Tuesday, September 02, 2014

Anti-virus vs Internet Security. What is the Difference? Which One is the Best?


People often ask me what the difference is between an anti-virus package and an Internet security suite. The basic difference between the two is that an anti-virus package can only protect you against malware, while an Internet security suite protects you against various kinds of cyber attacks. In order to explain the difference a little bit better, lets take a look at the development of anti-virus applications over the years.

A little bit of history
I take you back to 2005, when guys like Mike Healan were advocating the clear distinction between adware and spyware. Back then, you had a scanner for each type of malware, as a matter of fact, the term malware was seldom used in those days. You had a separate scanner for adware, spyware and viruses. As time went by, the need arose for a single scanner, that can protect you against several types of malware. I believe ewido Networks was one of the first companies to release such a scanner, namely ewido Anti-Malware. Ironically ewido changed the name of their product from ewido Anti-Spyware to ewido Anti-Malware and later changed it back to ewido Anti-Spyware. This was most likely more of a marketing strategy than anything else.

Grisoft (now known as AVG Technologies) acquired ewido Networks and incorporated the features of ewido's products into their own line of products. One of these products were called AVG Anti-Malware, which was basically a combination of AVG Anti-Virus and AVG Anti-Spyware. Companies like Lavasoft, who originally focussed on anti-adware software alone, later added anti-virus and Internet security suites to their line of products.

The standalone anti-virus application
Today the term 'anti-virus' refers to software that protects you against all kinds of malware, but a decade ago you were vulnerable against any kind of malicious software that did not fall under the limited definition of a virus. I prefer to use malware as the collective term for all kinds of malicious software, but the word 'virus' seems to have stuck over the years and it is no longer limited to the technical definition of a virus, it now includes trojans, spyware, backdoors, downloaders, etc. I believe most people associate viruses with all kinds of malware and therefore the anti-virus companies decided to stick with this term.

So there you have it, an anti-virus application will protect you against all kinds of malware, including potentially unwanted programs (which is a topic on its own), but it does not protect you against all kinds of threats. This is were an Internet security suite comes in.

The Internet Security Suite
An Internet Security suite basically consists of 3 main components, a malware protection shield, a firewall and a spam filter. Anti-virus companies realised that although an anti-virus shield prevents malicious code from being executed, it remains a reactive and not a proactive means of fighting malware. Whether the malware is dormant or active, it needs to enter the system in order to be detected by the anti-virus software. So in order to take a proactive approach in the fight against malware, you need to catch the malware at the main entry points to the system, namely the network and e-mail (removable storage came into the equation at a later stage).

Obviously, a firewall is not just there to detect malware before it enters your system, it also prevents unauthorised access to the system from the outside and it ensures that the information that leaves your system, is transmitted through the proper channels by applications that has the necessary authorisation to do so. A firewall works on a basic set of rules, but is more heuristic in nature compared to an anti-virus scanner that needs an up-to-date malware signature database in order to detect the latest malware.

Spam filters (or mail scanners) have become redundant over the years, due to the increased effectiveness of online mail services against spam (or dangerous e-mails containing malicious attachments). Cloud computing makes it much more effective to filter out the junk at server level, so e-mail clients have less spam to deal with. Client-based spam filters have evolved into a second layer of spam protection, catching the ones missed by the server-side spam filter. Apart from filtering unsolicited junk mail and malware, it also keeps you safe from e-mail scams like advance fee fraud and phishing. Although client-based spam filters are redundant these days, they are still very useful if you access your e-mail via an e-mail client like Outlook or Thunderbird.

Many Internet security suites goes far beyond a malware scanner, firewall and spam filter. Some include parental controls, identity theft protection, instant messaging scanners, link scanners for your browser and some even have an isolated area that you can use for online banking and shopping. Other suites have special sandboxing features through which you can run an application in an isolated virtual environment, preventing the application from accessing critical areas of your system. This allows the user to evaluate the behaviour of an unknown or suspicious application before granting it full access to the system.

The main aim of an Internet security suite is to provide comprehensive protection against various threats, not just malware. It should be there when you browse the Internet, do online shopping, read your e-mails, download files, chat to your friends, connect to a local network, execute an application, always ready to intervene whenever it detects a threat to the integrity of your system or data. When you need more than just malware protection, you need an Internet security suite.

Making the right choice
So the question arises, how do I know if I need more than just malware protection? Is an Internet Security suite really necessary for home use?

To answer these questions, you need to ask yourself, how much information do I need to protect? Do you use your PC for a lot of financial purposes, do you shop online or transact with your bank quite a lot. Do you store a lot of personal and sensitive information on your home computer, information that could cause financial losses if leaked to the wrong people? If you answered yes to any of these questions, it might me a wise move to get an Internet Security suite.

Price is always a factor. An Internet Security suite may cost more than a standalone anti-virus application, but avast! INTERNET SECURITY for example (at the time of writing this article), is only $5 more than avast! PRO ANTIVIRUS and for that you get a firewall and a spam filter extra.

But what about the free version, why pay for something if you can get it for free? Remember, the free version only has basic protection against malware, which is much better than no protection at all, but the free version only applies to home use, most free anti-virus applications prohibits their use in a commercial environment. Secondly, even if it is only for home use, you will not be protected against all the threats covered by the paid version.

So here are the pros and cons of Internet Security suites and standalone anti-virus applications:

Standalone Anti-virus Pros
  • Cheaper than Internet Security suites
  • Less components means better performance
  • Paid version provides better protection than free version
Standalone Anti-virus Cons
  • Does not provide comprehensive protection against all threats, only malware
  • Might clash with 3rd party firewalls and spam filters

Internet Security Suite Pros
  • Provides comprehensive protection against several kinds of threats
  • Easy to maintain, central control, no clashes between components

Internet Security Suite Cons
  • Costs more than a standalone anti-virus, but only a fraction more
  • May cause performance issues due to the vast number of components

Conclusion
If you run a business, I highly recommend an Internet Security suite, especially if your data is an important asset to you. Most home users will be fine with a standalone anti-virus application, but as soon as you start to use the Internet for financial purposes or store a lot of important information on your home computer, you might want to consider an Internet Security suite.


About the Author
Coenraad is webmaster and founder of Cyber Top Cops, leaders in Internet security, analysers of security software and raising awareness about spam and malicious software.

No comments: