Bake-Off: Security Rivals Face Off


Panda packs a punch, scores big with features, performance


Desktop security, especially for stand-alone and mobile systems, has become one of the most critical applications for today's PCs. While everyone knows the need for security to protect systems is high, very few understand how far that protection needs to go to guard users. Systems today are susceptible to a broad array of threats and attacks that range far beyond the viruses and worms of yesteryear. The environment has evolved to include phishing attacks, spam, pharming, zombies, spyware, adware, trojans and much, much more.

VARs have turned to a variety of tools to protect their customers' systems, while system builders have begun to bundle in security software with their offerings. Today, you can purchase desktop security solutions piece by piece or go with the "suite" approach, an amalgamation of various tools in a unified security product.


Scorecard: Quick Click Comparisons of All 3 Security Suites

There are numerous suites on the market, so picking just a handful to look at was a challenge for CRN Test Center engineers, who decided to focus on the "up-and-comers" that have made recent investments to grow their channel presences while still being considered alternatives to the industry leaders. With those criteria in mind, engineers pared the field down to products from Grisoft, Kaspersky Lab and Panda Security.

All three products have been tested by independent antivirus laboratories and have the expected certifications, such as those from ICSA Labs among some others. Those organizations and certifications add credibility to a security product's capabilities and should be considered a good starting point when doing an evaluation.

That said, Test Center engineers measured the performance impact of each product on a test system. Each of the products was tested on a virtual machine with identical environments. PassMark was used to grade the performance of the virtual machine before each product was installed. After the installation of each product, using default settings, PassMark was used again to test if there was any impact on the virtual machine's performance by the security suite.

In addition, engineers evaluated the products based on features, ease of use, installation, profit potential and upgrade potential.

Next: Panda Internet Security 2008

Panda Internet Security 2008
Panda Security is a company going through changes. Until a short time ago, it was a publicly held entity called Panda Software.

The powers that be decided to take the company private and rebrand it as a security vendor. Why should any of that matter? For VARs it could prove to be a big deal: By becoming a private security solutions company, Panda is now turning to the channel to fuel its success.

Test Center engineers evaluated the newly released Panda Internet Security 2008. The product truly fits the bill when it comes to desktop security suites, which is why it beat out its rivals to win the top spot. Users will find antivirus, antispam and antispyware included and managed by a single management console. What's more, the product includes a backup application and a system performance optimizer. The backup application uses a remote/hosted backup service, which offers 1 Gbyte of storage to users for the first year at
no charge.

Panda Internet Security 2008 is available either on CD or as a download from Panda's Web site. Test Center engineers downloaded the latest version of the product, which is available either for purchase or as a 30-day free trial.

The product installs from a single file and is wizard-driven. Like the other products featured here, Panda offers a simple, guided install that can speed along with default settings or lets the installer tweak options along the way. That said, Panda gets the nod for easiest installation. While its peers sport fine installation routines, they also added some unnecessary complexity to the process. For consistency, engineers went with a standard installation.

Panda's focus on security is exemplified by the installation process. As part of the installation, a spyware scan is initiated. Panda was the only product to actively detect and repair a spyware-infected cookie during the installation process, which occurred on what was thought to be a clean system image that was only connected to the Internet to download the Panda product.

The installation program also asks for permission before allowing the application to actively contact Panda about local virus or malware activity, which allows users to choose whether or not to be involved in the company's security reporting. A reboot is required after installation and the product automatically updates to the latest version once rebooted.

Panda Internet Security offers three key features that give it an edge over its competitors: the above-mentioned integrated backup capability, the standard inclusion of three licenses and a patented technology called TruPrevent.

TruPrevent stops zero-day attacks in their tracks. It is a technology that looks for malicious activity based upon behavior and not a signature file. That allows Panda Internet Security to bring a higher level of protection to the desktop PC.

Ease of use is an important consideration for desktop security suites. After all, if a product is hard to set up and use, then it is more likely to be used improperly—a disaster in the making, especially when it comes to protecting a system from malware. Here, Panda's clean interface makes proper setup a snap. Concise menus and clear explanations make navigating the product's interface intuitive and informative. A dashboard-style screen gives users a quick look into their system's security, while drill-down capabilities will please the tweakers in the audience. Still, engineers found that Panda is outdone by Kaspersky when it comes to ease of use. With Panda, some options are not clearly defined, while other capabilities may require user intervention to configure completely.

The product also includes antiphising, antirootkit, parental controls and a bidirectional firewall, which all contribute to making a desktop system a fortress against most any attack.

