People
often ask me what the difference is between an anti-virus package and
an Internet security suite. The basic difference between the two is
that an anti-virus package can only protect you against malware,
while an Internet security suite protects you against various kinds
of cyber attacks. In order to explain the difference a little bit
better, lets take a look at the development of anti-virus
applications over the years.
A little bit of history
I take
you back to 2005, when guys like Mike Healan were advocating the
clear distinction between adware and spyware. Back then, you had a
scanner for each type of malware, as a matter of fact, the term
malware was seldom used in those days. You had a separate scanner for
adware, spyware and viruses. As time went by, the need arose for a
single scanner, that can protect you against several types of
malware. I believe ewido Networks was one of the first companies to
release such a scanner, namely ewido Anti-Malware. Ironically ewido
changed the name of their product from ewido Anti-Spyware to ewido
Anti-Malware and later changed it back to ewido Anti-Spyware. This
was most likely more of a marketing strategy than anything else.
Grisoft
(now known as AVG Technologies) acquired ewido Networks and
incorporated the features of ewido's products into their own line of
products. One of these products were called AVG Anti-Malware, which
was basically a combination of AVG Anti-Virus and AVG Anti-Spyware.
Companies like Lavasoft, who originally focussed on anti-adware
software alone, later added anti-virus and Internet security suites
to their line of products.
The
standalone anti-virus application
Today
the term 'anti-virus' refers to software that protects you against
all kinds of malware, but a decade ago you were vulnerable against
any kind of malicious software that did not fall under the limited
definition of a virus. I prefer to use malware as the collective term
for all kinds of malicious software, but the word 'virus' seems to
have stuck over the years and it is no longer limited to the
technical definition of a virus, it now includes trojans, spyware,
backdoors, downloaders, etc. I believe most people associate viruses
with all kinds of malware and therefore the anti-virus companies
decided to stick with this term.
So
there you have it, an anti-virus application will protect you against
all kinds of malware, including potentially unwanted programs (which
is a topic on its own), but it does not protect you against all kinds
of threats. This is were an Internet security suite comes in.
The Internet Security
Suite
An
Internet Security suite basically consists of 3 main components, a
malware protection shield, a firewall and a spam filter. Anti-virus
companies realised that although an anti-virus shield prevents
malicious code from being executed, it remains a reactive and not a
proactive means of fighting malware. Whether the malware is dormant
or active, it needs to enter the system in order to be detected by
the anti-virus software. So in order to take a proactive approach in
the fight against malware, you need to catch the malware at the main
entry points to the system, namely the network and e-mail (removable
storage came into the equation at a later stage).
Obviously,
a firewall is not just there to detect malware before it enters your
system, it also prevents unauthorised access to the system from the
outside and it ensures that the information that leaves your system,
is transmitted through the proper channels by applications that has
the necessary authorisation to do so. A firewall works on a basic set
of rules, but is more heuristic in nature compared to an anti-virus
scanner that needs an up-to-date malware signature database in order
to detect the latest malware.
Spam
filters (or mail scanners) have become redundant over the years, due
to the increased effectiveness of online mail services against spam
(or dangerous e-mails containing malicious attachments). Cloud
computing makes it much more effective to filter out the junk at
server level, so e-mail clients have less spam to deal with.
Client-based spam filters have evolved into a second layer of spam
protection, catching the ones missed by the server-side spam filter.
Apart from filtering unsolicited junk mail and malware, it also keeps
you safe from e-mail scams like advance fee fraud and phishing.
Although client-based spam filters are redundant these days, they are
still very useful if you access your e-mail via an e-mail client like
Outlook or Thunderbird.
Many
Internet security suites goes far beyond a malware scanner, firewall
and spam filter. Some include parental controls, identity theft
protection, instant messaging scanners, link scanners for your
browser and some even have an isolated area that you can use for
online banking and shopping. Other suites have special sandboxing
features through which you can run an application in an isolated
virtual environment, preventing the application from accessing
critical areas of your system. This allows the user to evaluate the
behaviour of an unknown or suspicious application before granting it
full access to the system.
The
main aim of an Internet security suite is to provide comprehensive
protection against various threats, not just malware. It should be
there when you browse the Internet, do online shopping, read your
e-mails, download files, chat to your friends, connect to a local
network, execute an application, always ready to intervene whenever
it detects a threat to the integrity of your system or data. When you
need more than just malware protection, you need an Internet security
suite.
Making the right choice
So the
question arises, how do I know if I need more than just malware
protection? Is an Internet Security suite really necessary for home
use?
To
answer these questions, you need to ask yourself, how much
information do I need to protect? Do you use your PC for a lot of
financial purposes, do you shop online or transact with your bank
quite a lot. Do you store a lot of personal and sensitive information
on your home computer, information that could cause financial losses
if leaked to the wrong people? If you answered yes to any of these
questions, it might me a wise move to get an Internet Security suite.
Price
is always a factor. An Internet Security suite may cost more than a
standalone anti-virus application, but avast! INTERNET SECURITY for
example (at the time of writing this article), is only $5 more than
avast! PRO ANTIVIRUS and for that you get a firewall and a spam
filter extra.
But
what about the free version, why pay for something if you can get it
for free? Remember, the free version only has basic protection
against malware, which is much better than no protection at all, but
the free version only applies to home use, most free anti-virus
applications prohibits their use in a commercial environment.
Secondly, even if it is only for home use, you will not be protected
against all the threats covered by the paid version.
So here
are the pros and cons of Internet Security suites and standalone
anti-virus applications:
Standalone Anti-virus
Pros
- Cheaper than Internet Security suites
- Less components means better performance
- Paid version provides better protection than free version
Standalone Anti-virus
Cons
- Does not provide comprehensive protection against all threats, only malware
- Might clash with 3rd party firewalls and spam filters
Internet Security
Suite Pros
- Provides comprehensive protection against several kinds of threats
- Easy to maintain, central control, no clashes between components
Internet Security
Suite Cons
- Costs more than a standalone anti-virus, but only a fraction more
- May cause performance issues due to the vast number of components
Conclusion
If you
run a business, I highly recommend an Internet Security suite,
especially if your data is an important asset to you. Most home users
will be fine with a standalone anti-virus application, but as soon as
you start to use the Internet for financial purposes or store a lot
of important information on your home computer, you might want to
consider an Internet Security suite.
About
the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about spam and malicious software.
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about spam and malicious software.