VIPRE Internet Security 2014 review

VIPRE Internet Security 2014 combines a decent antivirus, a simple, accurate spam filter, and a disappointing firewall; it's all over the map. You'll do better with a suite whose components are uniformly strong.
Photo of VIPRE Internet Security 2014

Some security suites load up with every kind of protection imaginable, while others stick to the basics. VIPRE Internet Security 2014 ($49.99 per year, direct; $69.99 for ten licenses) belongs to this latter category. It offers the expected antivirus, firewall, and spam filtering components, along with a few related security tools, but doesn’t include parental control, encryption, or other extended suite features.

VIPRE’s pastel-colored main window summarizes security status and offers quick links to change settings. Other pages let you choose different scan types, view and configure firewall activity, and manage a variety of program features. Finally, a tools page provides access to several security-related bonus tools.

Same Antivirus, Almost
This suite’s antivirus protection is the same as what’s provided by VIPRE Antivirus 2014, with one interesting exception that I’ll go into later. Do please read my review of the standalone antivirus for full details on the shared features.

While most of the independent antivirus labs that I follow include VIPRE in their testing, it doesn’t earn top marks. False positives proved to be a prickly problem in tests by AV-Comparatives, both lowering its test scored and counting against it in my false positives rating.

As you can see in the chart below, top performers like Bitdefender Internet Security (2014) and Kaspersky Internet Security (2014) earn excellent ratings across the board. For a full explanation of how I derive these ratings, see How We Interpret Antivirus Lab Tests.

VIPRE Internet Security 2014 lab tests chart

My own local malware blocking test isn’t as ambitious as what the labs can manage. In particular, time constraints require that I use the same samples for many months. Old samples might in part account for the fact that VIPRE scored a perfect 10 in this test. Whatever the reason, it’s the only current product with a perfect score.

Recently I’ve begun a real-world detection test using a malware feed provided by MRG-Effitas. I get a list of very new malicious URLs, usually no more than a few hours old, and I sieve out those that specifically point to executable files. Then I try to visit those URLs, noting whether the antivirus prevents the browser from accessing the dangerous URL, wipes out the dangerous file during download, or just sits on its thumbs doing nothing.

The malicious URL blocking feature is visibly different in the suite than in VIPRE’s antivirus, and it extends to all online activity where the antivirus just protects Internet Explorer. Therefore I didn’t assume that the two products would score the same on this test. Trying over 100 malicious URLs proved that I was correct.

VIPRE’s antivirus blocked just 39 percent of the dangerous downloads. Most of those slipped past the malicious URL blocker and got caught during the download. By contrast, the VIPRE suite blocked 55 percent at the URL level and another 9 percent during download. Only two products tested in this way have done better. avast! Internet Security 2014 tops the list with 79 percent, and Ad-Aware Total  Security 11came in second with 68 percent.

The chart below summarizes my latest malware blocking tests. For a full explanation of how I derive these ratings, please read How We Test Malware Blocking.

VIPRE Internet Security 2014 malware blocking chart

Unimpressive Antiphishing
My ThreatTrack contacts indicated that the antiphishing protection in the suite and in the standalone antivirus should perform exactly the same, so I tested just with the suite, and reported the results for both. My new discovery that malicious URL blocking is much better in the suite might suggest that I should re-run my antiphishing test for the antivirus.

However, the suite’s phishing detection rate proved unimpressive. It came in 58 percentage points below the rate of consistent phishing champ Norton Internet Security (2014). I didn’t see the point in spending half a day running another antiphishing test. For a full explanation of how I perform this test, see How We Test Antiphishing.

VIPRE Internet Security 2014 antiphishing chart

Bonus Tools
Both the suite and the standalone antivirus offer a collection of bonus security tools. The new Social Watch feature will periodically scan your Facebook news feed for dangerous links. It can optionally post a warning if it discovers a bad URL. A history cleaner wipes out traces of your Internet and computer use, and you can enable a right-click menu option to securely erase any file or folder. The PC Explorer tool gives tech experts a variety of views into ongoing PC operation, among them lists of startup programs, running processes, and ActiveX controls.

In addition to this same collection of tools, the suite adds another called Auto Patch. You don’t have to do a thing to get the benefit of Auto Patch. By default it checks every other day for significant security patches and attempts to apply them automatically. By the time I got around to looking at it on my test system, it had updated Firefox, Adobe Air, and Java.

Antispam Much Improved
VIPRE’s spam filter is extremely simple. It analyzed the incoming POP3 email stream and marks spam messages by modifying the subject line. There are no settings other than an on/off switch and an optional whitelist/blacklist feature. Regardless of which email client you use, you’ll need to define a message rule to divert the spam messages into their own folder.

Some spam filters noticeably slow the process of downloading email. It took four times as long to download 1,000 messages with BullGuard Internet Security (2014) handling spam as with no filter. VIPRE didn’t slow the process appreciably, and its accuracy was quite good.

