Review: Kaspersky Internet Security 2011by Steve Ragan - Oct 15 2010, 15:00
Review: Kaspersky Internet Security 2011
Kaspersky is one of the most established security tools in the industry. The security software of choice for geeks and technical users the world over, the software is also easily managed by a typical consumer after some time with the product. We recently installed the new 2011 version of Kaspersky Internet Security and gave it a spin, here are our thoughts:
The Tech Herald last reviewed Kaspersky Internet Security in 2009. Itís been two years, and we were excited to see what the latest offering brings to the table. After attending the kickoff for the product in New York in August, we were initially impressed with the overall package.
Depending on the platform, Kaspersky has planned things for users still running on XP and Vista, and offered styled use for those on Windows 7. However, demos and launches aside, nothing compares to actual hands-on usage.
Installing Kaspersky Internet Security 2011 (KIS 2011) is straightforward. While the more advanced user will likely take advantage of the changed installation options setting for more control, the wizard walks you through everything you need to get up and running.
For this test, we used the default settings. After agreeing to the standard legal jargon, the first thing you are prompted to do is allow information to be collected for the Kaspersky Security Network (KSN).
KSN will send Kaspersky Lab information related to protection status, as well as information related to potentially malicious files and their actions. In addition, it will collect operating system information, hardware and software details (including details on what version of Kaspersky you are using and the license type), and details on the applications downloaded and ran on the host computer.
Once that is done, you will do the actual installation. It takes a while, and the longest part of the process after copying the files is the system analysis. This builds a list of trusted applications within the Windows OS. Others are analyzed when they are started for the first time.
If Kaspersky detects other security software, as was the case on a second lab computer where an old installation of McAfee Site Advisor was discovered, you will be prompted to remove it. If this happens, youíll need to reboot. Otherwise, there is no rebooting required once KIS 2011 is installed. Overall, you should expect installation to take approximately five to seven minutes.
Depending on your operating system, the first thing you might notice is a widget on your desktop. This handy little circle has two buttons and a clear visual cue to the overall status of system security. The buttons can be configured for personal use, allowing them to trigger a task of choice such as a system scan or Safe Run for Applications. However, the widget itself is only available via Windows Vista and Windows 7. Windows XP users can create shortcuts on the desktop.
The main Control Panel is streamlined. The granular options and controls offer a great deal of organization. The more technically savvy user will love the ability to drill down and control everything. More importantly, however, the simple point-and-click on and off abilities that are there by default will appeal to the more general user.
We had no problems controlling things with the basic defaults offered in KIS 2011, and we liked the fact that when things like a system scan were launched it didnít spawn a new window, as is the norm, it simply launched from the main panel.
Split into six tabs, the control panel offers everything needed to control KIS 2011. The Protection Center is the tab where the majority of users will spend much of their time, and it is split into three subsections: Files and Private Data; System and Applications Protection; and Online Security.
The Safe Run tab is another important aspect within KIS 2011, here you can designate an isolated browsing session or desktop that will protect the system itself from harm. Also present is a virtual keyboard to prevent keylogging when you access banking or other sensitive sites.
If you like things advanced, the settings option in the upper right of the control panel has all the options and settings you need. However, for the uninitiated to the ways of Kasperskyís detailed customization, even the advanced area is mapped out in an easy-to-follow schema.
When it comes to scanning, KIS 2011ís engine is the same engine used in Kaspersky Anti-Virus - an engine that would rather perform a thorough scan of the system to root out problems, rather than blaze through files in a matter of seconds.
If you want speedy scans, there are options for that. Several menu items in KIS 2011ís settings help shape Optimized Scanning, but we stuck with the default settings for this test. This is the reason for the moderately slow scans. This time around, KIS 2011 is much slower when compared to the 2009 version of KIS.
Indeed, the slow scanning is because the engine itself crawls the system and looks... at... everything... kitchen sink... and all... Itís no wonder, therefore, that when our test system was scanned during Malware testing, KIS 2011 scored an even 100 percent.
