At a Glance
- Smooth interface, strong malware detection
- Pricey, no backup feature
This strong security suite costs a little more, but it’s easy to use and good at blocking malicious software.
This review includes updates and revisions filed on 5/28/09.
Symantec Norton Internet Security 2009 ($60 for three users as of 5/24/09) came in a close second to G-Data in our midyear roundup of eight security suites and the corresponding security suites chart. It was also the clear winner in “Paying for Protection,” this year’s initial roundup of nine security suites. It pairs excellent malware detection and cleanup with a smooth, intuitive interface and a good range of features. Norton wasn’t tops in every category we tested, but if you want a solid product to protect your PC, Norton Internet Security is a great option.
In AV-Test.org‘s extensive malware-detection tests, Norton did very well, identifying 97.8 percent of the 722,372 collected samples of Trojan horses, worms, password-stealers, adware, and other nasties (98.3 percent excluding adware). This represents a slight decrease from our previous test results, where Norton caught 98.7 percent of “zoo” samples (98.8 percent excluding adware). Norton still achieved a third-place finish behind G Data Internet Security, which tagged 99.8 percent of “zoo” samples, and BitDefender’s suite, which achieved a 98.9 percent detection rate.
Norton again took top honors in cleaning up malware infections, though it wasn’t perfect. It got rid of 85 percent of the files and Registry changes that malware had put in place, but it failed to scrub all the files from two out of ten test infections. It produced similarly strong numbers for detecting and removing rootkits–stealth malware used to hide infections from PC users and security software alike. It successfully removed nine out of nine active rootkits.
In dealing with adware, Norton was on the low end with its 85.6 percent detection rate for this aggravating, albeit usually harmless, software–a good bit short of the results from the top performers, which identified over 98 percent of the adware in our testing. (It was still far better than the worst performer of the batch, which detected a paltry 36 percent of adware.) In previous testing, Norton detected 96.8 percent of adware–an average showing. On the other hand, it was the only product that didn’t produce a single false positive by misidentifying safe software as harmful.
In proactively identifying unknown malware for which it doesn’t yet have a signature, Norton scored below average. In tests with two-week-old signature files, it identified only 44.6 percent of samples (compared to 48.2 percent in previous testing). This put it third in the rankings, but well behind G Data, which detected a bit over 56 percent of the samples. But the suite’s new “pulse” update feature, which sends out malware signatures to the program every 5 to 15 minutes, could help offset that lackluster proactive performance. Symantec responds very quickly to new widespread malware attacks, typically in less than 2 hours, according to AV-Test.
Another new feature, Norton Insight, uses Internet-based elements to identify trusted applications that don’t need to be scanned, which Symantec says can help improve scanning speed. The suite did prove the fastest of the group at scheduled or manual on-demand scans that survey entire files, but it was only the sixth fastest at the more-important on-access checks that occur every time your PC opens or accesses a file.
Norton’s antispam feature adds a toolbar to Outlook and Outlook Express, and its firewall will automatically allow known, trusted applications to access the Internet. And its wireless-security feature correctly warned us about a test network that used no encryption.
To use the parental controls and privacy features, you must download and install a free add-on pack from Symantec. Afterward you’ll be able to assign access profiles such as ‘Child’, ‘Teen’, or ‘Unrestricted’ to existing Windows user accounts, or define certain types of information, such as credit card numbers, that you don’t want sent from your PC without your authorization.
While Norton’s default settings and interface were largely correct and well done in our testing, its antiphishing proved a notable exception: The feature turned off Firefox’s built-in antiphishing protection without any notification, a move that Symantec says is to prevent potential duplicative alerts. Other suites had no problems leaving Firefox’s feature on in addition to their own, however, and doing so means you have two opportunities to catch and block a phishing site instead of just one.
Regrettably, the Norton suite lacks a backup capability, and it can’t scan for missing applications or Windows patches–a function that’s fairly common among its competitors.
Symantec Norton Internet Security 2009 remains a strong, well-balanced security suite–and its upgrades this year make it even better. Users angling for the absolute best malware detection, or people who need backup functions in their suite, might find a better fit elsewhere. But for most shoppers, Norton is a solid choice.