In a sample of over 5,000 real-world messages, VIPRE allowed just 5.1 percent of undeniable spam into the Inbox. It mis-filed just 0.5 percent of valid mail as spam, all from the same address; whitelisting would fix that. And it didn’t discard any valid bulk mail.

McAfee Internet Security 2014 and Norton missed 3.7 and 3.9 percent of the spam, respectively, and they didn’t block any valid mail, personal or bulk. Even so, VIPRE’s performance is darn good, and much better its previous version, which missed 20 percent of the spam. For a full run-down on my antispam testing process, see How We Test Antispam.

VIPRE Internet Security 2014 antispam chart

Firewall Letdown
The two most important components of a security suite are the antivirus and the firewall. VIPRE’s antivirus fared well in my tests, though less well in independent lab tests. The firewall, however, is pretty much a bust.

The built-in Windows Firewall manages the apparently-simple task of putting all your computer’s ports in stealth mode. They’re more than just closed in this mode; they can’t even be seen from the outside. For reasons I could not determine, VIPRE’s firewall stealths almost all ports, but leaves the important security port 443 merely closed, not stealthed.

As for program control, by default it’s turned off. VIPRE allows all outgoing communication and blocks unsolicited inbound traffic, but that’s it. If you want to turn on program control, you’re guaranteed to have a hard time finding it. As it turns out, the way to do it involves clicking “Reset to Defaults” on the firewall settings page and then choosing Learning Mode. Would you have guessed that?

When you do enable learning mode, you’ll start getting those familiar popups each time a previously-unknown program attempts Internet access. Do be sure to check the box that makes VIPRE remember your answer; otherwise you’ll have to respond over and over.

This kind of old-school firewall can be vulnerable to malware that sneakily connects with the Internet by subverting trusted programs. I ran over a dozen leak test programs that demonstrate the same techniques malware might use. VIPRE caught exactly one.

HIPS and IDS, Allegedly
The firewall includes a Host Intrusion Protection System (HIPS) and an Intrusion Detection System (IDS), but both are turned off by default. If you want this added protection, you’ll have to do more than just turn them on. Even when enabled, the HIPS is set to allow intrusions, and the IDS is set to allow all but high priority intrusions.

To get a feel for these features I first turned both of them on. Then I set them to block every intrusion and notify me when they do. With HIPS and IDS protection maximized, I attacked the test system using exploits generated by the CORE Impact penetration tool.

The results were unimpressive. Out of thirty-odd exploits, the HIPS kicked in to prevent code injection by exactly one. I didn’t see any response from the IDS, but the antivirus kicked in to wipe out files associated with some of the exploits. A full 75 percent of them slipped through with no reaction from VIPRE. None actually penetrated security, as the test system is fully patched. By contrast, Norton blocked every single exploit and identified many of them by name.

Really, though, the efficacy of the firewall hardly matters, because it’s completely unprepared for malware attack. I had no trouble stopping its essential services and setting them to not restart upon reboot. Likewise I had no trouble terminating VIPRE’s processes. A malicious program could do the same. This firewall just doesn’t impress, and I can’t figure out what the IDS even does.

A Light Touch
VIPRE’s real-time antivirus protection didn’t put much of a drain on system performance, according to my tests. A lengthy script that moves and copies a big collection of huge files took 12 percent longer with VIPRE present; another script that zips and unzips the same collection also took 12 percent longer. The current suite averages for those two tests are 17 percent and 14 percent respectively, so VIPRE’s doing pretty well.

The results of my boot time test were so peculiar that I re-ran both the baseline test (no suite) and the VIPRE test. This test measures the time from the start of the boot process until the system is ready for use, defined as ten seconds in a row with CPU usage less than five percent. What I found was that boot time decreased after installation of VIPRE.

Stranger still, a clear pattern was evident in the 100 reboots that I averaged. With no suite installed, the boot process takes a bit over 60 seconds, without a lot of variation. Under VIPRE, I’d consistently see about six reboots in a row below 50 seconds, followed by one peak of perhaps 130 seconds or more. I can’t explain it, ThreatTrack can’t explain it, but it’s what happened.

For more on my simple performance tests, see How We Test Security Suites for Performance.

VIPRE Internet Security 2014 performance chart

You Can Do Better
VIPRE Internet Security 2014 starts with antivirus protection that’s merely good, not great, especially in the view of the independent labs. While the suite does a better job than the standalone antivirus blocking very new malicious URLs, it’s not nearly as effective at blocking phishing URLs. Add a simple, accurate spam filter and an ineffective firewall, and you’ve got a suite whose components are all over the map ability-wise.

If your budget is tight and you don’t need spam filtering or parental control, Comodo Internet Security Complete 2013 can be a good choice. If you’re willing to spend a few bucks for a suite that’s strong in all components, go for 4.5Norton Internet Security (2014). Kaspersky Internet Security (2014) is another good possibility. 

Parental Control: n/a

VIPRE Internet Security 2014 combines a decent antivirus, a simple, accurate spam filter, and a disappointing firewall; it's all over the map. You'll do better with a suite whose components are uniformly strong.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc