The field of desktop antivirus and "Internet security" is pretty large these days. Despite having been around for quite some time, there's still a great deal of variety between the approach and quality of the offerings. I've been through many of them, driven in equal parts by upgrade pricing and reported quality.
I've been using Kaspersky Internet Security 7 for about 10 days now. I installed as part of a complete rebuild of my system following a bad infection that ruined my whole OS, under the watch of Panda (which the virus managed to deactivate). So I was looking to lean far more toward the quality side of the equation, rather than pricing.Who is this app designed for:
This offering from Kaspersky is targeted at home desktop PCs. The basic out-of-box configuration seems well-suited to basic computer users; some of the more advanced options (like behavioral protections) will require power user skills to use effectively.The Good
The needs improvement section
- Resource usage - many security applications drain a significant portion of your CPU cycles and/or disk bandwidth. KIS is currently registering no load at all, and is typically quite low.
- Resistance to tampering - the system (optionally) requires a password to make any changes to its operation, including to disable it. This makes me feel more secure than Panda, which completely let me down in this regard. (caveat: I have no way to actually test this)
- Scheduling - KIS allows you to schedule 3 escalating levels of scanning. You can decide when they will be run, and how much scanning they should do. This is in contrast with Panda which has no scheduling whatsoever.
- Near-realtime updates - My system is getting updates from Kaspersky about every 2 hours, so I don't have to wait long for protection from 0-day exploits. I don't know how much of a difference this really makes, but it feels nice.
- Some degree of rootkit protection (although I have no indication of how effectively they do this)
- Confusing alerts - The behavioral alerts (like when it observes keylogger behavior) are confusing. They could provide better explanations, and more clearly label the options.
- Horrible "stuck pig squeal" sound in alerts - I immediately turned off the audible alerts.
- Updates sometimes need reboot - In 10 days of usage, the automatic updates have twice asked that I reboot my system. This is in contrast with Norton, from which I recall this only once in 1 year of usage.
- To build a rescue disc (which you should do!), you must first download and install BartPE; KIS isn't capable of building a boot disc on its own. This method works fine for a power user, and was even fairly quick, but I can't imagine my mom going through the process.
The installation was relatively quick and easy. Just a minute or two and a reboot, and I was ready to go. While configuring the system, I noticed a few things right away:
- I was given the opportunity to set a password that will be required for changing KIS's behavior in the future. This is great, and gives me much more confidence. Since the infection that I’m recovering from seems to be due in part to my old Panda software being shut down by the attacker, I’m more optimistic about KIS's ability to protect me.
- I noticed in the options for email protection that NNTP traffic is covered. This isn’t something that I use, but I know that this is a significant medium in the transmission of malware. I've never seen another program that protects from this, and I’m pleased to see it here.
- I chose not to enable a number of options:
- Anti-Spam – I already use one of the best spam blockers available, SpamBayes, so I didn't think that KIS would have anything additional to offer.
- Firewall – I'm using a hardware firewall device, and I personally find programs like this (notably Zone Alarm) to be far too annoying.
- Parental filters – I'm not a parent.
The ability to schedule multiple levels of scanning strikes a good compromise between monopolizing the computer versus ensuring constant protection. I think this is a home run, and stands in stark contrast with Panda's refusal to provide any
scheduling at all.
Within a couple minutes of my initial reboot, KIS began squealing (it does so with a horrible sound that I can only describe as a squealing stuck pig; I quickly disabled the audio alerts). It was alerting me to a keylogger. Looking at the information provided, it was easy for me determine that it was the application supporting the configurable keys on my multimedia keyboard - not a problem, and something I want to allow in the future. But I expect that this is a rather common occurrence, and likely to panic someone who understands less than I do. A more informative message might help, something like "We've detected a program trying to monitor what you type. If you have - or have just installed - a multimedia keyboard, this may be normal."
Deciding that I want to allow that application to run was easy; deciding how
to allow it was another question. The notification windows take some understanding; in fact, I'm not sure I fully understand them now. It’s not really clear to me, for example when I received the keylogger alert, what option was necessary for disabling permanently (and in particularly, disabling keylogger alerts only for this one application) versus allowing it "just this once", or blocking the offender. I skimmed quickly through the User Guide but didn’t find a section dealing with this, nor pictures of the popup I was trying to understand. I think more descriptive verbiage on the popups are called for. In my experience, Norton Internet Security does this better.
Since I'm rebuilding my system after an infection, the very first thing that I want to do is a complete system scan. It appears that actually scanning a file is a lengthy process, at least compared to other scanning software. I started a full scan at about 10pm, and it was 2/3 done the next morning at 7am. The documentation indicates that the first time should take the longest – the system builds a database of files (which itself takes time) so that on subsequent scans, unchanged files may be skipped to speed the process. If this is able to reduce the time so that the whole thing can happen while I'm asleep, I'll be happy; beyond that, it doesn't really matter. Further experience shows that this works pretty well. Examining the log files shows that it is using some smarts about what it can skip.
The first scan showed up good news: KIS was able to detect the remnants of the infection that were left on my data drives.
So far, realtime scanning hasn't proved to be a burden. In the short time I was using the system with this in place, I didn't notice any performance degradation.
I really appreciate how the historical reports are set up. Having a categorized, searchable history of everything the program is done is (at least to me, a power user) invaluable in both understanding when a problem is spotted, as well as in maintaining a feeling of confidence that everything is running as it should. I think that KIS's reports are another home run.How does it compare to similar apps
In contrast with Panda's Internet security app, Kasperskey 7 is a big winner. With protection from tampering, scheduling updates, and light resource usage, it wins in the important categories.
I don't have objective numbers to back this up, but subjectively I feel that KIS 7 is better on resource usage than either Norton or McAfee.
In lab reviews, KIS consistently performs very well in detecting and preventing malware. My research before this purchase indicated that they are always rated either at the very top tier, or just a slight notch below that.Conclusions
I'm as excited about KIS 7 as I can imagine being about an Internet Security application. While I acquired this copy as a Not For Resale promo (no strings were attached), I have just ordered an additional 3 licenses to cover all computers in my home.Links to other reviews of this application
AV-Comparitives rates “Advanced+”: http://www.av-comparatives.org/
(Select "Comparatives", Nr. 15, "Online results") [edit: deep link was forbidden]
CNet rates 8 of 10: http://reviews.cnet....3667_7-32531226.html