Like many in the security industry are doing, Kaspersky Internet Security 2010 leverages anonymous data from its customer base to create a behavioral engine to further strengthen security safeguards. The new version also introduces several useful ancillary tools, including a sandboxing feature for running programs with a significantly reduced risk, and an auto-run disabler for closing up a pernicious Windows security hole. Frustratingly, a significant flaw in the interface design stands out because it’s related to a key feature. Meanwhile, performance felt fine but benchmarking revealed inconsistencies.
Kaspersky Internet Security 2010 will run on Windows XP, Windows Vista, and Windows 7. It costs about $20 more than its competitors, but one license can run on up to three computers. Installation offers a Custom method for advanced users to configure which components will be installed, including parental control, the various antivirus engines, and the virtual keyboard. There’s also an option to not install the anonymous data collection that Kaspersky’s new behavioral engine, the Urgent Detection System, relies on. If you choose to not install it, you won’t be any less secure–you just won’t be contributing your data to it. If you do, there’s a data collection statement so you know what’s going on legally, although I suspect that most users will treat it like any other legalese EULA and ignore it.
The program will also ask you if you want it to disable your firewall if it’s active, and offers a protected install process so your computer is no less safe. People can activate the program through the trial period or by purchasing a license immediately, and they can also toggle the program’s sensitivity to user input by choosing the less-intrusive “trust Kaspersky” option or the more customizable “ask for user input” when it detects a threat.
You can also configure definition file updates as automatic–which is the recommended option–scheduled, or manual, and users will be able to password-protect Kaspersky’s settings. This is a smart safety feature for computers that have more than one user. The last configuration window under the advanced user installation will ask you what kind of malware you want KIS to detect.
Once you’ve finished the installation, KIS won’t require a reboot as it has in the past, although uninstallation still does. The first window that opens will be a virus definition warning that your local virus definition database requires an update. Clicking the link will open the main Kaspersky window and begin updating the program.
Overall, only power users should choose the longer advanced installation process, but the experience was smooth and flawless on a Windows 7 RTM laptop. It had no conflicts with the already installed security program AntiVir, and after uninstallation only two minor traces of the program were found in the Registry. Uninstalling using the included Modify, Repair, or Remove tool allows users the opportunity to keep certain program data on the computer, such as the contents of the sandboxed Safe Run Shared Folder or activation data, and after the reboot KIS had reactivated the Windows Defender firewall.
Interface and features
The full-featured suite, Kaspersky Internet Security, offers a complete and competitive range of security options. The new features in the 2010 edition include the aforementioned behavioral-based detection system called the Urgent Detection Sytsem. The UDS utilizes the anonymous data of 10 million of Kaspersky’s customers who choose to participate in submitting their system scans to Kaspersky’s central servers for analysis, and it “red flags” suspicious behavior so that even if a program used to be safe, it can shut down a newly activated malicious intent.
Although this might sound insidious, it’s actually a smart way to leverage a huge consumer base for security purposes as long as the data remains anonymous. Many other security suites are incorporating behavioral detection engines, so this is something that users will have to get used to if they’re not. Among UDS’s better sub-features include the capability to customize how long it takes to pass judgment on a new program and per-user configuration of the rules governing program behavior.
Even if a program has deep penetration, if it starts behaving badly, then Kaspersky will block it. If it’s an unknown, Kaspersky will treat it skeptically, monitoring and restricting the program until it has been proven safe. The Vulnerability Scan option, available under the Scan tab, utilizes tech from Secunia to determine which programs are potential security risks because they lack recent updates or patches. For programs that may not warn you that they have a pending security update, such as Adobe Flash, having this tool baked-in could be exceptionally useful.
The tools offered under the My Protection tab are nothing short of robust. There’s antivirus protection for files, e-mail, HTTP traffic, and instant messaging. Application control, the aforementioned UDS, includes options for customization, should you need to force access for a specific program that Kaspersky is identifying as a threat. There are protections against spam, phishing, and banner ads, firewall control, and a network monitor to track network activities for users who like to drill down deep into their system’s behavior. There’s also a Parental Control filter, with options to outright block children from particular sites or merely log events. By default, the Parental Control filter is off, and when activated it assigns all other users on the computer Child status until directed otherwise. There’s a Teenager status, as well, for more granular control of restrictions.
