Security for Everyone - Reviewing Trend Micro Internet Security 2010
This week on Security for Everyone, our guest is Trend Micro Internet Security 2010. Trend Micro is a company with moderate success on the security market, and they now have a new product which has the mission to bring lots of improvements versus the rather poor 2009 version. Not only this but it also has to make its way on a market that is highly competitive and is shared by companies like Symantec, ESET or Kaspersky. Does Trend Micro Internet Security 2010 have what it takes to survive in this veritable lion pit? Read on to find out.
First impressions
The installation process is simple and does not require any special operations; for that matter, it does not even require restarting the computer. It does not install toolbars or similar unwanted software. If the user chooses the Automatic mode, where no options are to be tweaked, the entire process takes less than two minutes. There is no install-time virus scan or disinfection. This makes the installation procedure fast, but can also make Trend Micro Internet Security difficult to install on an already infected system.
When ran for the first time, Trend Micro Internet Security 2010 will start by making some checks in order to auto-detect some settings. The auto-detection feature is good enough and options require very little tuning. There is no first run wizard, not even a hint pointing the user towards a number of first-time checks for his computer.
Trend Micro Internet Security 2010 sports a simple and conventional interface. The navigation bar on the left of the window offers easy access to all the main areas of the program, and the range of options itself is not very large. Trend Micro Internet Security 2010 is clearly aimed at novice users. All its modules (perhaps except for the firewall) do not have too many customization options, but offer all the basic tuning options required to fit your grandmother's computer habits. So far, the first impression was favorable.
Ease of use and configuration
The suite has a mixed approach to many of its functions. For instance, the antivirus can be configured to skip its checks for trusted programs. It can also be configured to remove programs placed in an Unwanted list, an option which can sometimes compensate the lack of versatility of the detection engine itself. The firewall also has a mixed approach; it supports user-defined location profiles and uses auto-detection for some of its functions, but also allows the user to specify firewall exceptions.
All of the more important functions are easy to find. Scheduling a scan or a signature update can be done in no time, due to the very clear organization of the interface. The interface also has a very good separation of basic and advanced settings. For instance, the antispyware module includes a feature that can block unauthorized changes to your computer's settings. At the basic level, the interface simply allows toggling this feature on or off. Dig a little deeper and you will find the possibility of specifying which changes to be blocked and which ones to be allowed and how to respond to them.
The only serious usability problem of Trend Micro Internet Security 2010's interface is the somewhat uninspired location of some settings. For instance, the option of preventing suspicious programs on USB sticks from launching is strangely hidden under the Settings page of the aforementioned unauthorized change protection feature. Options effectively related to antimalware features (such as the amount of feedback on threat removal) is hidden under Security Warnings in the Other Settings and Subscriptions page. Fortunately, given the program's low number of options, it is easy to find one even if it is not always placed where you would expect it to be.
Firewall
While easy to operate, Trend Micro Internet Security 2010's firewall is among the lowest performers in our series so far. It does not completely hide the computer's ports and it leaks a lot of useful information to scanners. It does perform well against average script kiddie attacks, so you would expect the firewall to be powerful enough for desktop use, but it leaves a lot of open doors. For instance, it does not filter all types of traffic. Although the unfiltered traffic is unlikely to be harmful for a single computer, it can be used for attacks against computer networks.
Unfortunately, Trend Micro Internet Security 2010's firewall module also has a lot of rough edges on its inside face. Its process can be terminated or bypassed. It also leaves a lot of open doors from the inside, allowing installed programs to query outside servers. As a consequence, it is highly vulnerable to leak tests, where already-installed programs manage to sneak in malicious software from the Internet. Installation programs of known malware were allowed to be downloaded and started without much fuss. This may not have been much of a problem if the antivirus was strong enough, but as we will see right away, it is not.
While most desktop-level security suites are far below the performance of their enterprise-level counterparts, the amount of protection which Trend Micro Internet Security 2010 can provide is hardly sufficient. However, it should be noted that compared to the 2009 version, Trend Micro Internet Security 2010's firewall is considerably improved. In fact, its failures are not effectively due to technological reasons. In some areas, the firewall is actually stronger than that of established security tools that we have reviewed. It fails in terms of integration with other modules and self-protection.
The sub-par performance of the firewall module is even more unfortunate considering the fact that in terms of usability and ergonomy, it is actually good. It exposes two configuration layers. The basic one has only a single, adjustable slider, which sets the security level between a set of pre-defined levels. These can also be assigned based on locations, which is useful on laptops where you want minimum restrictions in your home network and some paranoia in your favorite tavern. Advanced settings are available and can be somewhat intimidating. Unfortunately, allowing or denying access for a program is considered to be an advanced setting, so if a program is mistakenly blacklisted, your grandmother may find it uncomfortably difficult to whitelist. The default settings are correctly tuned for a very general profile, but require some tweaking. The addition of a first-run wizard might have been a useful option, especially due to the somewhat cumbersome process of selecting an appropriate profile for a given location and network.
Antivirus and antispyware features
When testing the antimalware efficiency of a security suite, we have two main criteria to evaluate: detection and removal. A desktop security suite should detect (and, if possibly, identify threats) and then remove them, requiring as little user input as possible. Unfortunately, Trend Micro Internet Security 2010 fails in all major areas here.
In the absence of reliable third-party results (due to Trend Micro's products no longer participating in tests like those of AV-test.org), I can only rely on my own infected test systems, which only have a subset of the a security lab's malware samples. Even so, Trend Micro Internet Security 2010 had the lowest detection rate in our series so far. Removal also proved to be problematic; while it did manage to remove all but two of the viruses, trojans and spyware programs it detected, all the detected rootkits were safely left behind. The detection rate was also unexpectedly low when dealing with adware. This is not a common stumbling stone for security programs, and Trend Micro Internet Security 2010's performance was below average.
The resource consumption was a disappointment, too. While the impact over boot and shutdown time is very low, the memory requirements is above average, scanning is slow and there is a noticeable effect over day-to-day operations. We have seen a worse performance impact in our series before, but this one is not technologically justified. The scanning engine does not have any ground-breaking features (or if it does, they are clearly inefficient) and the signature database is obviously smaller than that of other suites.
Trend Micro Internet Security 2010 also includes a behavioral detection module. However, its efficiency is questionable; from the 18 samples that were 2 week-old or less, Trend Micro Internet Security 2010 only detected 10. This is slightly more than half, which would have been great five years ago, but other suites can reach up to 70-75% nowadays. This is particularly important for novice users who are considerably more exposed to new threats. Advanced users may be able to spot a suspicious e-mail attachment and are more likely to run a quick Google search about an obscure program they just found out about.
The active protection module does its job, but it suffers from an acute usability problem. Whenever it detects a threat, Trend Micro Internet Security 2010 will try to delete or quarantine the file. However, by default, it will not warn the user of its action. As a consequence, downloading an infected file or copying it from an infected USB stick will sometimes result in the file appearing to have been copied and then vanishing into thin air. This is frustrating when copying entire folders, as there is no indication that not all files have in fact been copied. Of course, it is safe to assume that users would not want infected files, but the lack of feedback can prove problematic. Fortunately, this behavior can be changed.
If you do not mind the lackluster protection that Trend Micro Internet Security 2010 can offer, operating the antivirus is simple enough that anyone can do it. Scheduling scans and updates, running custom scans and just about any other basic option is easy to find within the interface. While not providing the versatility of other suites, its simplicity makes it usable by anyone.
Verdict
Trend Micro Internet Security 2010 is not the worst in terms of usability, but I think it can provide the lowest amount of security among the suites we reviewed so far. It is certainly not adequate for novice users who cannot realistically assess the threats on their computer or their desktop security suite's performance. If you are an advanced user who does not mind spending the extra cash, or if you had this on an OEM disk that came with your computer, it may be a good albeit temporary solution. Even in this somewhat poor showing, the 2010 version is vastly improved over the 2009 version. Thus, I think that if Trend Micro can make a few more technological leaps of this level, Trend Micro Internet Security can become a solution of at least standard quality. If you want to give it a try, you can download a trial version from here.
