Today we continue the Security for Everyone series with the 2012 version of the popular Norton Internet Security. Previous versions have received pretty good verdicts from many organizations, including from our team. In this review I will try to evaluate if Norton Internet Security 2012 manages to remain one of the top security solutions on the market. Let’s see what I have found out.
First Impressions
Unlike the previous version, Norton Internet Security 2012 starts with making a good impression, by allowing you to download it without having to fill in personal and financial information. The download size is of approximately 104MB. The installation is really slick and sticks to the one click concept. Also, it is great that no reboot is necessary for the installation to finish.
Once you installed Norton Internet Security 2012, you need to activate it so that you can use it. The process involves you providing the details of your Norton Account. If you don’t have one, you can create one by providing your name, e-mail, password and country of residence. Luckily, no financial information is required, allowing you to use the product for 30 days without entering any credit card details. This is a welcome change compared to previous versions, where such information was required.
The first few interactions with the product are pretty friendly. The interface looks slick and impressive. Looking at it gives you a sense of safety and calm.
However, if you look more closely, you notice something weird: the fact that Norton Internet Security 2012 says your system’s status is Secure even though below LiveUpdate you can see that its malware definitions are very old (in my case 96 days old). Unfortunately Norton Internet Security 2012 seemed to ignore this fact and, even though I waited for about 2-3 minutes, it did not automatically start a scan for new updates.
Therefore I had to start the update manually or wait for the next reboot (when it automatically checks and installs latest updates). I chose to start the update procedure manually. Once you update Norton Internet Security 2012 to its latest engine and malware definitions, you do need to reboot so that they get installed.
Integration with Windows
When it comes to integration with Windows 7, Norton Internet Security 2012 fares pretty well. When you install it, it disables both Windows Defender and Windows Firewall, thus eliminating problems caused by possible conflicts.
The impact on boot timings seems negligible. However, I was not able to measure it due to Soluto not being able to detect it as a startup component.
Norton Internet Security 2012 is also light on memory usage. Its services consume somewhere between 68 and 70 MB of RAM, which is very reasonable. Its focus on performance is highlighted by features such as System Insight which continuously monitors the performance of your system and that of the suite itself.
You can also manage the programs that run at the Windows startup and see ratings for all the installed applications, which show a summary of how reliable they are and their impact on performance and security. While you might not expect this from a security suite, it is a welcome addition and a useful feature.
Norton Internet Security 2012 also does a good job at protecting itself from being disabled and you cannot kill its running processes, no matter how much you try.
Speaking of integration with Windows 7, Norton Internet Security 2012 provides a small desktop gadget, which provides a quick overview of your system’s protection level and shortcuts to some of its modules.
If you are into using desktop gadgets, this can be a nice touch. If not, you can easily disable it.
Norton Internet Security 2012 integrates well also with all major browsers: Internet Explorer, Firefox and Google Chrome. You get the Norton Safe Web toolbar, which provides additional features like Identity Safe - which allows you securely store and use personal details such as passwords, logins or credit card numbers - and Site Safety which evaluates is the sites you are visiting are safe or not.
Personally, I don’t enjoy toolbars. I prefer a more discrete approach, like having a button added to your browser which notifies in case of problems with the websites you are browsing. Luckily, the toolbar can be disabled. However, you lose the functionality provided by it.
Ease of Use & Configuration
While using Norton Internet Security 2012, you cannot help but to feel impressed by its slick interface. In the center you get access to the most import functions while on the top and bottom, you have buttons for more secondary features and settings.
One aspect I did not enjoy so much is that some of the buttons found on the bottom of the main window are for installing other products which are not part of Norton Internet Security 2012. Some of these buttons were present in the 2011 version, but their number has increased. Now you are being “sold" into purchasing and installing products such as: Norton Mobile Security, Norton Online Family and Norton Online Backup. Luckily though, there’s no aggressive behavior (e.g. pop-us, e-mail reminders, etc.) that tries to convince you to install them.
If you click on the Advanced button, a window opens from where you can quickly turn on and off the available protection features. You also get access to the link that opens the Network Security Map, a module which is really important to configuring how the firewall protects your computer. Don’t forget to read the Firewall section to learn more.
If you want to access the advanced configuration settings, you click on the Settings button from the top toolbar. Then you can configure in detail all aspects related to how your computer is protected. While browsing through the default settings, I found a few items that, while not that important, will not contribute to providing complete security.
For example, Norton Internet Security 2012 has turned off Microsoft Office Automatic Scans and the automatic removal of infected archives. Also, Boot Time Protection is turned off. Most probably this is set this way so that the suite has a minimal impact on boot timings. However, having such protection turned on in case of infections with rootkits, can be useful. While these choices do not have a big impact on the security of your system, you should consider turning them on.
