Review: BitDefender Internet Security 2010by Steve Ragan - Sep 1 2009, 23:35
The Tech Herald reviews BitDefender Internet Security 2010. (IMG:S.Ragan)
Earlier this month, BitDefender released their 2010 line of software. The 2010 line introduces a new technology called Active Virus Control, or AVC, as well as a profiling system that controls how a user will interact with the software. Will the new designs and layers hurt or help?
This year, The Tech Herald opted to test BitDefender’s Internet Security 2010 instead of Total Security, as we did last year. The difference between BitDefender Total Security 2010 and Internet Security 2010 is PC Tuning, File Shredding, and Data Backups. Total Security has those options, while Internet Security does not. When it comes to security, both products use the same engine and layered scheme for protection.
We were surprised with how will BitDefender Internet Security 2010 performed compared to the 2009 version of Total Security. Detection, especially when it came to anti-Spam performance and Malware protection, got a bit of a boost.
However, usability was enhanced for 2010 as well. The idea of profiling a user based on a few options, and designing the control interface based on how a customer answers, was impressive. From the Novice profile, where you get just three buttons, to Expert level where you can see everything under the hood, BitDefender went all out on usability this time around.
Installing BitDefender Internet Security 2010
The installation process was decent, about five minutes overall, but that was just to install the needed components for the software. After the installation is complete, you will need to reboot, and then move into the registration and configuration options. Here we needed to register the software and select the network type (home or public). It should be noted that if you have an existing BitDefender account, you will use that, otherwise it is mandatory that you create one.
The configuration starts next. The first thing you are asked is how the computer is used. There are four options to pick. The first is Typical, if the computer is used for browsing and basic multimedia applications, Parent if the computer is used by children, Gamer if the PC is a gaming system, or Custom. For our testing we selected typical.
After that you need to select a profile, which includes telling BitDefender if the system is a laptop and if it is a part of a home network. BitDefender Internet Security 2010 is available for three systems per license, and offers network security management. In addition, if the system is a laptop, certain options are enabled to lower the taxation on the battery.
The second part of the profile is the most important to the usability. This is where you will select the user type. There are three levels, Novice, Intermediate, and Expert. Novice has a simple interface, three buttons, Scan Update, and Vulnerabilities Check. Intermediate, which is what we used during testing, assuming the role of an above average computer user, offers slightly more control over what the software does. Expert uses an interface that allows fast access to every aspect of the software, the kitchen sink if you will.
Once the profile aspect of the configuration is complete, you’re ready to start using it after a quick scan and signature update check. The overall process to this point took about 10 minutes.
Using BitDefender Internet Security 2010
As mentioned, we chose the Intermediate mode for the user type. While offering more control than the Novice mode, there is still far less than what comes with the Expert setting. This level offers a healthy mix of options, without all the confusing settings. The five tabs offered are Dashboard, Security, Parental, File Vault, and Network. They granted access to exactly what was needed to enable or disable controls, but withhold access to more advanced and risky options like firewall rules.
However, because some games or software will require certain access, you can move between modes and access various settings. To keep things in check, BitDefender, like many of the other security vendors, has included a Game Mode, which covers not only Firewall settings, but also prevents the software from pestering you during gameplay.
The main part to the control center is the Dashboard. This is offer the heads up on the state of the system’s security, as well as a one click system scan. The Security tab is where you can update the software and signatures. Moreover, this is where you launch a system scan, my documents scan, or wizard driven custom scan. You will configure Parental Controls in the Parental tab and store and encrypt files inside the File Vault. Lastly, the Network tab allows you to manage the other computers using BitDefender on the network.
Accessing various controls and features in the control center is simple enough. The control center itself is easy on the eyes too. Should you need help, there is an always present help link, and the help manual uses images and simple to follow explanations. In addition, the lower part of the control center, when you hover over an option or section within a tab, will explain what it does.
