Thursday, April 15, 2010

A Quick Look at Kaspersky Internet Security 2010

I recently did an in-depth review of the latest Internet security suite from Kaspersky Lab, Kaspersky Internet Security 2010 (KIS 2010). It is certainly an improvement over previous instalments, providing a more comprehensive level of protection against malware based threats. Some components have been divided into smaller, separate components, making the application very flexible in terms of customisation. What does that mean for the user? The user is able to disable unnecessary components in cases where similar protection is provided by a standalone application, for instance a spam filter or parental control application. There are a lot of good things to say about this security suite, but it is definitely not without its faults, I will discuss these in detail a little bit later.

Installation and setup
Very easy and straightforward. Getting the application up and running is child's play and the process is fairly automated, meaning very little user interaction is required during the installation procedure. I have a little bit of criticism against Kaspersky Lab going the opt-out route regarding the participation in the Kaspersky Security Network. With "opt-out" I mean that you need to explicitly opt out from participation and I would like to see this the other way around. But at least Kaspersky Lab gives you the option to opt out, unlike other software developers who never even inform you of participation in their usage data collection programs.

The software updates itself quite often, with definition updates released several times a day. The software checks for updates on an hourly basis, but certain users report that actual updates are published every three hours on average. Nevertheless, Kaspersky Lab stays up to date with the latest threats and outbreaks, to the benefit of every user of their software.

User Interface
It is quite easy to use the software, making it an attractive option for novice users. Most of the components work out of the box and customising them is no rocket science. However this can't be said of all the components. The firewall component is the least user friendly and making changes to the firewall rules, to make it behave in a way that suit your needs, is an extremely frustrating and time consuming operation.

You won't need a monster PC to run Kaspersky Internet Security 2010, but you need at least 1 GB of RAM and an 1GHz processor to run the security suite on Windows XP, without compromising the overall performance of your computer (for Vista and Windows 7, double these figures to 2GB of RAM and a 2GHz processor). Off course you will notice a slight decrease in performance, but nothing major. With the processing power of today's standard office computers, you shouldn't have any trouble running the software on one of these.

Real-time Protection
This is where Kaspersky Internet Security 2010 packs the punch. This security suite brags with a whopping 13 different security components, each one of them providing tailor made protection against specific types of threats. You are basically protected against malware (viruses, spyware, trojans, rootkits, etc.), network attacks, spam, phishing attacks, intrusive advertising through banners and even your kids are protected against inappropriate content on the Web. There is more to Kaspersky Internet Security 2010 than meets the eye and only a look under the hood can reveal the different levels of protection provided by this world class security suite.

Threat Protection Tests
This is the core of every security software review, in other words, can the software protect me when the pawpaw hits the fan? Malware tests were satisfactory, although it missed a couple of threats. Malicious files are isolated properly and accidental execution of a known threat is nearly impossible. The heuristic scanner is fairly clever too and the software defended itself perfectly when I tried to disable it by force.

The firewall fared well against the couple of leak tests I threw at it, but I was able to determine the computer's MAC address and the fact that it was up and running, with a simple port scan from another computer. The proper behaviour of a firewall in this case would be to hide the computer completely from an unauthorised computer, connected to the same network. The firewall detected and blocked the port scan, but it did not blacklist the offending PC, because it assumed that its IP address was spoofed. I would have liked an option to block the attacking computer completely, but hey, this is not a perfect world.

The spam filter is the only component in Kaspersky Internet Security 2010 that did not do so well during this review. At first I had loads of issues getting it to work in Thunderbird 2 and secondly, I discovered that there is no support for Thunderbird 3 at all (perhaps in the future?). The spam filter operates quite well in Outlook Express but the actual spam filtering left me wanting. I have to mention though, that the accuracy of the spam filter improved, after training it with more or less 150 spam e-mails, but even after all that training it still allowed obvious spam e-mails to come through. So it is disappointing to see a spam filter, with so much potential (Heuristic analysis, GSG technology for image recognition, analysis of RTF files and self-training text recognition with iBayes), struggling so much when it comes to actual spam filtering.

Value Added Protection
Like I mentioned earlier, during the discussion of the real-time protection, you also get a parental control and anti-banner component with Kaspersky Internet Security 2010. These components are disabled by default, because not everyone will have use for them. However, these simple tools are really impressive in terms of functionality, they do exactly what you would expect from them. The parental control component is easy to configure and very little configuration is needed, because it relies heavily on heuristic detection of inappropriate websites. Heuristic analysis is often something that delivers either a lot of false positives or false negatives, but the heuristic analyser of the parental control component is totally different, it is successful at detecting inappropriate sites, with very few false positives.

People with a vendetta against banner advertising will find the anti-banner component very helpful. Once again it relies on heuristic analysis to detect common banner sizes. The parental control and the anti-banner components, each has a white-list and a black-list, which can be used to explicitly allow (white-list) or block (black-list) specific websites.

Kaspersky Internet Security 2010, is a well rounded Internet security package. There is most certainly some room for improvement in the firewall and spam filtering division, but apart from its faults, it still remains one of the leading Internet security suites in the market. I highly recommend it for home and office use.

To win the battle against cyber crime we need comprehensive protection against online threats. We need to take the necessary precautions to keep our computers free from malware and unauthorised access. In order to achieve this goal, we need the necessary protection on our computers BEFORE an attack strikes. An Internet security suite like Kaspersky Internet Security 2010 can help you achieve this goal.

One golden rule applies to computer security, prevention is better than cure!

About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about internet fraud and malicious software. For more details about this security suite, read my in-depth review of Kaspersky Internet Security 2010.

No comments: