09:13 AM
Connect Directly

Security Suite That Fights Rootkits

F-Secure's Internet Security 2006 is a good all-around, inexpensive security package that also includes rootkit detection. Learn how to get it working.

For system builders frustrated with the high cost and limited functionality of security suites from the likes of Norton, McAfee and Trend Micro, I have found a terrific tool-kit alternative.

It's a security suite called Internet Security 2006. Offered by Finnish company F-Secure, this suite offers not only all the functionality of products from the Big Three, but also rootkit detection—and for $10 less than the Big Three Charge.

Like the Big Three, F-Secure offers anti-virus and anti-spyware capabilities, a firewall, mail screening, and content filtering. But F-Secure's rootkit detection is the most significant feature. According to our best guesstimate, this will be the only security suite on the market to offer rootkit detection for at least the next six months, possibly even for the next year.

For those living under a rock, rootkit detection is tremendously important these days, because this new breed of highly undetectable (or "stealth") malware is prevalent in the wild. A rootkit plays havoc with any system on which it takes up residence. (For more information on rootkit detection, see our recent TechBuilder Recipe, Rooting Out Rootkits.)

F-Secure's Internet Security 2006 retails for $59, roughly $10 cheaper than comparable security suites from other top players in the market. (Norton Internet Security, for example, lists for $69.) While $10 may not sound like a big deal, if you're installing a security suite onto dozens of machines—perhaps even hundreds—then your savings on a volume license will add up significantly.

The Many Benefits of F-Secure Internet Security 2006

Let's start off by taking a look at how F-Secure Internet Security stacks up against Norton Internet Security and Trend Micro Internet Security. For starters, here's what all three suites offer:

  • Anti-virus software: All incoming data is screened to block potential infiltration from viruses, worms, Trojans, and other forms of related malware.
  • Anti-spyware software: All incoming data and active Web content is screened to block potential infestation from spyware, adware and other forms of related malware.
  • Personal firewall: A layer of software interposes itself between the PC and all external network connections. It controls incoming and outgoing traffic on the basis of allowed applications or activities, while denying all other implicitly unauthorized access attempts, both incoming and outgoing.
  • E-mail screening software: All e-mail is screened for malware of all kinds. Also, spam filters and other techniques to block unwanted e-mail may be invoked, too.
  • Content filtering (aka "parental controls"): This permits users with higher levels of administrative authority to block access to specific sites and materials through explicit URL identification or use of wildcard characters. For example, the admin can set the filter so that the presence in a URL of "XXX," "sex," and other explicit strings makes the Web site inaccessible.
  • A single, automatic update setting: This delivers updates to the software and various signature files for viruses, spyware, and other malware without requiring much user effort or attention to their security situation. It also provides as-needed news and updates about potential dangers and immanent threats; user tutorials and security-awareness training materials; and shared information for content filtering. Many security experts consider this an important convenience.

Where F-Secure's Internet Security 2006 goes beyond the suite offerings from the major players in functionality is in rootkit detection. Using the company's rootkit-detection engine, called Blacklight, the software detects and even eliminates active rootkits on a computer. The tool also does a great job of cutting extraneous chatter out of its results, so system builders will no longer be confused by the kinds of false positives that most other tools routinely report.

Pros (and a Few Cons) of Using F-Secure Internet Security 2006

Security suites—like other kinds of "do-it-all" software packages—do their best to tackle everything users expect and want them to do. But they do some things better than others. F-Secure's suite is no exception.

On the plus side, F-Secure Internet Security 2006 gets top marks for its anti-virus software (and fast signature update), firewall, and rootkit detector. Its content-filtering capabilities are adequate for most SOHO situations.

But its anti-spyware and anti-spam capabilities lag behind those of the Big Three's products. This doesn't mean F-Secure isn't a terrific product at a great value. Nor does it mean you'll be exposing your customers to unnecessary risks. And this deficit is easy to address: Simply install the freeware version of Microsoft's Windows Defender, which consistently does well in ratings and rankings for this kind of software.

Further, recent comparison reviews note that F-Secure Internet Security 2006 does a fine job of protecting clean machines from new spyware, they give the product lower marks for its ability to clean up existing infestations and detecting the presence of certain insidious types of spyware, most notably keyloggers. (Keyloggers store all the keystrokes that users make in a file, then periodically ship it off to a presumably malicious third party for harvesting of account and password info, credit-card data, and other sensitive information.) But we won't jump down F-Secure's throat on this function: No suite-based spyware detection software currently matches best-of-breed standalone implementations when dealing with keyloggers.

Omnibus security packages also tend to have sizable system footprints; the smallest of the suites we know is BitDefender. This security suite comes in at a relatively svelte 50 MB. Most other suites consume up to 70 MB at runtime, and even more when actively scanning for malware. In the case of F-Secure Internet Security 2006, a complete install on our test system consumed an average of 92 MB while actively scanning for spyware and viruses, and about 56 MB otherwise. As such packages go, this makes it bit less resource-consumptive than most.

1 of 5
Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.