Overall, the interface and control improvements in Internet Security 2010 stand out when compared to other BitDefender releases. If there is any down side to the usability, it will come from the slight lag in the system. This happened during testing when we launched new scans and loaded the control center. In each case, there was a slight pause while things loaded. However, during scanning, there was no noticeable lag on the system.
Below are examples of the various control center views, starting with Novice and ending with Expert.
Scanning with BitDefender Internet Security 2010
Scanning and overall Malware protection in BitDefender Internet Security 2010 comes from three layers. The first layer is the signature based Malware detection. This is a given, as every vendor uses it. The other two layers, B-Have and Active Virus Control, are what make the protection in BitDefender’s latest 2010 offerings more rounded.
B-Have was introduced in previous products by BitDefender. What it does is check a potentially malicious program by running it in a virtual environment. Active Virus Control, AVC for short, adds to this by looking at how a program acts when it executes on your system. As the program runs, AVC will score it depending on what it does. If the score gets too high, then the program is reported as malicious. For users in Novice mode, the program will be terminated, those in Expert mode will be offered options, as user intervention will be required.
Last year, when it came to scanning, BitDefender was about average, if not a little below, when we tested Total Security 2009. The average Full system Scan time was just over 18 minutes. However, in the 2010 line of products, BitDefender optimized the scanning, calling it 30-percent faster, which sounds great on paper, but we had to see it to believe it.
The Optimized scanning is based on two databases. There is a short term and a long term database. The files scanned by BitDefender and deemed safe, are added to the short term database. The files in the short term database with the most access are checked against the BitDefender Online Database of Clean Files and added to long term database if listed as safe. Files in the long term database will never be scanned again, unless they are changed. If this happens, the process is repeated.
The lab computer used to test scanning included 1.32GB of random files to add bulk to the contents available to scan. The files used included fonts, images and icons, PHP, HTML, and CSS files, as well as ZIP and RAR archives for a total amount of 21,806 files. It should be noted that none of these files were malicious. Overall, the lab system was using 7.08GB of hard drive space.
Full System Scan
Full Scan 1 - 31:49
Full Scan 2 - 05:51
Full Scan 3 - 03:37
Full Scan 4 - 03:07
Full Scan 5 - 02:58
Average Scan Time: 9:28.4
(AST BD TS2009: 0:00:18:08.2 – reviewed 10-13-2008)
As we said, we wanted to see the optimized scanning to believe it, but nothing prepared us for these scan results. The first scan was the longest, but after a reboot and rescan, the times kept getting lower and lower until only the system files were checked.
It should be noted that scan times will vary, as no two systems are alike.
Our testing systems are uniform, so the disk space, aside from what is added due to software, various OS updates, and the size of the tested security program, are consistent. We do this, so that when we perform scan tests, the software we are testing has the same chance as what was tested previously.
However, for consumers at home, the space used on a system is always in a constant state of flux. It is for this reason, that you might have faster times than what we recorded, as well as times that are considerably longer.
Malware detection testing for BitDefender Internet Security 2010 included 400 samples, which are worth 0.125 points each, for 50 points in the test overall. While testing, BitDefender was able to catch most, but not all the samples given to it. Out of the 400 samples, BitDefender Internet Security 2009 missed 10 of them. The results are below.
This file is just a random generic P2P Worm that spreads over Kazaa.
Renos is a family of Malware that will attempt to extort money from users by presenting them with fake workings and other system alerts about malicious infections. This is commonly known as “Rogueware” or “Scareware” In addition to these fake warnings, some variants will modify a system's host file, blocking access to security vendor websites.
BetterInternet is mostly harmless, but annoying. The application is Adware, meaning it will display pop-up ads and other advertising content. Often, variants of BetterInternet come as a pop-up blocker or toolbar, but in the past it has been associated with information tracking software, or Spyware.
Zlob-samples 386, 390, and 396
The Zlob family of Malware is well-known to security vendors, and there are several variants circulating online. Zlob is often associated as a delivery system for more Malware, as once installed it will deliver more malicious payloads if left alone to run. Zlob has been tagged as a part of several Rogue anti-Virus installs as well as malicious sites online that server up fake code warnings.