The product's performance was impressive: a complete system scan took only 3 minutes, 15 seconds to go through 47,624 identified objects, the speediest among the three offerings examined here. What's more, the product seemed to introduce very little overhead on the test virtual machine. That system scored an average PassMark score of 370.2 after three tests before installation of Panda's product. After installation and configuration of the security suite, the average PassMark score dipped to 365.5, a negligible drop that put Panda second among its peers in terms of performance impact on the virtual machine.

Panda Internet Security carries a list price of $69.95, including 12 months of service and updates. As with most desktop security products, Panda Internet Security 2008 is available via direct and indirect channels, including retail, which does limit the potential for partners to sell the product profitably. Panda does offer a partner portal that allows VARs to participate in renewals, upgrades and initial sales for their customers. System builders may want to consider bundling the trial version of Panda Internet Security on their customers' systems and then offering discounted upgrades to Panda's business-specific products, which include server-based security products, security services and management options. The company does offer direct upgrades from Panda Internet Security 2008 to its BusinessSecure product, which can be handled by authorized partners looking to roll network-based security into their customers' sites.

Next: Kaspersky Anti-Virus 6.0

Kaspersky Anti-Virus 6.0
Kaspersky's Anti-Virus 6.0 for Windows Workstations offers the option of being remotely managed via a network console, making it a better fit for VARs than other Kaspersky wares, such as its consumer/retail-oriented Internet Security 7.0.

Anti-Virus 6.0 offers the usual combination of features one would expect in a desktop security suite. Users will find antivirus, antimalware, antirootkit and antiphishing technology. Although users will be adequately served by the included feature set, it's the subtle and not-so-subtle differences that help to define suitability for a particular environment. For example, Kaspersky Anti-Virus 6.0 has a firewall that scans all incoming traffic on port 80 for malware embedded in Web sites, a handy feature for those users who frequent numerous new Web sites and are not protected by an advanced firewall or security appliance.

The product is available via download from Kaspersky's online partner portal and offers simple, wizard-driven installation and product configuration. It also offers to protect the system during installation with a stand-alone defense module.

The product allows installation and configuration to take place without a license key, offering activation at a later date. System builders could easily bundle a trial version of the product with new systems and then offer their customers a discounted subscription with centralized support for the system, the first steps to building a service-oriented security offering.

All three products discussed here are easy to use, but Kaspersky's no-nonsense approach and concise management screen make it the easiest for a neophyte to set up correctly. The interface allows users to drill down into the more complex features of the product, yet those users will never lose their way back to a simplified menu.

As with most antivirus products, Kaspersky initiates a full system scan after installation. That process took 5 minutes, 1 second to process 39,618 identified objects, a decent performance considering some products can take up to three
times longer.

Impact on overall system performance is another consideration. After installation and configuration of Kaspersky's software, the average PassMark score dropped to 368.2, a negligible drop from the system's pre-installation mark of 370.2 and the smallest performance dip logged by the three products measured here.

Kaspersky offers a robust multi-level channel program that offers a partner portal and impressive margins. But, as with the other security software vendors reviewed here, VARs can be cut out of the equation by direct software renewal offers. The product is priced at $79.95, including one year of updates.

Next: Grisoft AVG Internet Security

Grisoft AVG Internet Security
Grisoft is well known in the freeware world for its free antivirus offerings. That said, the company also offers full-featured products for a fee, something few people realize. Its AVG Internet Security product incorporates the "free" AVG antivirus product, but adds antimalware, antirootkit and antiphishing technology to make it a desktop security suite suitable for stand-alone systems.

With many security suites, complexity is a problem. After all, vendors are usually stitching together various security products to create a blanket of protection, sometimes with poor results. Grisoft avoids that dilemma by incorporating a unified management console into the product, offering a single management interface. What's more, the management interface uses a "pluggable" infrastructure that allows individual elements to be added or removed, meaning the product is infinitely customizable.

While most will find the console easy to use, the numerous choices offered can become overwhelming as users drill down into individual features and options. Although the company has gone to great lengths to protect users from the complexities of the product, greenhorns can find themselves faced with choices that make little sense to them.

The product is available either by download or on a CD at a list price of $52.95 with one year of updates, making it the least expensive of the products examined here. The AVG CD provided to Test Center engineers offered a simple auto-install, asking for the preferred language and an acceptance of the license agreement. Both custom installation and standard installation options are available. A more expansive automated installation would be a nice option for system builders, but that was not available with the product. The standard install will likely be used in most cases. Users will have to enter a license number to continue with the install. The company could help future sales and encourage evaluations by allowing an installer to leave the license number field blank and then automatically requiring a license to be entered within 30 days to keep the product active. Entering the license number proved to be tedious with 40 digits, associated dashes and easily confused characters. What's more, the license code included on the disk sleeve refused to work with the product and the company had to be contacted for another key.

Once past the hassles of licensing, the product ran a firewall setup wizard that offered three simple options: network-connected PC, stand-alone PC and traveling PC. That proved to be a straightforward approach to set up the firewall software. The wizard then scanned the installed applications to build a list of which ones could access the Internet. A reboot finalizes the installation and the product then updates to the latest version automatically via the Internet.

Although touted by the company for its low impact on system performance, engineers found the product's initial scan and operational performance to be disappointing. In testing, AVG took 14 minutes,19 seconds to scan 11,358 identified objects during a full system scan. Two unanswered questions came to mind immediately: Why did it take so long and why did the product identify significantly fewer objects than its peers? Slow performance was further demonstrated through the PassMark performance test. The system earned a performance score of 357.1 after AVG was installed and configured, down from the 370.2 pre-installation mark, the largest impact measured here. That left engineers to speculate on how the product handled multithreading. All tests were performed on a dual-core machine in a virtual PC environment with all virtual processor extensions enabled.

On the plus side, AVG has been consistently rated by independent laboratories as one of the most effective products at blocking malware, with 100 percent ratings from ICSA Labs and Virus Bulletin Labs. The program achieves those high ratings in part from its Resident Shield technology, which examines every file opened for malware. That prevents viruses from sneaking in and probably is the reason for increased overhead when compared to competitors.

Users will appreciate the included firewall and antispam protection, which both prove to be easy to implement and very effective at preventing problems. The antispam component not only blocks spam, but gives users control over how spam is blocked and accounted for and checks e-mail for any malware.

The company does offer a channel program that shows a commitment to its partners, but as with many desktop security suites, AVG Internet Security is offered direct and via retail outlets. That said, the company does offer a plethora of business solutions that lend themselves well to VARs that want to offer network solutions. System integrators do have the option of upgrading their customers from the retail products to the business solutions, making it worthwhile to bundle AVG Internet Security on new systems or better yet, systems that are occasionally network-connected.

Next: Bottom Line

Bottom Line
While any one of the products examined here will help to secure a desktop system, Panda Internet Security 2008 edges out the others on several fronts. Its TruPrevent technology for stopping zero-day attacks is a standout feature, as are its included remote backup capability and the inclusion of three licenses. On performance, Panda scanned the most amount of objects in the least amount of time and showed only a negligible impact on the performance of the test system. Panda's product also impressed engineers with its ease of installation, as it proved to be the most straightforward and threw up the least amount of hurdles. In terms of its channel strategy, Panda has clearly put a renewed effort into partner recruitment following its transition from a public company to a private entity. It also offers portal access, online participation in renewals and extensive marketing collateral. All of those elements help Panda score extra points for channel support.

An honorable mention goes out to Kaspersky, whose Anti-virus for Windows Workstations product provides a path to a centralized, network-managed product offering that can help system builders bring a unified security offering into customers' networks by just bundling the product with new PCs. Kaspersky bested its peers on ease of use, enabling users to drill down into complex features without getting lost. And while Kaspersky wasn't as speedy on object
scanning as Panda, it did have the least amount of performance impact on the system it was protecting, according to engineers' PassMark tests. Grisoft offers a solid package, but it just wasn't as strong as either of its peers. For solution providers seeking extra features, fast performance, simple installation and a strong channel effort, Panda offers the security suite of choice.

Shopping The Ingredients
VENDOR: Grisoft
Milburn, N.J.
(973) 218-0688
www.grisoft.com

• PRODUCT: AVG Internet Security
• LIST PRICE:
$52.95 (One year of updates).
• UPGRADE PATH:
AVG Internet Security SBS Edition

• MARGINS:
20% to 40%
•
DISTRIBUTORS: Walling Data Systems

VENDOR: Kaspersky Lab
Woburn, Mass.
(866) 328-5700
www.kaspersky.com

• PRODUCT: Anti-Virus 6.0 For Windows Workstations

• LIST PRICE:
$79.95 (One year of updates)

• UPGRADE PATH:
Kaspersky Open Space Security

• MARGINS:
10% to 30%

• DISTRIBUTORS:
None.

VENDOR: Panda Security
Glendale, Calif.
(818) 543-6901
www.pandasecurity.com

• PRODUCT: Internet Security 2008

• LIST PRICE:
$69.95 (One year of updates)
• UPGRADE PATH:
Panda BusinessSecure

• MARGINS:
20% or more

• DISTRIBUTORS:
Academic Distributing, GlobalPC Direct, IT-Sentry.com, Lifeboat, PC Micro, Tech Data, Vertex Distributing