Purchasing options:
You can buy this product from Amazon US (if you are from North America) or from Amazon UK (for European countries). When you are buying from Amazon, we also receive a small affiliate commission which will help pay for some of our work on the site. A big thank you to all of you who are buying using these links.
Related articles:
Comments
Thank you Ciprian, I've found
Thank you Ciprian,
I've found Trend Micro IS 2010 preinstalled on my new laptop with Windows 7, it modified some Windows 7 features and I didin't like this fact.
When I unistalled it I found several registry leftovers.
As you say, there are better security combinations.
Thank you for your excellent review
Trend Micro are relative
Trend Micro are relative newcomers on the market of security programs(?)
Where have you been for the past 10 years? Trend Antivirus programs have been around for years. I used their PC-cillin since 1999 right up until last year when it became too bloated and bogged my computer down. It used to be a great program, but then they tried to add everything and make it a suite. The AV itself was great. That's why I hung in there for so long. But I finally gave up and have switched to Avast Free version.
Point taken - thanks for the
Point taken - thanks for the feedback. We should have checked better the history of this company. We've updated the intro.
Why do I read nothing about
Why do I read nothing about McAfee Security Center that I get free from AOL or Comcast?
I have used it for 10 years, on many computers, without any problems and totally free.
It does let some minimal spyware get through that is easily taken care of with the usual free anti-spyware software.
McAfee is on our list of
McAfee is on our list of security suites we want to review. Problem is, they don't seem to offer a free trial. You need to create an account on their site, then pay and then download. We tried to get in touch with them but so far no answer. We will try again in January 2010.
I keep running into an issue
I keep running into an issue with TrendMicro Internet Security. I have a new installation of Win 7 64 bit. Running Outlook 2010 and Trend Micro IS 2010; the antispam toolbar will not run. (it loads but will not enable). Multiple disinstallations and re-installs have changed nothing.
As far as I can make out, the antispam toobar is not digitally signed with an acceptable (Microsoft's word) digital signature. Each time I've tried to address this with TM, they act like there is not a problem and once spent hours 5-6 online in my computer screwing around and driving me crazy with reinstalls and reboots.
If you can, check the Antsispam toolbar issue with your installation. I couldn't make out if you installed the 64 bit version of Win 7 or were using the upcoming but available Office 2010 programs.
Thanks for a very informative analysis of the various options out there!
Most probably the antispam
Most probably the antispam toolbar is not compatible with Office 2010, since it is a beta version. Disable this feature and wait until Office 2010 will have a final version. I'm sure TrendMicro will update their security solution to support Office 2010.
It may well be that Outlook
It may well be that Outlook 2010 is the messenger; but the Windows 7 64 bit op system will not allow unsigned drivers to run. I have an identical problem with an HP TV tuner, though at least HP recognizes there is a problem. Outlook 2010 is just the bearer of the news. The driver is listed in Outlook add-ins, but disabled. It was in tracking down the error that I figured out it was because the TMAS driver is unsigned. Excuse me, acceptably signed and matching Microsoft's magic list.
Microsoft is unrepentent about taking this course at the moment. Given that refusing to allow unsigned driver loading is official MS policy for 64 bit implementations I don't think Trend Micro should be blaming this on Outlook.
There are work arounds available on the web for putting Win 7 in test mode to allow the drivers to run. But they're clumsy.
I discovered your site as I was looking into Kapersky as a Trend Micro replacement. After several unrewarding sessions with Trend Micro chat, ("please open Trend Micro and enable the antispam bar" all the way through "uninstall trendMicro and re-install" repeatedly).
I greatly enjoyed reading your well done reviews!
Post new comment