Malicious URL Detection
BitDefender Internet Security 2010, armed with an anti-Phishing browser add-on, and its firewall, as well as AVC, says it will protect users as they surf the Web. We tested ten malicious domains, and assigned them one point each for the overall score of the review.
[Note: The domains listed below are malicious and were active as of 8-30-2009. Do not attempt to visit them.]
BitDefender blocked the EXE from being downloaded and installed.
This site was almost counted as a fail as it downloaded and installed an application that launched E.EXE. However, just as we were about to mark our notes, AVC issued an alert, and killed the process.
This site was serving a Waledec variant. BitDefender killed the download and prevented installation.
These two sites were serving the Braviax Trojan, both were blocked, and the download prevented.
BitDefender blocked Trojan.Generic from downloading.
Two Trojans were served from this site, both were blocked.
This site was serving Dream Media Player updates. The interesting note about this site is that it was blocked by BitDefender’s anti-Phishing.
This site served up preview_tube.exe. We were able to download the Malware from the domain, and once it was running, only then did BitDefender ask to block third party connections. When prompted to block connections, we allowed the firewall to block, but that did not prevent the “Windows Protection Suite” from initializing and attempting to install.
Since BitDefender did seek to block connections, and those connections prevented the Rogue anti-Virus from installing fully, we gave this domain half-credit. While the domain test is pass or fail, this instance it was literally both. It failed as the payload downloaded, but passed as it prompted us to the external connections that we were able to block.
While we could have picked a new domain and moved on, we don’t do that in the lab. The only time a domain is switched is if it is unavailable. This domain worked, so it was counted. If you wish to discount this domain, then the total score for BitDefender Internet Security 2010 will need to be lowered by 0.50.
This domain instantly links to another, which serves up the Rogue anti-Virus known as Total Security. We’ve seen this Rogue, a few times in the lab, but considering the attention it and others like it have gotten from legitimate anti-Virus vendors, we are still surprised and admittedly a little disappointed when it isn’t blocked.
BitDefender alerted us to external connections, and when prompted we ordered them blocked. However, that was no help whatsoever as Total Security installed, and ran alongside BitDefender. This domain was marked as a fail.
The Anti-Spam protection for BitDefender Internet Security 2010 performed as promised. It works with Thunderbird, Outlook (2000, 2003, and 2007), Outlook Express, and Windows Mail. It uses a Bayesian filter, which is trainable, and you’ll use a wizard to get started the first time out. Like the Wizard for the profiles, you can rerun the mail wizard at any time. In addition, you can import and export filter settings. The toolbar offers what you would expect, with Spam, Not Spam, as well as white and blacklisting options.
For the record, we skipped the training during testing, as there were no emails to train the filter with. During the testing period, we downloaded 813 emails. Of those, eight were correctly marked as legit mail, one email was incorrectly marked as Spam, 16 were missed entirely, and 788 were blocked correctly. One of the flagged Spam messages was also noted and blocked as having a Virus attached.
Since there was one false positive, we lowered the count of correctly marked spam by one. Even with that, the overall block score was 96.8-percent. (787 out of 813)
BitDefender Internet Security 2010 is a vast improvement over previous efforts. Compared to Total Security 2009. It’s almost a completely different product, despite the fact that Internet Security and Total Protection use the same protection layers and engines.
There is some system lag when scans are started. Yet, once the scan was running, the resource usage was nominal at best. As mentioned when you launch the control panel, the system will lag for a second or two. There were no lag issues when the software updated, which it does on its own or with manual instruction.
Download the trial and test it, as no two systems are the same. While we had great results, systems that are older or that have larger drive utilization might not see the same scanning performance or resource performance that we did, so its best to try before you buy.
BitDefender Internet Security 2010 retails for $49.95 USD, and will cover three PCs for one year. You can order it online here.
Final Score: 95.25 out of 100