Text Box: Comprehensively Protected As the number of different security threats to online computer users increases, so does the number of products available to protect us against them. Michael Benis puts 5 of the top security suites through their paces. Upping the ante There's no doubt that the number of threats to online computer users keeps increasing. Whereas viruses could once only arrive in the form of executable files, there is now a bewildering array of other potential nasties we can get from files and over the Internet, ranging from Word macros to scripts. Even JPEG image files can no longer be regarded as completely innocent. But that's not all. Anyone online, particularly if they have an always-on connection such as broadband, is at least in theory vulnerable to hackers, whether they're actually out to cause your own computer lethal havoc or are simply hijacking it to send out spam e-mails. Then, as if that wasn't already enough, there is also the threat of so-called spyware, not to mention "phishing" e-mails designed to con you into entering your personal banking and other similar details in bogus Internet sites, from which it is collected to be used in various different types of fraud and theft. It's a bleak picture and certainly requires you to take a number of precautions to protect yourself against the many different potential adverse consequences. Translators are particularly exposed to these risks due to the fact that so much of our working day is now spent online, whether sending and receiving work, networking using translators' mailing lists and dedicated web sites, or using Internet resources for subject and terminology research. The antivirus software companies have responded by developing comprehensive new products that are really suites of four or five separate products that have been integrated to offer a complete solution. These suites are known as Security or Internet Security suites and are now available from all the big names in antivirus software as well as one of the biggest names in firewall software, ZoneAlarm. Bulletin has tested five leading products for this review, as well as the beta version of Microsoft's AntiSpyware product and the latest version of Spybot Search & Destroy, which we first reviewed about a year ago. Basic security precautions But before we leap in to tearing off the shrink wrap, let's recap the basic precautions one should take irrespective of whether you use this software: Firstly, never under any circumstances open an e-mail attachment you are not expecting, even if it comes from someone you know. If you are unsure, simply reply to the sender asking them to confirm that they sent the attachment on purpose if at all (viruses can often appear to come from people you know when this isn't in fact the case). This simple act would protect you against most albeit not all of the various viruses that have caused havoc in recent years. If you do not receive confirmation from the person, delete the message and attachment with it. Make sure, in addition, that your e-mail program empties its deleted files folder whenever you shut it down. This will make sure that the potential virus file is no longer on your system. Secondly, especially if you use broadband, make sure you use a hardware firewall. In most cases the best solution is to opt for a wireless network, which is easy to install and change, as well as being perfect if you have a laptop that you occasionally want to use in a variety of rooms or even from the garden. But the big advantage where security is concerned is that the wireless "router" box acts as a firewall barrier between your computer and the Internet. It isn't foolproof, but in most cases it will do a better job under extreme circumstances than any software firewall if set up properly (and the default settings with which these things come straight out of the box are generally fine in this respect). The fact that most of us now use broadband and recognise the benefits of a network for backup purposes (whether for backing up files or having a computer that is immediately available to carry on working without break if our main computer develops a fault), makes these routers with built-in firewalls a tremendous "two birds with one stone" solution. Most e-mail programs allow you to divert mail from certain addresses straight to the delete folder. Learning to use this is one way of reducing the volume of spam that pesters you. Some of the latest programs, including Microsoft's Outlook reviewed elsewhere in this issue of bulletin, also have dedicated functions for filtering out spam mail. You don't necessarily need to buy a separate product to cope with the problem if, indeed, you find it a problem to simply delete the junk as it comes in. Certain types of spyware rely on tracking cookies, which you can stop being downloaded by increasing the internet security settings in your browser, such as Microsoft's Internet Explorer. The only downside to this is that most browsers can't be set selectively and high settings may stop you from being able to use certain Internet resources on which you depend. Lastly, don't forget that there is excellent free and/or cheap software available on the Internet, including Microsoft's AntiSpyware and Spybot considered in this review, not to mention Zone Labs' basic software firewall or the one now included in Microsoft's Windows XP. If your eyes are already starting to glaze over having read that advice, then you definitely need to think of buying one of the products that are being reviewed here. If, on the other hand, you've been nodding wisely, you may be able to carry on getting away without them. There is, of course, the chance that you won't get away with it, but then there is likewise the chance of malicious code getting past the defences of even the very best of these products. So, there's no risk-free solution. In my opinion, however, the bottom line is not how proud we may or may not be about our computer literacy and ability to protect