The available configuration options are pretty much self-explanatory. If you don’t understand some of them, you can click the question mark made available almost anywhere, which takes you to a webpage where you can find more information.
Norton Internet Security 2012 is scheduled to make a full system scan every 30 days, when your system is idle. If you want to create and schedule a custom scan, or modify the schedule of existing scans, there’s no obvious way to do it. You need to first click on Scan Now and then on Custom Scan. This opens a window with the scans defined so far, and their schedule. If you want to create a new scan, you need to pay attention and notice the Create Scan link at the bottom of the window.
This design choice is a bit weird considering how user friendly the rest of the suite is. Access to scans could have been made easier to figure out.
Overall, Norton Internet Security 2012 is a very friendly solution to use. Except for this quirk, everything else is almost perfect.
Firewall
The performance of the Norton Internet Security 2012 firewall depends a lot on how you configure its Network Security Map, found in the Network Protection module.
The trouble is that, when you connect to a new network, Norton Internet Security 2012 automatically assigns to it the Protected trust level. It is not able to assign a trust level based on the network profile you assign in Windows (Public, Home or Work). The Protected level makes Norton Internet Security 2012 provide protection only from known attacks and unexpected traffic coming from devices on the same network.
Unfortunately this design choice is a poor one, no matter which type of network you are connecting to. For example, if you connect to a trusted network like your home’s wireless network, the protected trust level provides good protection but impacts the integration with networking sharing features such as the Homegroup. If you want to share folders, media and devices across the network, without problems, you need to manually change the trust level of the network to Shared.
If you connect to a public network in an airport or cafe, the Protected level provides inadequate protection from threats. Running a scan with Nmap and Nessus revealed that, when this level is enabled, 7 ports are open on your computer, plus the MAC address and operating system can be identified successfully. Luckily, these open ports have a low impact on security.
It would have been great if Norton Internet Security 2012 assigned a trust level based on the network profile the user chooses when he or she connects to a network. This way, if you mark a network as being public, Norton Internet Security 2012 would assign the Restricted trust level and, when you mark another as being home or work, Norton Internet Security 2012 would assign the Shared trust level, so that network sharing works without problems.
Fortunately, if you manually change the trust level to Restricted, you get really good protection, with no ports being open and no information leaking, not even the MAC address.
The good news is that changing the trust level for a network is not a difficult task. However, you should always do it when connecting for the first time to a network, to make sure you get an appropriate protection level.
Antivirus and Antispyware Features
The antivirus is pretty non-intimidating and makes decisions for the user. You are not really asked about what you want to do. When threats are detected, you are notified that action is being taken. What is confusing though is that, at times, you get a prompt similar to the one below.
The trouble is that it doesn’t provide too much information and you cannot click on it to get access to a window with detailed status about what is happening. You are pretty much left in the dark and you can only view more information later, in the reports of the application.
At other times, you get a notification that an attack is blocked. This notification has a View Details link available.
Clicking on it takes you to a window where you can see plenty of details about the attack. Why this is not available when processing threats, is a bit beyond me.
Nonetheless, the protection being offered continues to be good. I browsed a few malicious websites and Norton Internet Security 2012 promptly blocked access to them.
When you insert media such as a DVD or an USB memory stick, they are scanned only if or some other programs access them. If you just insert them in your computer and nothing gets accessed, no scan is made, nor you receive prompts for action.
Norton Internet Security 2012 has been tested by a few independent organisations. In their latest tests, AV-Comparatives gave it an Advanced rating, which places Norton Internet Security 2012 somewhere in the middle of the pack, regarding its protection effectiveness. The result is due to Norton returning many false positives compared to the competition. A similar position was given in the latest Anti-Phishing tests, Norton being ranked 8 out of 19.
Virus Bulletin ranked Norton as having a 90%+ reactive detection rate and 80%+ proactive detection rate, in their latest comparative.
All-in-all I can say that Norton provides pretty good protection. Even though I tried, I did not manage to infect my test system.
Verdict
The only real design issue Norton Internet Security 2012 has, is the fact it assigns the Protected trust level to all networks you connect to. This can either impact network sharing features or prevent it from providing complete firewall protection when connecting to public networks. Luckily, this can be fixed quickly by changing the trust profile assigned to the network you are connected.
Except for this issue, I can say that Norton Internet Security 2012 is a light-weight suite, which focuses on providing good protection with as few clicks as possible, while impacting the performance of your system in a minimal manner. Its default configuration helps it be a discreet presence on your system, which requires minimal input to keep things secure.
Purchasing Options
You can buy this product from Amazon US (if you are from North America) or from Amazon UK (for European countries). When you are buying from Amazon, we also receive a small affiliate commission which will help pay for some of our work on the site. A big thank you to all of you who are buying using these links.