Security for Everyone - Reviewing BitDefender Internet Security 2012
2011 brings BitDefender into their tenth year of existence. This milestone also ushered in a new company philosophy, corporate identity and just recently an updated line of security products. With this release comes a brand new interface and several new additions targeted at making your online experience a safe one. In this review we will focus on the BitDefender Internet Security 2012 product - we will spend time looking at the quality of protection and work to determine if the interface changes are indeed improvements. Welcome to the latest edition of Security for Everyone!
UPDATE: We recently had the chance to work with the latest version of BitDefender Internet Security 2012 and we noticed that the problems we identified when the solution was first launched, have been fixed. Therefore, we decided to give it another go at testing this solution and update our review. Read on to find out the latest results.
To download the BitDefender Internet Security 2012 trial  you only need to provide your email address which is promptly followed up by an email with download and install directions. The download begins with a pre-installer which works on an initial scan of your computer as the remainder of the product is downloaded and installed.
This seems like a fine opportunity to comment on the new BitDefender logo even though it has nothing to do with how the suite performs. The new dragon-wolf logo is fantastic and speaks to the warrior in me. The symbol has significant Romanian meaning which you may find interesting . OK, back to the review now!
Unfortunately it was not long before my first issue was encountered. The BitDefender install instructions clearly show that any installed security suites will be removed after which a reboot and restart of the install process would be required. This seems very reasonable; however, BitDefender failed to remove the installed version of Kaspersky. I ultimately uninstalled Kaspersky manually before continuing with the evaluation.
With the install complete, you are presented with the updated main interface. Here you will find the main area dedicated to four BitDefender modules: Antivirus, Firewall, Antispam and Update. Additional modules are available by selecting the arrow icon to the right or using the scroller below the module links. The additional modules include: Parental, Privacy, Network Map and SafeGo . Besides module access you will find a button to enable or disable Auto Pilot (it is enabled by default) as well as an icon for Settings and Events. Finally, there is a space in the header section which provides a quick status showing if all is well or if attention is required.
As in the previous version, BitDefender does a good job of providing a description that summarizing the roles of the various components. Selecting an item from a drop-down list provides even more descriptive text giving the user ample opportunity to choose the appropriate action.
The new interface is clean and easy to understand. The choice to enable Auto Pilot by default, thus pre-setting the various components to their ideal configuration, is one that should benefit most, if not all users.
Ease of Use and Configuration
When it comes to scanning with BitDefender Internet Security 2012 everything you need to get the job done is available from the initial interface. You can choose among several predefined scanning types including:Quick Scan, Full Scan, Custom Scan, Vulnerability Scan and Rescue Mode.
When defining a custom scan you add the targets you would like scanned and have the option to define a few settings such as how aggressive the scan should be and whether or not system files and memory resident applications should be scanned as well. You cannot save your scans but BitDefender does keep a list of custom scans sorted by date which you can select and run again later. A better implementation would have allowed the user to save the scan with a meaningful name.
The vulnerability scanner will check for critical and optional updates related to the operating system and installed applications. If any items are found BitDefender can acquire the update for you where the operating system is concerned. Application vulnerabilities can also be applied by selecting the supplied vendor link and downloading the appropriate update. Finally, you can choose to scan in Rescue Mode. This mode reboots the PC into Rescue Mode and scans for those threats that are difficult to remove while the operating system is online.
The scan settings include all the items you would expect. You can define exclusions, access the quarantine and set scan strength (permissive, normal, aggressive). There is also a convenient button for putting the settings back to their default state.
The firewall options on the initial interface provides quick access to the firewall settings and network details. You can also turn the firewall on or off with a simple press of a button.
Network details is the area you access when you want to change the type of network you are connected to (Trusted, Home/Office, Public, Untrusted). The network type you choose determines how the firewall sets various application and network rules. You can also choose Stealth Mode and Generic settings.
The available Stealth Mode options include On, Off and Remote. While on and off are self explanatory, Remote is the default option and meant nothing to me. It turns out that it means the following: "your computer cannot be detected from the Internet. Local network users can ping and detect your computer." I encountered the same bit of confusion with the Generic setting which includes Yes or No. The default option here is No but the question remained, what does Generic mean in this context? Another quick consult of the help file found the following:
"Generic - whether generic rules are applied to this connection. If the IP address of a network adapter is changed, BitDefender modifies the network type accordingly. If you want to keep the same type, click the arrow from the Generic column and select Yes.
As far as network options go, Stealth Mode and Generic appear to add to the protection provided by the firewall; however, BitDefender could have done a much better job explaining what these options do rather than forcing the user to seek out the help documentation. If you are not that technical, even reading the help documentation won’t bring too much clarity.
The Firewall settings make it easy to define network and application rules. You also find an activity log and the ability to raise the level of alerts by turning on Paranoid mode. BitDefender also includes an Intrusion Detection System which is turned off by default. It is unclear why BitDefender would choose to have this off as part of the Auto Pilot configuration. I recommend the Intrusion Detection System be enabled as it can help in making sure malware does not infect/modify your BitDefender installation.
Using BitDefender 2012 has proven to be a mostly pleasant task. Often, the options are explained well and placed where you would expect to find them. There is a real emphasis on the default settings as defined by Auto Pilot. In the following sections we will try to determine how well the default settings protect your system.
The BitDefender firewall allows you to have good control over network and applications rules. To work with rules you access the firewall setting and select the Advanced tab. Here you can choose to work with General, Application or Adapter rules.
General rules are those addressing the protocols used when applications access the Internet. The controls here are minimal and provide for allowing and denying access.
With Adapter rules you can define a zone and choose the appropriate access to devices within the zone. This is another simple interface where you can select allow or deny.
The most control is allowed where Application rules are concerned. Here you can define how an application accesses the Internet and when. You have the option to choose which protocols an application can use as well as which network type should be active. This last is a nice option to make sure you only allow certain applications access to the Internet when you are connected to a trusted network.
By default, BitDefender placed my configuration in the Home/Office network. With the settings set at their default I performed an intrusive scan of the test workstation using Nmap . The results were less than ideal finding 15 open ports and successfully identifying the operating system. I followed up this scan by changing to a Public network type. These results identified a more secure system with only a few open ports. The operating system continued to be identified.
The BitDefender Internet Security 2012 firewall provides adequate controls but average protection at the default settings. You may realize even better results by enabling the Intrusion Detection System.
Also, it is important to understand the type of network you are connected to and how to change the network type in the firewall setting. There is certainly room to improve or clarify some of the verbiage used when describing several firewall settings. I am hopeful this is something that can be addressed in an incremental update.
Antivirus and Antispyware functions
BitDefenders on-access scanning options include all the items you would expect. You can choose the scan strength which correlates to the amount of system resources required. You can also set how archive scanning is handled and whether to include network shares among others.
The active virus control is where you choose how real-time scanning is handled. Active scanning can be set to Permissive, Normal or Aggressive. The default selection is Normal. Choosing either permissive or aggressive may result in more or less alerts and false positives.
When reviewing how effective an antivirus scanner is, I like to plant several malicious files before the install and introduce more once the installation completes. BitDefender did well in these tests identifying each piece of malware and even identified a couple I had forgotten were on the system. The alerts are minimal. Sometimes the main indicator that an action needs to be decided on is found in the notification area of the main interface.
When working with the malicious file you are delivered to the events interface where you can choose the appropriate action. You will also find a history of events helpful when identifying patterns that may identify the source of a recurring infection.
I like to go out of my way to test a scanner against browser based threats. While performing this test I visited several malicious sites, each was blocked successfully by either the browser or BitDefender. According to the feature list for BitDefender 2012, the Search Advisor browser add-on has been improved. Also, it appears to function in all major browsers.
While the Search Advisor did a good job blocking threatening sites, there was one troubling discovery, when we tested the suite shortly after its launch. The link which should take you back to safety instead delivered you to the page that brought you to the malicious site to begin with. It seems the link was the equivalent of hitting the back button in your browser. Luckily this bug has been fixed in one of the updates made after our initial review. Now this link takes you to a safe blank page. It is good to see BitDefender reacting fast to feedback.
I should mention the Search Advisor does include an option to run a site in a Sand Box. Initially, we could not get this feature to work. Each attempt to Sand Box a site resulted in a crashed browser session. We contacted BitDefender support to share the Sand Box behavior and learned they were aware of the issue and working on resolving it. A few updates later, the feature works as you would expect and allows you to browse websites in a protected window, which does not compromise the security of your system, even though the website might try to do so.
The current 2012 version of BitDefender Internet Security has been tested by the independent testing organizations, a few months after its launch. AV-TEST awarded an impressive 6 out of 6  secore for protection. AV-Comparatives awarded their ultimate Advanced+  in their comparative testing, while Virus Bulletin rated it having a 90%+ detection rate . Very impressive results across the board.
We fully expected BitDefender to be awarded a Buy for Everyone! from our first review & testing attempt. The new interface is clean and easy to navigate but attention to detail was lacking in the very first 2012 release of BitDefender Internet Security. Luckily, a few weeks later, BitDefender managed to fix all the initial problems and today, BitDefender Internet Security 2012 can be considered as one of the top security suites on the market, deserving our Buy for Everyone! verdict.
We do hope that in their 2013 release of security products, they will take more time to test and fine-tune their products, so that their very first version does not have the problems we first encountered with the 2012 version.