Norton's smart overhaul battles drive-by downloads, et al.

---

Product: Norton Internet Security 2008
Website: www.symantec.com/nis2008
System Requirements: Windows Vista, XP, 300MHz processor. 256MB of RAM, 350MB HDD space
Price: €69.99, £49.99, $69.99

---

THIS TIME OF THE YEAR, two things are guaranteed to happen, shops start selling Christmas stuff way too early and the world's anti-virus companies knock out next-year's desktop consumer insecurity products. The first to wander across our desks is Norton Internet Security 2008 from Symantec.

Norton Internet Security 2008

Symantec has now produced a Norton Internet Security (NIS) each and every year since 1999. It also doubled up last year's release with a Vista version in late January - and as a free downloadable version for current users to boot. As it's one of the flagship products and a serious earner inside the firm's revenue stream, we've paid it some thorough, suspicious and deserved attention in this review.

We looked at the downloadable version of NIS 2008 as the retail shipping version hadn't arrived in the UK yet. Initially it's a small downloadable file, which then pulls down the appropriate installs from the Symantec site. Much like the Adobe Acrobat reader non-network install does and it performs then on in the same way.

Norton Internet Security 2008 - download

When it actually begins to install, the first thing we're presented with is an option to scan the system for viruses with the latest definitions. In both the retail box and downloadable version of old NIS 2007, this wasn't present. The best the end user could hope for was the latest virus definitions from the moment of shipping. This is a nice touch in the latest offering, we're glad they've included this feature which has been seen in others.

Norton Internet Security 2008 - Install Option

One of the first things we noticed in NIS 2008 was its boot time. The interface is much faster than previous offerings. Stats from the press release claim it's now 22 per cent quicker than 2007. It is a seriously significant improvement on before, although we're unsure if we found it to be that high a percentage. It's interesting to note that Symantec's own internal testing for these stats is conducted on Windows XP SP2 system with 256MB RAM, and a non-hyperthreaded Pentium 4. Rather close to our own test setup, as you'll see later.

Symantec has improved the main user interface from 2007, seen below. The coders simplified the reporting status to really just advise on the computer's vulnerabilities, if any. A a lot happens in the background now to protect the system automagically. A great deal of apparent reporting isn't really needed we believe for the type of user it's aimed at. This offers more in terms of peace of mind we suspect than anything else. They've also changed the aesthetics behind the UI to greatly reflect Vista and fit in more, rather than the old canary yellow.

Norton Internet Security 2008 - VISTA UI

Norton Internet Security 2007 UI

Compared to Norton Internet Security 2007, this does appear to have less of an impact on the computer's running performance. We found this in general day-to-day running and background usage. It feels less of a system drain. A relief, as we thought this time around it would be worse on our measly P4 powered system, in both XP and Vista. We were aware they significantly reworked the code in the last version to make it lighter. It appears they've done this once again.

There are new features for preventing Phishing attacks in web browsing. This has always been the case for more recent editions of Norton but only for Internet Explorer, leaving Firefox, out in the cold - this puzzled us to no end. In NIS 2008 this has now changed, everything installed around IE is also installed on Firefox. We're glad Symantec has realised what's good for the gander is good for the goose. Even if it is several years late, as the install base for Mozilla browsers has been grwoin, big time.

The new browser security goes under the name of Browser Defender. It's the defence against malicious code found on websites. These are such exploits as ActiveX, JavaScript VBScript vulnerabilities. Symantec believes this can now fix 100 per cent of known IE faults. These can be found in what they're calling drive-by downloads, a phrase we haven't come across before. These are basically legitimate sites that have been hacked to pass on or collect info for non-legit use.

Symantec LiveUpdate works a little differently in NIS 2008. After installation, we updated the software as every good fellow should. This time around it's been integrated into the main application. From here it just works in the background, automatically running the updates inside a discreet pop-up window. Beforehand it was a separate application and was treated in such a way. It needed a whole bunch of “click nexts” to work through the updates. With the user presented with options and all measures of detail not really needed to be seen. Now it's all rather effortless and minus all that redundant info, a great improvement we reckon.

Norton Internet Security 2008 - Symantec LiveUpdate

Aspects of other Symantec products have been brough across to NIS 2008. Chiefly, characteristics of Norton 360, announced at the end of February this year. Also, despite the protests, we suspect a feature or two from Norton Confidential.

There's a new browser-based feature in NIS 2008, called Norton Identity Safe. This looks to be from Norton Confidential. It's a function built in to the browser that secures personal and private on-line data from being exploited. This is usually in website account details, passwords and auto-fill in-form data. All details can now be encrypted and to a solid 256-bit key level. This is too be found in both Firefox and IE.

Norton Internet Security 2008 - Norton Identity Safe

One-Click Support is another one of those passed-on features from other in-house packages. This time it hails from Norton 360; then called embed and enhanced support. It's an alternative to bothering those nice people in Symantec tech support. Driven from the main software screen, it troubleshoots the most common problems ending up in a live-chat with a tech support operative in the worst-case scenario. We encountered no problems, so it's hard to ascertain its effectiveness. In saying that, we're sure it's a benefit to consumers with its simple and non-complicated interface.

Norton Internet Security 2008 - Support

The Home Network Feature is a nice little function of NIS 2008. This provides a view of network attached devices, even the router, and reports back their security status. A nice gentle way of reminding users that their neighbours could have free Wifi access - they can now bypass GO and head straight to jail. Also from here you can monitor other install bases of Norton Internet Security on the network, but only version 2008 and Norton AntiVirus 2008.

Norton Internet Security 2008 - Network Status and Remote Monitoring

Now, the biggest and most-appreciated function that's come across from Norton 360 is the licensing. Up until now, those who wanted to install NIS on multiple computers in the home had to buy separate products/licences for each. This is with the cost of them all mounting up in accordance with their numbers. Its changed in 2008, as up to three computers can now have the software installed upon them with the same licence/key. Norton 360 was the first to have this and it must have worked well as it's now here. It's long overdue and a welcome for the multiple-computer home.

If you're a keen follower of NIS products you'll have noticed they dropped the Anti-Spam and Parental Control feature in the 2007 version. You'll have seen the absence of the Symantec install message of Anti-Spam functions when you first booted Outlook after installation. Both are missing once again from this latest Norton Internet Security. It presumably reflects the lack of POP and IMAP usage in the home with the new world of vast storage of email on-line. And the fact that most children are more web-savvy than their parents and can get around security measures. These products are available as an optional free download.

The underlying new anti-virus and firewall technology in NIS 2008 is from Symantec's acquisition of Wholesecurity, late October 2005. It was first found in the Vista product update at the end of January and then again in Norton 360. It goes under the name of SONAR (Symantec Online Network for Advanced Response). The basis of it all is the ability to detect the behavioural patterns of malicious attacks, preventing them doing any damage before any virus definition/update for that vulnerability is available. This is now found in the firewall, phishing and anti-virus facets of NIS 2008. This all acts without any user intervention, intelligently and without any unnecessary alerts. Apparently SONAR also runs a full scan every time an application attempts an outbound communication, in order to prevent any sensitive info being passed on. This looks like the basis of a good clever security package, for hands-off users.

Testing
To determine if any improvements were made on scanning for viruses, spyware, etc. from 2007 to NIS 2008 we carried out a small test.

We installed clean images of Windows XP and Vista, all service pack and hot-fixed-up. This was followed by the Norton software with Symantec LiveUpdate run fully. After the tests were completed, we re-imaged the computer with clean OSes and started with the next suite.

The only test we performed was a complete full system scan, on our t-rusty Dell P4 3.06GHz, 512MB RAM system. The drives in the PC were 1x100GB, 1x120GB both E-IDE and a 512GB S-ATA drive - with data mounting up to 130GB.

Norton Internet Security 2008 - test results

As you can see, Norton Internet Security 2008 on Windows XP took 1hr 39mins 56secs to complete and 1hr 54mins 52secs with NIS2 007. With an overall gain of 14mins 56secs from package to package.

Scanning from Windows Vista with Norton Internet Security 2008 took 1hr 48mins 45secs to complete and 1hr 58mins 39secs with NIS 2007. With a gain of just 9mins 54secs, this could be down to the spec of the machine.

The press release we received claimed there's an overall improvement of 39 per cent in a quick scan from NIS 2007. If these scan comparisons are anything to go by, perhaps the spinolas at Symantec are on the right track after all.

Norton Internet Security 2008 - test results

This is by no means a true determination of the best all-in-one desktop security package, but we thought the comparison would be beneficial.

NIS 2007 and NIS 2008 both picked up one or two tracking cookies and deliberately placed virus files in a zip. Just to double our efforts up, we used Panda software and Trendmicro on-line scanners to make sure Norton was in check. It was, and the discovery was of equal measures. These on-line scans aren't advisable to time-constrained users out there, as ours took between 4-9 hours. Repeating them for both Operating Systems for continuity purposes was a tad time-consuming.

This is the first of the all-in-one desktop security packages of 2008 we've seen. So expect to see more comparisons within time. NIS 2008 as the benchmark will be interesting to see how others fare.

Finally, two things we discovered that really bothered us in the review process. The renowned Anti-Bot product wasn't included to our dismay and the downloadable trial is just limited to 15 days. The first would be a benefit to many users, consumer and otherwise. With the other, we don't believe you can effective determine anything of use in just 15 days.

We can't recall a time where there were so many improvements on NIS from the previous year. Symantec has certainly pulled out the stops in this package. We're just wondering why it took until now for all of these things to be included. ?

In Short
As PCs get faster with each passing day, you don't always expect utilities such as Norton Internet Security to have better performance over last year's edition in elderly systems like ours, as they can pull on the resources of the latest and greatest, discarding the old by the roadside. It's a pleasant surprise that NIS handles well with dated kit.

An all-in-one security product should just add to the computer's welfare in an unintrusive way. All without impacting on the system's performance, which Symantec appears to have done this time. It scans well, the firewall is solid enough for most users and the new features are welcome.

The Good
Three computer licences; scans quicker than previous version; Home network security check; secure on-line personal data; improved support.

The Bad
Spam filter seem to be an option and not built-in. No anti-bot inclusion.

The Ugly
Donwload limited to just a 15-day trial

Bartender's Report