TrustPort Total Protection 2013 review

Some of the core suite components in TrustPort Total Protection 2013 are weak, but it still might be a good choice for someone who really needs the encryption and access control power it brings, most likely in a business setting.
Photo of TrustPort Total Protection 2013

Antivirus protection and a firewall are the core of any security suite, and most suites add a standard set of features including spam filtering and parental control. Encryption and access control can also be useful, especially in a business setting, but these features are less common. TrustPort Total Protection 2013 ($69.95 direct; $89.95 for three licenses) offers the same suite components as TrustPort’s basic suite and adds a range of encryption and access control features that will please the tech-savvy user. Yes, you pay more for the mega-suite, but you get your money’s worth.

Just looking at this product, you’d be hard pressed to distinguish it from TrustPort Internet Security 2013. The main window is the same, the color scheme is the same. The only visible difference is the product name in the title bar. Under the hood, though, there’s a lot more.

TrustPort Total Security 2013 shares quite a lot of features with TrustPort Internet Security 2013 and TrustPort Antivirus 2013. You’ll want to read those reviews for full details. I’ll summarize here, and then dig into the features specific to the mega-suite.

Shared Antivirus
I had next to no trouble installing TrustPort on my 12 malware-infested test systems. I did need to generate a bootable Windows PE antivirus CD on a clean system to get past problems with two of the 12, but it did the job easily.

TrustPort’s low score of 4.7 for malware removal reflects the fact that it didn’t effectively clean up the malware samples it found. It left behind quite a few executables, many of them still running. Among products tested with this same set of samples, only G Data TotalSecurity 2014 scored lower, with 4.3 points. At 6.0 points, Kaspersky PURE 3.0 Total Security did the best in this group. For details about how I test malware removal, see How We Test Malware Removal.

TrustPort Total Protection 2013 malware removal chart

TrustPort tied with Ad-Aware Pro Security 10.5 for best detection rate (94 percent) in my malware blocking test, and tied with G Data TotalSecurity 2014 for second-best malware blocking score overall, 9.0 points. Looking at products tested with my previous malware collection, Webroot SecureAnywhere Complete 2013 led the pack with 9.9 points. To learn how I run the malware blocking test, see How We Test Malware Blocking.

TrustPort Total Protection 2013 malware blocking chart

The independent testing labs mostly ignore TrustPort, unfortunately. West Cost Labs does certify TrustPort’s technology for virus detection and removal, and TrustPort got VB100 certification in eight of the last ten tests by Virus Bulletin. The chart below summarizes recent lab results; for more about these tests, see How We Interpret Antivirus Lab Tests.

TrustPort Total Protection 2013 lab tests chart

Other Shared Features
A number of the features that this product shares with TrustPort’s basic suite performed really badly in testing. The parental control system consists solely of a Web content filter that, in testing, let through quite a few graphically pornographic websites. Phishing protection is implemented as part of the parental control system, but its detection rate came in 81 percentage points behind Norton’s and 32 percentage points behind the SmartScreen Filter feature of Internet Explorer 8. For a full explanation of my antiphishing test, please read the article How We Test Antiphishing.

TrustPort Total Protection 2013 antiphishing chart

TrustPort’s firewall relies on the user to make decisions about what sort of Internet access to grant each program. It cuts down on annoying popups by automatically trusting any digitally-signed program, a risky decision given that some malware is digitally signed. The antivirus component did an okay job of blocking exploits, but a determined malware coder could exploit a weakness in the program itself to totally disable protection.

The antispam component filters out spam from your POP3 email account and integrates with a number of popular email clients. However, TrustPort’s accuracy proved dismal. Not only did it miss almost 85 percent of undeniable spam, it misfiled 3.7 percent of valid personal message in the spam folder. Norton 360 (2013) and Bitdefender Total Security 2013 didn’t throw away any valid mail. Bitdefender missed 6.8 percent of the spam and Norton just 5.3 percent. For full details on my antispam testing, read How We Test Antispam.

TrustPort Total Protection 2013 antispam chart

Both suites include the bonus features Portunes (rhymes with fortunes) and Skytale (rhymes with Italy). Portunes stores passwords, bank accounts, and other personal data, with the option to sync multiple TrustPort installations via your Dropbox account. It’s not a password manager, just a static storage system for personal data. Skytale encrypts or decrypts any text you drop into it, so you can securely send it by email, IM, or any other means. You can download a free iOS or Android app for both of these tools.

Encrypted Drives
Rather than make users fiddle with encryption of individual files, many security vendors offer some type of protected storage. When it’s unlocked, it looks like a regular folder or drive; when it’s locked, the contents are totally inaccessible. Bitdefender, Kaspersky, McAfee Total Protection 2013, are among those who offer such a feature.

When you create an encrypted drive, you tell TrustPort the password and a maximum size, and optionally set it to open at startup. Like G Data TotalSecurity 2014, TrustPort lets you set varying levels of access rights. Each access profile can have full access, read-only access, or administrator access. Only a profile with administrator access can make changes to the encrypted drive’s settings. Clearly this protection would be most useful in a business environment.

By default, TrustPort will unmount your secure drives when you lock the computer or when it goes into suspend mode. You can also set it to automatically unmount after a specified length of idle time. Note, though, that if you have files from the encrypted drive open it won’t unmount the drive, to avoid loss of data.

Secure Deletion
Moving your sensitive files into an encrypted folder is just one step toward protecting your data. For real protection you should copy those files into safe storage and then use the shredder component to securely delete the originals. Experts at DriveSavers have told me that overwriting a file even once before deletion is generally enough to prevent forensic recovery. By default, TrustPort uses three passes, but it offers a number of other shredding algorithms, including the 35-pass Gutmann method.

