Today we welcome BitDefender Internet Security 2011 as the latest application to be reviewed in the Security for Everyone series. Just like 1/2 of our 7 Tutorials team, BitDefender is of Romanian origins. They began pursuing desktop security in 2001. Strong leadership that has been focused on security since 1990 has allowed for continued forward momentum. The previous review of BitDefender 2010 identified enough issues around usability to keep it from being awarded a "Buy for Grandma!" award, even though the technical aspect of the suite was highly praised. Let us see if usability and security have successfully partnered in the 2011 version.
The folks at BitDefender don't require you to jump through any hoops when downloading BitDefender Internet Security 2011. The download link is easily accessible and no form processing is required. When you begin the install process you are prompted to create an account which provides access to the online services: Product updates, Support and Online Parental control. The remainder of the installation wizard is the most thorough and helpful I've encountered so far, in our series of reviews.
While continuing on with the installation, BitDefender encouraged the impression that it wanted me informed of the changes that were being made as well as that it wanted me convinced that security and performance were of the utmost concern. This was accomplished by the execution of three installation tasks. First was the preliminary scan to ensure there were no active threats in memory that might hinder the installation. Next was the step indicating that the Windows Firewall and Windows Defender services would be disabled, and that any other security software would be uninstalled. Last were the options to change the default scheduled scan from Sunday at 2 AM to a day and time of my choosing and to run a full system scan upon completion.
The install process also asks you to choose a setup type: Easy or Custom. I selected Easy and was then met with a choice of view: Basic, Intermediate or Expert. I proceeded with the default selection of Basic. The previous review indicated the same type of option in the 2010 version with one major downside, the inability to switch from Basic to any other view therefore severely limiting the option to adjust settings if required. This issue has been corrected in version 2011. You will find switching between views is a simple task. This will be detailed a bit more in the Ease of Use and Configuration section below.
When launching BitDefender Internet Security 2011 the first time you will need to identify your network as one that is trusted or private. This same prompt will occur each time you connect to a new network. You also have an option to view a video introducing you to the application. Two videos are available, one from the new user perspective and another for the user that may be upgrading and is only interested in what has changed. Watching a video is not mandatory, you can access the dashboard by selecting the 'Take me to Dashboard' button. Once at the dashboard you will find a very minimalist, non-intimidating view.
My first impression is very good, as you've probably concluded. The application has been light on resources, even while performing the system scan. The proper services (Windows Firewall and Windows Defender) are stopped and a scan schedule is predefined. What's not to like? The following sections will see if there is an answer to that very question.
Ease of Use and Configuration
As mentioned previously, the prior version of BitDefender Internet Security did not allow you to switch between Basic, Intermediate or Expert views. This caused a problem because certain settings could only be found in the more advanced views. This has been remedied in the 2011 version by allowing you to choose the view simply by selecting it from the Options menu.
Each view provides easy access to scan and firewall setting, however a small amount of configuration may be necessary to bring the setting to the forefront depending on the view you select. This will be explained below. There are also a wealth of logs available via links in the application footer regardless of the view you choose. These links persist throughout the application.
The beauty behind the Basic and Intermediate views is found in the 'My Tools' section. 'My Tools' allows you to choose which areas you would like to be accessible from the main dashboard. For example, neither Basic or Intermediate views display an icon for accessing the firewall settings but I can add the icon easily.
This feature allows you to configure the dashboard to display icons or links that are meaningful to you rather than being forced to precariously enter Expert mode.
The Expert view provides all the details the name implies. Here the curtains are drawn back and you have easy access to every setting for the modules you chose to install. You won't find a convenient dashboard for running a scan or allowing a program through the firewall. What you will find is each section available via a left side tabbed navigation system. Within each section you will find easy access to those often used features such as beginning a scan or editing firewall rules.
The Expert view does contain some settings you simply cannot access in the other views and these include Privacy Control and Encryption.
With Privacy Control you can enable Registry Control to alert you if any auto-run executables have been added to the registry. This is also where you can enable Identity Control. With it you enter values you want BitDefender Internet Security 2011 to watch and alert for, such as credit card or social security numbers. In my testing I created a rule identifying a string of characters I wanted BitDefender to watch for. Each attempt to use the character string in a URL or email message prompted an alert. You'll also find other settings for Cookie and Script control.
