Within Norton Internet Security, we really didn't like the antiphishing feature. It's not that it doesn't work--the antiphishing feature within Norton Internet Security 2008 works very well. It's when you turn it off (as we did from time to time during our testing), that we found it's harder to turn back on than other antiphishing tools on the market today. And, more ominously, without Norton antiphishing turned on, Norton Transaction Security features remain active, allowing us to provide personal information to various phishing sites.
When we turned off antiphishing protection within the Norton Internet Security 2008, a dialog box stated that the feature will be enabled again after 15 minutes. Fine. However, the fine print is that while Norton Internet Security re-enables the antiphishing feature 15 minutes later, your browser does not. You have to restart the browser. Had we forgotten that 15 minutes was up, we might have merrily continued to surf the Web without any antiphishing protection. McAfee's SiteAdvisor allows you to enable and disable the feature within the browser, avoiding this problem entirely.
While Norton Phishing Protection was turned off, we further discovered another, more serious scenario. When Norton Phishing Protection is turned off, the Identity Safe feature remains enabled--in fact, we couldn't figure out how to disable Identity Safe (apparently there's no configuration option for it). Shortly after disabling Norton Phishing Protection, we accessed a fraudulent banking site. Norton, perhaps seeing that it was a banking site, asked if we wanted to use the ID card's personal information to populate the Web form on the page. Suppose we were sleepy; supplying the password would be a mindless click. Suddenly our phishing site is filled in with our personal information.
When we contacted Symantec about this issue, we received the e-mail response: "Although we strongly recommend that our customers use the Phishing Protection and Identity Safe features together, we don't penalize users who prefer not to use our toolbar by preventing them from using Identity Safe. Again, we recommend that our customers use the features together, but we won't limit their choice of toolbars by penalizing customers if they don't use ours." Yes, that's great that I can use the native antiphishing tools within Firefox or Internet Explorer, but Norton Identity Safe will still ask me if I want to use stored personal information on a fraudulent site. Apparently, that's not a problem for Symantec.
Another feature that's important today keeps malware sent via IM from infecting your PC. Norton Internet Security 2008 does that, but only if you have Microsoft (6.0 or higher) or Trillian (3.1 or higher). If you use older versions of the most popular IMs, AOL (4.7 to 5.9), Yahoo (5.x and 6.x), you're golden, but both of these products have updated significantly in recent months, and Norton just hasn't kept up. To test this, we installed Yahoo Instant Messenger 8.1 and sure enough, Norton Internet Security 2008 reported that we did not have any instant messengers installed. Given that both AOL and Yahoo have suffered large-scale attacks in recent months, it's odd that Norton doesn't yet support the latest versions of these.
What Norton Internet Security doesn't include is backup and restore protection or PC maintenance--both of which are provided in the less expensive McAfee Internet Security 2008. For the Norton version of these, you'll have to purchase additional Symantec products. Symantec did beta test another product this summer, however, Norton Anti-Bot is not available in any of the traditional 2008 Norton security products. For Norton Anti-Bot, which simply provides signature and heuristic protection against botnets taking residence on your desktop computer, you'll also have to pay $29.99, almost the same price as the standalone Norton AntiVirus 2008. As such, Anti-bot is simply not worth it a standalone product. We look forward to Symantec adding PC utilities (such as backup) and including its antibot technology to next year's release of Norton Internet Security.
For antivirus protection, Norton Internet Security 2008 scored well in both our CNET Labs' Windows XP performance tests and in third-party, independent antivirus tests using live viruses. On our iTunes test, Norton AntiVirus 2008 was in the middle of the pack, just 3 seconds above our test system. On our Microsoft Office test, Norton AntiVirus 2008 came in near the middle at 1,459 seconds. For scanning a single folder with files, Norton AntiVirus 2008 came in near the middle with 173 seconds. And in boot speed, Norton AntiVirus 2008 came in last place, with a sluggish 40 seconds. To find out how we test, see CNET Labs' How we test: software: antivirus page.
In terms of protecting your PC, we cite results from two leading independent antivirus testing organizations. In the latest test results from AV-Comparatives.org, for on-demand scans the previous version Norton AntiVirus 2007 earned an Advanced + (the highest) rating, catching 98 percent of all malware tested; and for the Retrospective/Proactive test, the previous version of Norton AntiVirus 2007 earned an Advanced (second-highest) rating, detecting almost half the backdoors, Trojans, and other malware sampled. Norton AntiVirus 2007 received a Standard rating from CheckVir.com, meaning only the virus searching capability was examined.
For antispyware protection, Norton fell from last year's heights but remained solidly in the middle of the pack in our CNET antispyware tests. CNET labs conducts three separate tests using spyware found to be bundled within free applications rejected by CNET Download.com (as a policy, Download.com does not host any applications containing known spyware). In the first test, active detection, Norton discovered about 60 percent of the spyware; in the second, on demand test, Norton detected about 55 percent of the spyware; and in the final, removal test, Norton removed all traces of about half the spyware placed on our infected machine.
While Symantec continues to improve its technical support experience, Norton Internet Security 2008 also reverts to its old ways. Symantec provides a fairly light 13-page user's manual that mostly addresses how to install the product, not use it. Like last year, Symantec's support options include an automatic diagnostic tool for the program. It's worth noting that one of the comments it made is: "Your computer runs slowly after installing Norton Internet Security 2008," which leads us to believe that many people have like us experienced this condition. There's also free chat, free e-mail, and telephone service.
But after an absence of one or two years, advertising once again creeps back into the Symantec's technical support section in the guise of "Expert Services" and "PC Tune Up." Both are paid consulting services that, if you're not careful, could cost you up to $69.95 (that's a flat fee) per call. In the PC Tune Up scenario, you call up, are charged, and a Symantec technician remotely accesses your PC to resolve any problems you might be having at that time. Some might find that comforting, but at $70 you can probably find free help by doing a Google search for your specific error message or problem. Unlike Kaspersky, Symantec doesn't yet maintain its own users forum.
Because of its dominant place in the market, we hold Symantec to higher standards. We were disappointed this year. Norton Internet Security 2008, despite Symantec's efforts, still feels heavy, largely burdened by its own corporate legacy and dependency on other Symantec products. The return of paid services under technical support seems unfair, given the lack of a free users forum. In a strictly Norton versus McAfee universe, we give the nod to McAfee this year; beyond these two products, however, we feel there are other suites that provide equivalent security protection and integrate their tools much better for much less money than Norton Internet Security 2008.