Full System Scan (Kaspersky Internet Security 2011)
Scan 1 - 01:11:34
Scan 2 - 00:44:53
Scan 3 - 00:21:19
Scan 4 - 00:21:21
Scan 5 - 00:21:40
Average Scan Time: 00:36:09.4
(AST KIS 2009: 0:00:09:01.6 - Reviewed 11-03-2008)
As you can see, while the scan times are slower, KIS 2011 keeps things consistent once it learns the system.
As mentioned, KIS 2011 scored a perfect 100 on Malware testing. There were 673 samples, a mix of Malware ranging from rootkits to typical Trojans. If we attempted to execute Malware, it was blocked. If we simply placed the Malware on the system and let it rest, the passive background scanning by KIS soon discovered it.
As an interesting aside, the container that is to deliver the payloads, while it alone is normally scanned and removed by other security vendors, was shredded by Kaspersky. If a container was set to deliver five payloads, Kaspersky detected six problems, one for the container and five for the payloads.
Itís both interesting and impressive to watch Kasperskyís scanning engine at work. We flooded the system with Malware just to see what would happen. Not as part of the test itself, but just to see where the platform's limits were. After taxing the hard drive with almost 700 samples, Kaspersky needed a few reboots and about four hours, but it cleaned everything. The after scan report is below.
The proactive and reactive protections in KIS 2011 keep their promise. If you factor in the protected browsing and desktop environments, each improved in this version of KIS, then attacking a system where Kaspersky is installed is easier said than done.
Malicious URL Detection:
We gave KIS 2011 a total of 10 domains, each less than 24 hours old, to defend against. The domains were pushing anything from PDF exploits and Java vulnerabilities for payload delivery to Phishing.
Most of the domains were blocked, rather nine of them were. The image below is the typical response, a plain Access Denied warning from the KIS 2011 firewall. However, other domains were blocked by both KIS 2011 and Internet Explorer.
Drive-by-downloads were checked as they made it to the system, and once screened, KIS 2011 simply removed them or prompted for permission for them to run, recommending that they be either restricted or blocked.
The one domain missed was a PayPal-based Phishing page. We were able to access the domain and send information to it. Out of curiosity, we used the Safe Run for Websites tool and got the same results, a successful Phishing attack (this is not the typical use for Safe Run for Websites, but we tested it anyway).
Due to the fact that the domain is live, we will not list it here, and have censored it in the images below. However, as of October 14, Internet Explorerís Smart Screen is blocking the domain. Yesterday, when the site was first discovered, this wasnít the case. Please do not go looking for this site. It isnít worth the risk.
KIS 2011ís Spam filtering will need training. However, once that task is taken care of, the protection is decent. Perhaps not the best it could be, but certainly a strong offering nevertheless. We tested 228 emails from an active account. Of those 228 mails, KIS 2011 mismarked only one but missed 10 completely.
Even with the misses, KIS 2011 amassed a solid 95.17 block rate, which is exactly what we look for when we test. With more training, that score will only get better. The key is to teach the software shortly after installation, and when something is incorrect, address the message then and there. The sooner you do this, the better.
Overall, Kaspersky Internet Security 2011 offers tremendous protection. The interface is clean and easy to follow. It offers hardcore users all the advanced settings they could want, while allowing typical consumers point-and-click access. Despite the missed Phishing attack, the only real problem we was connected to the slow (but thorough) scanning.
While we can alter settings, such as skipping clean files that have been previously checked, which would dramatically lower the scan time, we test straight out-of-the-box. This option isnít default, so we didnít enable it until after the official testing.
It would be beneficial to anyone using KIS 2011 to turn this setting on, in addition to checking out other optimized scanning options. Itís worth it, as the scanning engine will check a file for a second time if it changes, and the proactive system monitoring will catch malicious activity from a cleared file should it suddenly go rogue.
Another issue noticed this time around was system drain. In 2009, there was hardly any performance loss when a scan was running. In that version, the only system impact was minor hits during updates. In 2011, when ran on Windows XP, there was a noticeable lag to the system. Aside from the application itself, we were unable to determine why, as we met every one of the system requirements detailed by Kaspersky for XP usage.
Still, those issues aside, Kaspersky Internet Security 2011 is nothing short of a workhorse, and it will do a solid job protecting any system it is used upon. However, before you plunk down $79.95 USD for a one-year license covering three PCs, use the free 30-day fully functional trial.
Final Score: 96 out of 100