The My Security Zone tab is where most of the application control features live. From here, a clean chart organizes your installed programs according to trustworthiness, the Digital Identity Protection feature allows you to uncover which files your personal information resides in according to the program, and the Safe Run sandbox can be controlled. Safe Run nearly doubles the amount of RAM the program uses, but provides a secure environment for launching a program. Safe Run also comes with a sandboxed folder into which you can save files without worry. The feature currently will not run on Windows 7 computers, but Kaspersky has told me that they expect to have the feature fixed before the October release of the new operating system.
Programs can be launched into Safe Run in one of two ways. You can add the program manually through the Kaspersky Security Zone panel, or you can launch it on the fly using the context menu. Hopefully, there will be casual launcher added to jump lists in Windows 7, but that feature doesn’t exist now.
The Update Center tab offers a smooth update scheduler integrated into the main interface. Click on Run Mode to change the schedule. This isn’t remarkable except to point out that only the definition file update offers an update like this. To schedule any other regular scan, you must click on the Settings option at the top right of the main Kaspersky window, choose the feature you want to schedule from the list on the left if it wasn’t open in the main window when you hit settings, select Settings from within the window that opens, and then finally click the Run Mode tab on yet one final pop-up window. It’s a tedious process and could be streamlined to great effect, but it makes one of the basic features of this security program unnecessarily hard to get to.
The program also comes with an auto-run disable feature and a virtual keyboard so that, in theory, you can enter passwords without worrying about a keylogger. In fact, security experts have warned that onscreen keyboards do not decrease the risks of password theft, and either way I think most users will find it superfluous. The new gamer mode, however, isn’t. This basically keeps Kaspersky functioning while you play games, but kills interrupting pop-ups and strips memory usage down to its minimum.
The annoying yellow bar announcing that your computer security is at risk because you’re running the trial can be toggled under the Report link at the top right of the main window. I’m not happy about the wording of the message as it appears in the program, falsely equating your computer’s security with the status of your license when Kaspersky Labs itself offers the trial as full-featured.
Scans and definition file updates performed empirically as expected, with the Quick Scan taking less than 3 minutes. The Vulnerability Scan took less than 4 minutes, as well. The Full Scan, which was expected to be slow, took less than an hour, but as it approached 80 percent completion it oscillated between telling me that it would finish in 1 minute and 2 minutes. In fact, it would take another 11 minutes to finish.
CNET Labs’ benchmarks reveal a slightly different side to KIS. KIS slowed down our test computer’s cold boot time by 2.21 seconds, and shutdown time by nearly 5 seconds. Scan times were actually faster on Kaspersky Internet Security 2010 than Kaspersky Anti-Virus 2010 by 9 seconds. They have identical engines, but KAV has fewer ancillary features. During our MS Office and iTunes decoding tests, both KIS and KAV performed identically, although during the media multitasking test KIS was slower by 64 seconds. In our Cinebench test, KIS fared the worst compared to a standard machine and KAV. KIS hit 3,908, while KAV notched 4,190 and the baseline computer marked 4,217.
Virus and malware efficacy scores for Kaspersky’s 2010 products were not available at the time of writing, and will be updated here when they are announced. However, last year’s Kaspersky 2009 has scored average or better in all areas of detection according to virus and malware detection results at AV-Test.org and AV-Comparatives.org. AV-Test noted that it detected more than 98.4 percent of malware on demand, and 98.3 percent of spyware on demand, with an average rate of false positives. AV-Comparitives.org awarded Kaspersky 2009 Advanced+ in both February 2009’s on-demand comparative and in May 2009’s retrospective/pro-active test, noting few false positives and a 50 percent detection rate, behind Microsoft, Eset, Avira, and G Data. The short version of these independent test results is that last year’s Kaspersky scored above average in general, and was excellent at malware detection.
Kaspersky Anti-Virus contains most of the same engines and features as Kaspersky Internet Security. It lacks the personal two-way firewall, parental and privacy control, whitelisting and application control, safe run virtual sandbox, anti-spam protection, and banner ad blocking.
Kaspersky’s support looks organized and straightforward. Click the support link at the bottom of the main window to bring up a new window, with options to directly submit a ticket, browse the Kaspersky knowledge base, or visit the user forums. Users can e-mail or call a toll-free number for live technical support, and a link to the Help database appears on pop-ups as well as the main window.
No doubt that Kaspersky is an effective security suite, but it’s the extra features available in Kaspersky Internet Security 2010 that make it worth paying for. There are some niggling problems with the interface, and the performance numbers could be stronger, but the inclusion of the behavioral engine bodes well for the future. Overall, Kaspersky