If you're looking for a robust feature set from your security suite, and you're looking for an affordable price, you could do worse than Trend Micro's 2010 products. Trend Micro has refreshed it Internet Security Pro, Internet Security, and the stripped-down AntiVirus plus AntiSpyware packages; and according to the publisher, they gain significant performance enhancements.
According to Trend Micro, the programs boot times are 20 percent faster and use 40 percent less RAM, the download size is 25 percent smaller, and that the quick scan on Windows XP and Vista is 20 percent faster. There are new features, too. Although, many of them didn't make it into Trend Micro Internet Security or Trend Micro Antivirus and Antispyware suites. This is problematic because the feature set is Trend Micro strength, but to get it, you have to pay for the Pro version.
One thing that Trend Micro doesn't do is tell how it calls out its behavioral engine, which is used to determine when a program is acting in an unsafe manner. There is a box you can check at installation to opt out of the behavioral program, but there's no clear explanation of what it is or what it does in the application. On the one hand, technology that lets the publisher leverage supposedly anonymous data from customers to catch surreptitiously-running threats faster isn't new; it's been around for a few years. However, this year more security suites are adopting behavioral engines. On the other hand, companies like Trend Micro must consider whether users will panic if it is mentioned clearly and then disable their computers from contributing data to the cloud.
As long as the data is truly kept anonymous, a behavioral engine can be an exceptional tool for preventing malware. But in Trend Micro's installation process, it looks like nothing more than another box and line item to read before installing; it could benefit from a more detailed explanation.
A customized installation process is available for people who wish to configure program location and tweak components. Trend Micro will also run a virus check once it's done installing and automatically update its definition files.
Interface and features
Trend Micro's 2010 interface has been refined from the previous year's version, with less dead space and more emphasis on both security status and ease-of-access to its security tools. The program launches into its Overview tab that highlights your security status with a large colored icon: green for Protected, and Red for Unprotected. Underneath that tab are links to your protection status, your license information, and a security report.
Each of these links drills down to essential information, exposing them in an elegant and uncluttered manner on the main page. The Protection Status link opens a window that details the status of your virus definition files, updates, firewall, unauthorized change prevention, spam filter, parental controls, and data theft prevention. Each of these has a green On or red Off status icon with a hidden explanation of each that can read by clicking on it. Unfortunately, there's no way to get from the list to the deeper controls for each--it's simple for toggling the status.
Also on the Overview tab are two buttons: one for activating a scan and one for manually updating the definition files. The scan button defaults to a Quick Scan, although it has a drop-down menu on its right side for selecting a Full Scan or Custom Scan. Scanning opens the scan window, which details which threats it's looking for, what files it's scanning, live results, and options to run in the background or shut down the computer after the scan has finished. Depending on how you set up the program, it will either automatically fix any threats found or ask for input. If you choose to auto-fix it, the app will still show you a window after the scan is complete, detailing what action was taken, and the threat links to more detailed information on Trend Micro's Web site.
The Virus & Spyware Controls tab offers four drop-down menus. The first checks for real-time viruses and spyware when you download files, leveraging the behavioral heuristics. The behavioral scan can be toggled on or off with a button, and it offers a configuration menu with a secondary, advanced features window, and a whitelist/blacklist link that is for cookie control. Despite what sounds like a confusing series of submenus, in practice, it was easy to navigate.
The Prevent Unauthorized Changes drop-down menu offers more control of installations. This is where you would manage programs that Trend Micro doesn't recognize, with the same on/off toggle and links to settings and exceptions. The next tab is for configuring scheduled scans and custom scans. It's frustrating that such a key feature is buried deep in the interface, especially since most users are still wary of holes in real-time protection. This scheduler only controls scan schedules--it doesn't offer update scheduling. There's another scheduler for updates, in another part of the program. Underneath the scheduler is the Quarantine section that helpfully categorizes the quarantined files as viruses, spyware, and Trojans.
The Personal Firewall Controls tab continues the interface scheme, with headline-style options that expose key information in a drop-down menu and link to options configuration windows. Through the advanced settings pane, the personal firewall exposes a wealth of firewall data, including the IP version, protocol used, and a simple description. Editing a protocol exposes even more data, for those who know how to use it.
Also in the Firewall Controls tab is the Network Connection status, which offers a cutoff switch to kill the Internet connection. We're not sure how useful this feature is, or if it's just a hand-holding measure.
The Internet & Email Controls tab--the next major section--contains the data theft prevention lists, parental controls, spam filter, and protection against Web threats. Its features share lists, although not features use all of the lists. For example, the Data Theft Prevention feature will block numbers and names that you specify from being sent through Web-based forms. The theft prevention feature only works in SMTP e-mail and instant-message clients in the Pro version. You can also select protocols that are allowed to send protected data, and which aren't. You can also insert customized data field to protect. The Web threats protection, which works to stop phishing and pharming, is heavily based on a firewall-style slider combined with whitelists and blacklists. Again, its efficacy is debatable, especially when a Web site's backend servers or ad server can be hacked without the site itself registering as risky.