Norton Internet Security

Norton Internet Security
	File:Norton AntiVirus logo.jpg
	Norton Internet Security Screenshot Norton Internet Security 2009
Developer(s)	Symantec Corporation
Stable release	2009 or 16.2.0.7 (Windows Edition), 4.0 (Mac Edition)
Operating system	Microsoft Windows, Mac OS X
Type	Security Suite
License	Proprietary
Website	Symantec.com

Norton Internet Security (NIS) is a computer utility suite made by Symantec Corporation, with a focus on providing comprehensive Internet protection. It is available for both Microsoft Windows and Mac OS X. It is one of Symantec's flagship products.

Features

Included software

On both platforms, Norton Internet Security is a combination of Norton AntiVirus, Norton Personal Firewall, and Norton Confidential. In an optional add-on package which can be downloaded from the official website, the Windows version adds Norton AntiSpam, while the Mac OS version adds Allume Systems' iClean, providing many of the same features. The 2007 add-on package also included parental controls, privacy controls, pop-up blocking, and ad blocking; later versions of the add-on package does not include the latter two features.

The recent version of Norton Internet Security for Macintosh, 4.0, is compatible with Mac OS X 10.5 and is a universal binary.^[1]

Version history (Windows)

Version 2006 and previous

Norton Internet Security 2006 included Norton AntiVirus, Norton Personal Firewall, Norton AntiSpam and Norton Parental Control. Although with the release of Windows Internet Explorer 7, the main GUI of Norton Internet Security 2006 and previous versions encountered several scripting errors, the current version of Norton Internet Security, however, fully supports IE7 and MSDN (Microsoft Developer Network) has a discussion thread on how to resolve this issue..

Version 2007 (14.0)

After many years of customer complaints regarding the speed and system utilization of the product, Symantec responded in 2007 with a much needed rewrite of the code to make the product lighter and faster, although it still uses more disk space than competitors and is frequently a source of severe system performance issues.^[2]

Version 2008 (15.0)

The 2008 version was released on August 28, 2007. It has several new features including SONAR (Symantec Online Network for Advanced Response) technology, Browser Defender (Internet Explorer Exploit Protection) and Norton Identity Safe.

Shortly after NIS 2008 was released, Symantec released a 2008 add-on package. This is essentially the same path Symantec took with the 2007 product line; the 2008 package adds features such as anti-spam and parental controls. Notably, the 2008 package does not include the ad blocking and pop-up blocking features that were included in the 2007 add-on package.

Version 2009 (16.0)

The 2009 version was released on September 8, 2008. It uses a new software architecture which boosts the software speed. It has some new features including Silent Mode, Smart Idle Time Scheduler, Program Trust, a CPU/Memory usage monitor, and Norton Insight which uses data from a global network to predetermine if a file is safe.

Symantec claims that Norton 2009 is the fastest amongst its predecessors and in the world because of its new architecture that reduces the boot time impact, the scan time, the memory usage as well as the system footprint and the install time. Redundancies have been removed, slimming the installation size from 300 megabytes in 2006 to less than 100 megabytes.^{[citation needed]}

Response to Malware

Symantec introduced a new technology called "pulse updates" to Norton AntiVirus 2009. These updates are designed to deliver incremental updates every 5 to 15 minutes to ensure customers are kept up-to-date on threats without slowing down their computer with a large batch update. According to AV-test, Norton Internet Security 2009 beta received 6,202 updates over a four-week period.

Norton AntiVirus 2009 introduced a new technology, dubbed "Bloodhound". It analyzes files in on-demand scanning for unknown, zero-day, or intentionally mutated malware. According to AV-Comparatives, an unreleased beta of Bloodhound would detect ~41% of malware with one month old signatures, compared to 18% the then current, or 2008 release, detected. The current release of Bloodhound detected 44% of malware without updates for four weeks with "few" false positives, earning the "Advanced" rating from AV-Comparatives.

Another implemented technology is SONAR, or Symantec Online Network for Advanced Response. It monitors processes in real-time for any signs of suspicious activity using over 300 different parameters, such as whether it creates a Add/Remove Programs entry. It is standard on all 2008 and later products. It is available as an free add-on for 2007 products.

Norton Insight

Yet another technique introduced in the 2009 product line is Norton Insight. Each process is heuristically analyzed and its safety is rated on a scale of 1 through 5 stars. It also calculates and collects the SHA256 value of all running processes, along with their dependencies. The SHA256 values are then forwarded to remote servers, which leverage information about running processes from over 65 million Norton community users. The server then reports back to the client's computer with information about safe, or trusted processes and their dependencies. Safe processes are a) present on the majority of participating Norton Community user computers, b) naively trusted by Norton, or c) digitally signed, depending on the level of trust specified by the user. Standard Trust only trusts files that have been validated by Symantec’s secure backend systems. High Trust will also trust files that are signed, and the signature is validated against the machine’s local certificate store. This industry-first whitelisting technology allows Norton to perform scans faster and focus more on untrusted and unknown processes.

The heuristic detection sensitivity threshold is also be greatly increased with Norton Insight technology. Typically, raising the heuristic sensitivity results in more false positives. However, Norton Insight's complied list trusted applications are excluded from heuristic scanning, which further saves time, processing power, and decreases the likelihood of false positives

The technology also makes commonly used “allow/deny” pop-ups unnecessary because Norton Insight relies on a global network of users, rather than an individual user's existing knowledge.

Norton Insight also employees a number of tamper protection features to ensure its integrity. Upon startup, Norton analyzes the NTFS file system, and if it detects any changes it could not account for, all the trust values of the files on the system are instantly revoked. Its kernel mode device driver technology instantaneously revokes file trust attributes the moment the file is modified. All information is stored in a secure high performance product-specific database.

In the case of a mistake, a revocation mechanism was implemented, where clients receive a list of revoked SHA256 values via LiveUpdate. If the client has a file matching a SHA256 and is currently trusting that file, all trust is revoked, and the file is once again scanned. Norton Protection Blog

Norton Internet Security for Mac 4.0

Norton Internet Security 4.0 for the Mac includes antimalware, firewall, antiphishing and online Web-threat protection for the Mac OS X 10.4 "Tiger" and 10.5 "Leopard" platforms. The package includes security-based updates from Symantec that address vulnerabilities found in the Apple operating system or applications such as Quicktime, sometimes prior to Apple releasing updates. In addition, Norton Internet Security 4.0 for Mac contains a file-lockdown feature called FileGuard that lets users decide which files they may want to prevent from being opened or copied. The software also makes use of Symantec's DeepSight sensor's honeypot technology that identifies IP addresses linked to malicious Web sites, and proactively warns consumers about accessing infected sites. [1][2]

Criticisms

Many of the criticisms leveled at earlier versions of Norton AntiVirus, including being slow, inefficient and difficult to uninstall, can also be leveled at Norton Internet Security due to its integration of Norton AntiVirus. In September 2006, ThePCSpy.com did two studies covering several thorough tests to find out what programs slowed down Microsoft Windows most. Norton Internet Security 2006 was the number one cause of a slow PC in both tests, with Norton Internet Security 2007 being the number three cause in the second test.^{^[3]^[4]}

Further, previous versions of Norton Internet Security integrate deeply with the Microsoft Windows operating system, causing further uninstallation problems. Symantec has released the Norton Removal Tool to remove corrupted installations of Norton.

Windows XP Service Pack 3

When a Norton 2008 product is installed, some people have encountered numerous invalid registry keys being added after upgrading to Windows XP Service Pack 3.^{^[5]} Symantec initially blamed Microsoft for the problem but has since accepted partial responsibility.^{^[6]}
A fix for the problem is now available.^{^[7]}

Independent assessments

Norton Internet Security won PC Magazine editor's choice awards for 2007, 2008 and 2009.^{^[8]^[9]^[10]}

PC World rated Norton Internet Security 2008 as the top performer among tested 2008 security suites.^{^[11]}

PC World has also rated Norton Internet Security 2006 as a "Best Buy". [3]

PC PRO "recommends" Norton Internet Security 2009: PCPRO

CNET rated Norton Internet Security 2009 as 4/5. CNET

PC World IDG gave Norton Internet Security 2009 a 4.5/5 rating." PC World IDG

Secunia tested 12 popular AntiVirus suites against 144 malicious files and 156 malicious web pages. Norton Internet Security 2009 leaded by detected 30.95% of all the exploits, including the files and malicious web pages.

According to AV-test.org, Norton 2008 excels in rootkit detection and removal; only product of the 34 tested to receive "++" in both rootkit detection and removal. AV-test

According to AV-test.org, Norton Internet Security 2009 beta detected 98.7% of malware.

According to AV-comparatives.org, Norton AntiVirus had "few" false positives.

According to AV-comparatives, an unreleased preview of Norton AntiVirus's improved heuristics would score ~41% in the May 2008 test compared to its current stable release's 18%.

PassMark Software was commissioned to benchmark Norton Antivirus 2009 and top security software competitors' performance impact on key metrics. Highlights from their findings include: Fastest install: installs in only 52 seconds, least working memory usage: uses less than 7MB, fastest quick scan: scans take 33 seconds.

According to AV-comparatives, Norton AntiVirus 2009 was the second fastest security suite overall. AV-comparatives Anti-Virus Comparative

Norton AntiVirus 2008 is Certified by ICSA Labs.

Norton AntiVirus 2009 received the highest possible rating from Checkvir labs, "Standard".

Norton AntiVirus 2009 received the highest possible rating from Checkvir labs, "Standard", for detecting malware embedded within electronic mail.

Norton consecutively passed all VB100% tests since 1999.

Norton AntiVirus successfully detected 44% of malware with 4 week old signatures with "few" false positives. AV-comparatives gave Norton AntiVirus the "Advanced" rating. AV-comparatives

Cascadia Labs found that Norton 2009 was the only product tested that blocked all drive-by-downloads, fake online antivirus scanners, and fake video codec sites. [4]

Norton Internet Security 2009 received ProtectStar, Inc. 1st place "ProtectStar Award 2009" ProtectStar big comparative test report

Note: Most test results for NIS apply for NAV and vice versa, except for firewall tests.

Gallery

The following pictures are screenshots of previous versions of Norton Internet Security.

File:NIS.GIF Norton Internet Security 2005 AntiSpyware Edition	Norton Internet Security 2006
File:NIS 2007 WinXP.PNG Norton Internet Security 2007	File:NIS 2008 Vista.png Norton Internet Security 2008
Norton Internet Security 2009

References

^ http://www.macworld.com/article/137650/norton.html
^ Norton Internet Security 2007 Internet security and firewall reviews - CNET Reviews
^ Oli Warner (2006-09-22). "What Really Slows Windows Down". thepcspy.com. Retrieved 2006-09-24.
^ Oli Warner (2006-09-10). "What Slows Windows Down". thepcspy.com. Retrieved 2006-09-10.
^ "Windows XP Service Pack 3 problems continue". tech.yahoo.com. 2008-06-09. Retrieved 2008-06-19.
^ Gregg Keizer (2008-05-23). "Symantec pins blame for XP SP3 registry corruption on Microsoft". computerworld.com. Retrieved 2008-06-19.
^ "Problems occur after installing Windows XP Service Pack 3 or Windows Vista Service Pack 1 with a Norton 2008 product installed". symantec.com. 2008-06-17. Retrieved 2008-06-19.
^ Neil J. Rubenking (2006-10-04). "Norton Internet Security 2007 Review". pcmag.com. Retrieved 2008-06-19.
^ Neil J. Rubenking (2007-09-07). "Norton Internet Security 2008 Review". pcmag.com. Retrieved 2008-06-19.
^ Neil J. Rubenking (2008-09-09). "Norton Internet Security 2009 Review". pcmag.com. Retrieved 2008-09-30.
^ Erik Larkin (2007-11-29). "Norton Internet Security 2008 Review". pcworld.com. Retrieved 2008-06-19.

[1] ttp://www.macworld.com/article/137650/norton.html

[2] Norton Internet Security 2007 Internet security and firewall reviews - CNET Reviews

[3] Oli Warner (2006-09-22). "What Really Slows Windows Down". thepcspy.com. Retrieved 2006-09-24.

[4] Oli Warner (2006-09-10). "What Slows Windows Down". thepcspy.com. Retrieved 2006-09-10.

[5] "Windows XP Service Pack 3 problems continue". tech.yahoo.com. 2008-06-09. Retrieved 2008-06-19.

[6] Gregg Keizer (2008-05-23). "Symantec pins blame for XP SP3 registry corruption on Microsoft". computerworld.com. Retrieved 2008-06-19.

[7] "Problems occur after installing Windows XP Service Pack 3 or Windows Vista Service Pack 1 with a Norton 2008 product installed". symantec.com. 2008-06-17. Retrieved 2008-06-19.

[8] Neil J. Rubenking (2006-10-04). "Norton Internet Security 2007 Review". pcmag.com. Retrieved 2008-06-19.

[9] Neil J. Rubenking (2007-09-07). "Norton Internet Security 2008 Review". pcmag.com. Retrieved 2008-06-19.

[10] Neil J. Rubenking (2008-09-09). "Norton Internet Security 2009 Review". pcmag.com. Retrieved 2008-09-30.

[11] Erik Larkin (2007-11-29). "Norton Internet Security 2008 Review". pcworld.com. Retrieved 2008-06-19.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]