ourselves against threats without any help from the big names in the field, but that our often hectic schedules mean we may occasionally click before we think and pay the price, both financially, in terms of loss of work, and possibly - even worse - in terms of loss of reputation. So I'll stick my neck out and tender the sage advice that you don't stick out yours but adopt a solid belt-and-braces approach. Follow every precaution you can think of, get a hardware firewall and install one of these products to boot. Every rose has its thorns The products we've tested come from some of the biggest names in the business: F-Secure, McAfee, Norton, Trend Micro and Zone Labs. At the same time, few of them were perfect. These are the main problems we encountered: incompatibility with installed programs, considerable slowdowns in system performance, stability problems and variable performance even in core product areas, not to mention in some cases simply appalling product support. You'll find brief reports on all this in the short individual reviews that follow, each of which also provides an overall performance rating out of a hundred in terms of ease of installation and use, scanning performance and overall security, speed, service and compatibility. Although you can certainly use these figures as a buying guide, I wouldn't recommend that you use them as the basis for abandoning any similar product installed on your system, assuming you are currently satisfied with its performance. Apart from anything else, it's worth remembering that all these products are under continuous development and some could quite easily leapfrog each other in several respects more than once in the months to come. What you get in the box In most cases, you get very little in your box: a CD and a slimline manual if you're lucky. More comprehensive information and user guides are generally available from the companies' websites, and in most cases you will save money and time by downloading the whole product rather than actually buying a "physical" version. Install the software and you'll find that you generally get a program consisting of five or so components accessed from a main "control panel" that you use to monitor any problems and choose the various settings you require (or your friendly local computer expert recommends). All the programs are automatically configured to run as soon as you start your computer, ensuring it is "secure" from the word go when you switch on in the morning, connect to the Internet and start downloading your e-mail while reading the Guardian online, or whatever else tickles your fancy. Here's a brief description of those components: Anti-spyware program Spyware is generally relatively innocent, although it is an invasion of privacy. It basically uses cookies (identification tokens that are downloaded to your computer) and other software to track your surfing and deliver targeted advertising. You can pick up quite a collection of these little terrors as you surf, which generally load every time you start your computer. Though similar to viruses in that they also install themselves without your consent, spyware differs in that it won't intentionally damage any of the data on your system, but it can certainly slow down performance and cause stability problems, including a gradually increasing incidence of crashes. Fortunately there are some very good programs for getting rid of spyware and keeping it at bay. We have tested two at bulletin that we can recommend without hesitation. The first is Spybot Search & Destroy, which you can download free of charge from http://www.safer-networking.org, paying a small donation by way of thanks. Spybot has been considerably refined since we last tested it and offers both a sophisticated expert interface and a very simple one for beginners, enabling you to cope with most problems, whatever your level of computer literacy. Microsoft has also released a spyware removal and protection product that it acquired and is busy refining. Called Microsoft AntiSpyware, it is still at the beta stage and available free of charge at least for the time being from http://www.microsoft.com/athome/security/spyware/software/default.mspx. It's generally best to use more than one anti-spyware product to be absolutely sure your system is clean, and the combination of Spybot and Microsoft's offering works very well. Both managed to find problems that the anti-spyware programs bundled in the security suites failed to stop, so whichever of the latter you choose, install one or preferably both of these anti-spyware products as well. We encountered no compatibility programs with any of them during our three-month test period. Ad blocking Most of these suites can be used to block popup and other ads that can simply intrude on your browsing or, in the worst cases, tempt you to download spyware and/or useless toolbars etc. Most browsers now also offer this protection, including the latest versions of Microsoft's Internet Explorer. Antivirus program Computer viruses are small computer programs that are designed to trick you into installing them, after which they engage in some malicious activity, possibly including damaging your data, while always replicating themselves and using your system to spread to others in your network or on the internet. Being very careful about what files you open when they have been sent to you and setting your browser and e-mail security very high for Active-X and Java in particular can help protect you without antivirus software, but this is one area in which you definitely want to follow a "better safe than sorry" policy and that involves buying a dedicated antivirus product or one of the security suites reviewed here that contain them. Included in the price is an annual subscription to updates both to the software and, above all, the "virus definitions", which contain the information the program uses to recognise and destroy new viruses. All the products basically offer four virus scanning functions: Scanning of incoming e-mail to detect and destroy any viruses as they arrive Scanning of outgoing e-mail to destroy any viruses leaving your system to ensure you do not pass them on System scans, which scan the files on your computer to check for and destroy any viruses Dynamic scanning, which scans all system activity to check for viruses or suspect "virus-like" activity The systems really shine (or glimmer) in two distinct areas: the most important is how good they are at actually finding viruses, particularly in zipped or archived files; while the second is the extent to which scanning slows your computer down either when sending and receiving mail or when dynamically scanning programs as they run. The higher your demands on your system's resources because you are, for example, combing a translation memory product with speech recognition, for example, the more likely you are to notice the difference. With some of the worst offenders, you may even be tempted to disable dynamic scanning and possibly outgoing mail scanning (especially while sending very large files over a slow connection). The speed of a system scan can also be important and there are big differences between the products in this area too, with the fastest taking less than half the time of the slowest, although to be fair you are only really likely to want to run a complete system scan at the end of the day after you have finished work, and not every day at that. The slowest manual scanners (times shown below) also tend to have the slowest dynamic scanning, however, and that can impact on your productivity. You can of course disable dynamic scanning and only use your antivirus package to scan programs as they come into the your computer or for manual scans, but this of course reduces the overall level of security. Firewall This software acts as a virtual barrier between your computer and the internet, preventing hackers from targeting and accessing your programs and data. Although not incredibly sophisticated products, they can be difficult to set up, making ease of use one of the primary concerns for non-specialist users. Network security This function, also known as Parental Control, is designed to stop your browser accessing either specific websites or certain categories of websites that you consider to have offensive content and would rather avoid. Personal data Security These functions help you be careful about the sites you provide with personal information, ranging from your date of birth to your internet banking details. You have to enter this information in the program, which itself constitutes a risk, but once there it will help you guard against providing the information to rogue sites prompted by "phishing" e-mails or spyware. Spam filter These products simply label or filter your spam e-mails to a separate folder, as the name implies (although some of the product names imply more, not least of all McAfee with its Spamkiller - fortunately no sound effects are provided). In case you're wondering why they don't just kill the spam, the reason's simple: the systems can and do make mistakes, identifying legitimate messages as spam or vice versa. All the products consequently have features that allow them to learn (or be "told") which e-mails are spam and which aren't. One of best the spam filters is the one in Microsoft's Outlook 2003 (reviewed elsewhere in this issue). Only a couple of the Internet security products tested here were able to equal or beat it. How the suites shaped up F-Secure Internet Security 2005 One of the surprise stars of this review, F-Secure combines very thorough scanning with overall ease of use. In fact, it was the only program out of the whole bunch that successfully identified a virus in an archived file of old e-mail messages. The downside is that it interferes with many routine operations in the beginning as it learns how you use the programs on your machine and asks you to authorise their access to the internet for updates and other reasons. It also had a more noticeable slowing effect on general system performance than its rivals. Manual scans likewise took the longest, averaging 55 minutes on our test PC. Its spam filter and anti-spyware features were both average. No compatibility issues were encountered with a variety of printer, scanner, translation memory, speech recognition and dictionary software. Customer service by e-mail is prompt and solicitous. Amongst the best. Guideline price: GBP 48.97 inc. VAT Overall score: 85 McAfee Internet Security 7.00 McAfee has been one of the biggest names in antivirus software for over a decade now, and its product certainly didn't disappoint in terms of the range of features or depth of reporting offered. Unfortunately it didn't shine in any area either, however, and didn't always recognise zipped viruses, although it would catch them when unzipped. Scan times were average at around 42 minutes, but weren't the most through. In addition, the antivirus program didn't always load properly on start-up and had to be started manually. The Spamkiller function works reasonably well, but insists on scanning all your e-mail every time it opens, which causes an unnecessary delay if you have a lot of mail stored away for one reason or another. Scanning large outgoing files could also cause long delays, sometimes preventing the file from being sent at all. Also, compatibility wasn't faultless, in particular with the Hewlett Packard toolbox software, which also caused problems with ZoneAlarm. Unlike ZoneAlarm, however, McAfee's customer service can only be described as execrable, particularly the online chat service. McAfee's offering didn't shine through for ease of use either, though it wasn't particularly bad in this department. If you're a happy McAfee user, stick with your choice, but all in all, there's no doubt you can get better performance and service for your money. Guideline price: GBP 40.39 inc. VAT Overall score: 63 Continued here (Part two)

First published in ITI Bulletin, 2005.