TrustPort’s panic shredding feature is one of a kind. You configure it by identifying folders containing your most sensitive information and optionally defining a hotkey. When you hear “Open up! Federal agents!” you press the hotkey to initiate panic shredding. Or at least that’s how I picture the feature being used.

Proprietary Archive Manager
For file archiving and compression, with optional encryption, the ZIP file format is standard. It’s even built into Windows. TrustPort will create similar archives, but it uses the company’s own proprietary CAR format. The CAR file manager lets you create, open, and manipulate CAR file archives.

Most people use such archive files to share and transfer information, which could be a problem if the recipient doesn’t have TrustPort. Fortunately, you can create a self-extracting executable archive. CAR archives can be password encrypted with one of two encryption algorithms, and there’s a handy option that automatically shreds the originals after moving files into the archive.

Some email systems will allow ZIP files but not EXEs as attachments, so the CAR file manager includes a built-in option to ZIP the self-extracting executable. It does seem odd to me that the company would build in this much ZIP functionality without making the archive manager totally ZIP compatible.

Access Control
I doubt many home users will get much use from the Access Control feature, but it may be effective in a business setting. To get started, you specify one or more drives or folders for which access will be controlled. Note, though, that you can’t specify protection for the Windows folder, Program Files, or other system folders.

Once you’ve added your sensitive files and folders, you can define the default level of access for each and separately define permissions for each Windows user account, in much the same way you do for encrypted drives. You can give each user full access, read-only access, or no access. So, for example, you might set the default profile to no access, give your own account full access, and add other accounts with read-only access.

Device Control
Device control is another unusual feature that TrustPort shares with G Data. When turned on, this feature can block the use of devices in ten categories and can also block devices whose category is unknown. Perhaps more useful is the ability to block devices by connection type: USB, Firewire, serial bus, Bluetooth, or infrared. In an office setting, you might put up a general block and then add permission for specific, trusted devices.

With G Data, it’s easy to add permission for a USB drive that’s present on the system. You get a list of mounted drives, including the volume name, and you just pick the ones you want. TrustPort doesn’t make it as easy. You get a list that’s more like Windows’s Device Manager, with devices identified only by type, not by volume name.

I found that the best way to add a new permitted USB drive is to change the USB setting from Block to Ask. Insert a new USB drive and TrustPort will ask whether to allow it. Leave the Remember box checked, click Allow, and you’ve successfully added this device to the trusted list. Don’t forget to reset the product to block USB access in general.

Autorun Malware Prevention
The infamous Stuxnet bridged the “air gap” between the Internet and Iranian nuclear centrifuges using the autorun feature of removable drives. Autorun is dangerous, and even users who’ve configured Windows to ask first can be tricked into letting an autorun process launch.

Similar to the USB Vaccination feature in Panda Internet Security 2013, TrustPort’s Autorun Protection fixes any USB drive so that no other process can change its autorun behavior. Nothing short of reformatting the drive will get rid of TrustPort’s protection.

Personal Traces Cleanup
As you use your computer and surf the web, you leave a clear trail of your activities. Browsing history, temporary internet files, recently-used file lists—all of these things could let a snooper figure out your recent activities.

The Wipe Now tool will securely delete files in the Recycle Bin, temporary files, Windows’s lists of recently used documents and programs, and Internet Explorer browsing traces. It doesn’t show you what it’s going to do, or what it did, though. It doesn’t clear out traces for other browsers. And it doesn’t clear recently-used file lists in popular programs. This feature could use a little more power and depth.

Minor Impact on Performance
My performance test results for this mega-suite came in within a percent of the results for TrustPort’s basic suite. The only area that showed significant impact was my browsing test. A script that fully loads 100 websites took 31 percent longer with TrustPort monitoring the connection than with no suite installed. That’s the average of ten runs each with and without the suite. A quick check convinced me that turning off the ineffective antiphishing and parental lock features would reduce the product’s impact on browsing.

In the bad old days, over-enthusiastic on-access antivirus scanning would sometimes slow down simple file management operations. That’s not true of most modern security tools, and very much not true of TrustPort. One of my test scripts moves and copies a huge collection of files between drives. With TrustPort active, that script took just 4 percent longer, quite a bit less than the current average of 22 percent. And I couldn’t even measure any performance drag in a test that zips and unzips that same collection of files.

Loading all the components of a security suite at boot time can take time. My boot time test measures the time from the start of the boot process until the system is ready to use. The average boot time slowdown among current suites is 16 percent; TrustPort came in at 6 percent. Overall, it’s not going to slow your daily activities.

For details on my suite performance tests see How We Test Security Suites for Performance.

TrustPort Total Protection 2013 performance chart

The Right User
As far as core components go, this suite isn’t so great. It seems to do a good job blocking malware attacks, but not at removing existing problems. Its parental control, spam filter, and antiphishing are quite poor. And yet, for the exact right user TrustPort Total Protection 2013 might be a good choice. It would absolutely have to be someone who really needs the various encryption and access control goodies that come in this mega-suite, probably in a business setting.

Does that describe you? Probably not, in which case, you’ll be better off choosing one of our Editors’ Choice security mega-suites, Norton 360 (2013) or Webroot SecureAnywhere Complete 2013. Kaspersky PURE 3.0 Total Security is another good possibility.

Virus removal:
Virus blocking:
Parental Control:

Tech Support Phone/email during business hours
OS Compatibility Windows Vista, Windows XP, Windows 7, Windows 8
Type Business, Personal, Enterprise, Professional

Some of the core suite components in TrustPort Total Protection 2013 are weak, but it still might be a good choice for someone who really needs the encryption and access control power it brings, most likely in a business setting.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc