Norton Internet Security 2004

Virus protection and Internet security programs, necessary though they may be, make me cranky. My experience is that they gum up the works and, if you don’t configure them properly, interfere with all sorts of things you do, often without letting you know why or sometimes even when they’re doing it.

Norton Internet Security 2004 from Symantec is a very powerful new Internet security program, so naturally it made me very cranky when I reviewed it for this publication.

Which is not to say I wouldn’t recommend it to small businesses looking for a complete security solution. I do, in fact. It’s a very well integrated suite with anti-virus, personal firewall, intrusion detection, privacy control, parental control and anti-spam components — which you can enable or disable as needed.

It protects in important ways some other programs do not — the new anti-spam functions, for example, though necessarily imperfect, and the ad blocking functions, which are very welcome. It gives you a single supplier for all of these functions, and a single, consistent interface for controlling them.

NIS is probably no more intrusive or irritating than other programs of its kind. But the initial experience did nothing to dispel my misgivings about security programs in general.

Getting Started
I first installed the suite on my main production system. I was impressed by the quick and slick install, and by the almost as quick and slick process, automatically invoked, for downloading and installing updated components and virus scan data.

Automatic functions are often the problem with security programs, but this is one you want. If the program is to protect you, it must be kept up to date — new viruses and worms are created every week. The easiest way to do this is to turn on the automatic update feature — which most security programs have, not just this one.

The program will then periodically go out over the Web to the developer’s site, check to see if there is anything new to install, and tell you if there is so you can download it.

After restarting my computer following the update installations, the NIS Personal Firewall immediately began displaying dialog boxes asking me what to do about programs on my computer that were trying to access the Internet.

This is usual for firewall products. In NIS, you click on a pull-down list and select the appropriate answer — allow, always allow, block, always block.

In some cases, the decisions were easy — for example, yes, allow MSN Messenger. In other cases, NIS would tell me that some unfamiliar program was trying to access the Internet. Do I even have this program on my computer? And why does it have to access the Internet? NIS is recommending I block it. Why? Is this just on general principal, or does it know something I don’t?

With programs it recognizes, such as Outlook Express, NIS starts automatically configuring and generally intruding into the workings of these programs — for perfectly legitimate reasons, of course.

As it does this, it slides message windows up from the system tray at the end of the Windows menu bar letting you know what it’s doing. The language is not always very clear, however, and the messages sometimes slide back down before you have a chance to take them in. Occasionally there is more than one message on the screen at the same time.

Clearly all this activity is chewing up memory and other computing resources. It’s also confusing, and irritating — especially to neophyte users.

My recommendation to Symantec: the first time Personal Firewall detects a program trying to access the Internet, pop up a brief tutorial clearly explaining how the firewall works and what the options mean, and providing tips to users on how to determine which response is appropriate for each application.

Possible Complications
The real problems began soon after this initial start-up. Response times in commonly used programs — Word and Outlook Express, for example — began to slow. Programs froze.

In the two years since setting up this Windows XP system — 1.6 GHz P4, 512MB RAM, with gigabytes of spare disk space — I have rarely if ever seen it brought to its knees in the ways that were so familiar in Windows 98 days. But that’s what seemed to be happening with NIS 2004 running on it.

Rebooting several times failed to resolve the problem. In the end, I uninstalled NIS 2004 and installed it on another, older Windows XP system instead. The problems did not reappear on the second system.

I cannot tell you what caused the behavior on the first system, or whether it could have been resolved — I assume it could. Security programs by their nature get deep into the workings of your computer, and what they do there is sometimes hard to detect or predict.

Bottom line: Be prepared for complications and technical support calls. With luck you won’t have them.

Improvements in 2004
I still recommend NIS 2004. Here’s why: I’ve had similar experiences with other security programs. It’s the nature of the beast apparently. And this beast has much else to recommend it.

One new feature is that it detects non-virus threats that other mainstream security programs do not, such as spyware and keystroke loggers. These are programs or devices planted on or connected to your computer. Sypware can be sent like viruses over the Internet. Or an individual who has physical access to your computer could install a spyware program or device.

Spyware can capture screens viewed or every keystroke you make and store captured data in a file on your computer for later retrieval, or send them over the Internet to the remote snoop’s computer.

At best, they invade your privacy and feed information about your Web surfing behavior to advertisers. At worst, hackers can use them to steal highly confidential information such as trade secrets, financial information, credit card numbers, etc. NIS detects their presence and alerts you.

Also new, NIS automatically filters spam in any standard POP3 e-mail connection. It integrates smoothly with MS Outlook, Outlook Express, Eudora, Hotmail and MSN Mail. The anti-spam component can even learn what is and isn’t spam by analyzing your outgoing messages.

Like all spam filtering it is by no means perfect. It will never filter all junk mail — spamsters are always working to find new ways to avoid detection by filtering programs. And it may filter legitimate mail by mistake. It’s no different in that respect from other spam filtering systems, though.

NIS uses additional filtering mechanisms. You can create a list of addresses to always block, and a list of always-trusted addresses — which NIS starts compiling by importing your e-mail program’s address book. You can also subscribe for an additional fee to updates from Symantec that recognize new spam patterns.

One other critical new feature: The firewall function will detect the presence of available networks, such as wireless networks, and adjust security settings according to what it finds. This provides a little extra protection to laptop users who log on to Wi-Fi hotspot networks and office wireless local area networks.

NIS’s intrusion detection system sniffs Internet traffic for Nimda and Code Red-type attacks and automatically blocks them. Symantec suggests in its literature that this is a feature McAfee’s competing Internet Security product does not have, but McAfee says its VirusScan product (included in Internet Security) does block this kind of attack.

Lesson: Beware of vendors’ claims for competitive advantage.

The AntiVirus component is clearly the most important. Is it better than McAfee’s? Answering that would require an exhaustive comparison of features and almost daily analysis of virus scan updates — both well beyond the scope of this review.

Parting Thoughts
Norton Internet Security 2004’s strengths are its completeness and its slick integration of a bunch of disparate components. On the evidence, it appears to be superior to McAfee’s offerings on these criteria.

Norton Internet Security 2004 is available for $70 for home package, also available in a five-user small business package for $399.