustPort on a PC won’t cause a noticeable slowdown. My browsing test times a script that fully loads 100 websites. Averaging multiple runs with TrustPort active and with no suite present, I found the script took 31 percent longer to finish. That’s a bit more than the average of 22 percent. However, a quick check suggests that turning off the Parental Lock feature would significantly reduce the impact on browsing speed.

In all of my other tests, TrustPort showed little or no performance impact. A script that moves and copies an immense collection of immense files between drives took just 4 percent longer under TrustPort’s protection, and another that zips and unzips that same collection had no measurable impact.

TrustPort does include an option, enabled by default, to prevent launching of any user-mode process until after its real-time protection is enabled. I wondered if this might slow the boot process, but in fact my boot time test ran only 6 percent longer with TrustPort installed than with no suite at all. The average boot-time slowdown for current products is 16 percent.

Needs Work
As noted, this edition of TrustPort Internet Security 2013 has a very different appearance from the previous edition. The energy expended to improve its look would have been better aimed at improving low-performing components, in particular the antispam, antiphishing, and parental control.

Two of our three Editors’ Choice products, Norton Internet Security (2013) and Comodo Internet Security Complete 2013, cost less than TrustPort. The third, Webroot SecureAnywhere Complete 2013, costs just a little more. Any of these three will be a better choice.

Virus removal:
Virus blocking:
Parental Control:

Tech Support Phone/email during business hours
OS Compatibility Windows Vista, Windows XP, Windows 7, Windows 8
Type Business, Personal, Enterprise, Professional

TrustPort Internet Security 2013 offers all the expected security suite features plus a couple of unusual ones. Unfortunately, some of those features don't work well at all.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc