If there’s one thing we hate about security software, it’s when it makes its presence constantly felt. So we’re glad to say that Symantec’s latest suite has become a good deal quieter. Despite the large number of Norton processes still running in the background, Symantec has successfully reduced their resource drain. And while it still takes an age to load, the scanning engines throttle back depending on application activity.
There’s a new minimalist interface and a silent-running firewall. The lack of alert pop-ups doesn’t mean a lack of security, though — Norton just gets on with the job in the background. By doing away with asking if you want to allow a process to access the Internet, or act as a server, Symantec has reduced the chances of security being weakened by a bad choice. It works by allowing access to applications it knows are “good” and denying it for those that are known to be “bad” — the unknown quantities are analysed as required and if they exhibit bad behaviour, they’re blocked. Our tests showed that the firewall really did know best, and we suffered no false positives at all. All the honest apps, including many niche ones, worked as expected. It blocked all the malware we threw at it too, including those that masqueraded as legitimate applications. If you’re sick of pop-ups or have PC-illiterate friends and relatives, it’s very attractive.
Symantec has also removed some of the bloat of previous suites, by slimming down the component count. By default, there’s no anti-spam, parental control or data privacy: you can download an add-in pack that demands an additional 100MB of free drive space, taking the system total to a whopping 450MB. There’s not great value in it, though. Parental controls are basic, with no per-user controls, no temporary override and no time-based restrictions. Anti-spam is only average, although it does have some nice touches. In particular, we like the option to block emails containing local images when there’s no “meaningful” text, as well as the option to block messages with invisible or nearly invisible text. You can also block messages containing HTML forms or obscured URLs and dangerous emails with scripts, ActiveX objects or Java applets. But you’re still better off with ISP-based filtering or a client solution such as Cloudmark Desktop
The Symantec Web Caller ID (WCID) technology uses a combination of behavioural technology and block lists to determine if a site is legitimate or likely to be a phishing scam. In practice, it worked well, successfully alerting us to all known phishing sites we tried to visit. What’s more, the behavioural technology will analyse Web page information from the URL, title, form, page layout, visible text and links in order to root out previously unknown sites as well, providing zero-hour protection. Unfortunately, the otherwise excellent phishing protection toolbar only works with Internet Explorer, so Firefox users are left unprotected. This is a shame, as it’s significantly more adept than the IE7 toolbar and McAfee’s SiteAdvisor. It physically prevented us from accessing phishing sites rather than just warning about them, with the tiniest of “continue anyway” links hidden out of obvious sight. Spyware was handled very well, including rootkits and commercial keyloggers, which were all detected without hassle. Under the surface, rootkit protection is offered by the same Veritas VxMS technology found in large enterprises, which compares files within a directory to files at volume level. All of which meant that spyware protection is now excellent — almost but not quite on a par with the A-Listed Webroot Spy Sweeper.
One potential issue is that the Norton suite is currently tricky to fully uninstall. The Control Panel “Add or Remove” window requires three separate installations to be removed if you have the add-on pack, but Symantec offers no guidance about the correct sequence.
Poor parental controls and average spam filtering are enough to drop it behind F-Secure. But the superb firewall is a breath of fresh air and existing Norton 2006 users should at least avail themselves of the free upgrade. If you’ve multiple PCs, F-Secure offers better value and it outperforms Norton in every other way. However, if you want the epitome in low-maintenance protection, this is it.