Within the Encryption section you will find chat encryption enabled by default for Yahoo Messenger and Windows Live Messenger. You can also choose friends whose conversations you do not want encrypted. There is also a pane for displaying current conversations.
When it comes right down to it, your experience around the ease of use and configuration is going to depend largely on which view you are most comfortable with. If you are the type that can forward ports and sniff traffic you will likely be best served by the Expert view. If you are among those that know enough to be dangerous maybe the Intermediate view is for you. Finally, if your preference is not to think about security and you would rather rely on an application to do this then the Basic view is for you.
When working with the firewall you will want to consider the view you are working within. If you attempt to perform an advanced action, such as defining a custom rule for an application, a message is displayed indicating you need to perform the function from the Expert view. I can appreciate this as it prompts one to consider the change they are about to make.
With Basic and Intermediate views you can choose whether a program should be allowed or denied access. If you'd like to define a custom rule you'll need to enter Expert view where you'll find you can build a rule advanced enough to allow for traffic to move only across specific ports and to specific ports on a remote machine. Another example of an advanced setting would be the enabling of internet sharing. Many more setting exist, each with a default setting that seems appropriate to attain good "out of the box" security. The proof, however, is how well the firewall performs when tested by an intrusive scan.
My scanning tools include nMap and Nessus. An initial scan from each of these tools, without making any configuration changes to BitDefender Internet Security 2011, showed more open ports and netbios discovered information than I was comfortable with. Nmap responded with its well know bomb icon status indicating the system may be thought of as one that may be open to attack. Nessus provided similar results with a few less open ports.
The thing to remember with this scan is how the network I was connected to was identified to BitDefender: it was identified as trusted. I accessed the network settings via the firewall settings in Expert view and changed the network from Home/Office to Public.
I re-ran the scans and the results were much different. The system was locked down to the point of not allowing any open ports to be identified and no netbios information was enumerated. The take-away here is to make sure you are appropriately identifying networks you connect to and to make yourself familiar with the interface that allows you to change it.
Armed with the knowledge above I do believe the firewall is adequate protection. Maintaining the firewall is easy enough and the various views seem to offer a bit of protection from ourselves as well.
Antivirus and Antispyware Features
The scanning engine behind BitDefender has long been touted as one that is very effective. I found this claim to hold true in the latest version as well.
My own testing involved planting numerous viruses and malware producing files deep within the system directory. This was done prior to installing BitDefender Internet Security 2011 of course. In each instance the files were identified and dealt with appropriately. When necessary I was able to recover files easily from the quarantine. A feature I have come to appreciate as occasionally files can be identified erroneously by any security suite.
I also introduced infected files via a USB drive, these were handled flawlessly. When BitDefender Internet Security notices a storage area has been connected, either via external storage like a USB drive or network storage liked a mapped drive, the system immediately displays a prompt asking if you would like the area scanned. You can choose yes or no and set some application defaults if you prefer.
You also remain protected when browsing the Internet. A visit to a few known malicious sites showed BitDefender was able to terminate the connection rapidly. Further online protection is available via a browser plugin which alerts you to search result links that may be threatening, however the plugin did slow down the display of search results.
You should rarely rely on one opinion where security applications are involved. Thankfully you have access to sources like av-comparatives.org and av-test.org. Both of these sites provide their own independent testing results. AV-Test gave BitDefender a Pass score and av-comparatives gave BitDefender their highest ranking of Advanced+.
BitDefender Internet Security 2011 continues their tradition of providing excellent antivirus and antispyware protection. The scanning configuration is easy to manage and, most importantly, the default protection is more than sufficient.
The 2010 version of BitDefender Internet Security was awarded the 'Buy for Geeks!' badge due to usability limitations. While the BitDefender applications have been very technically sound, the interface may have been daunting for the novice user. I don't believe this to be the case any longer. I've been pleased to find each of the previously identified issues resolved and improvements expanded upon significantly. BitDefender Internet Security 2011 definitely deserves the 'Buy for Grandma!' verdict. Well done BitDefender!