Today we welcome TrustPort Internet Security 2011 to the Security for Everyone series. TrustPort is a Czech company, initially formed as AEC in 1991. In the early years of the 21st Century they began using the name TrustPort for their own line of security products. They formed as their own stand alone company in 2008 and have been participating in tests done by several independent antivirus testing organizations. This review will be one from a fresh perspective as I have never tried, nor encountered, any TrustPort solution. Let us learn together how well this solution protects your system.

First Impressions

TrustPort makes available a 30 day trial of their Internet Security 2011 product. You can download it easily from their site without the hassle of filling out a form or jumping through any other hoops. You may need a bit of patience though due to the whopping near 200 MB file size.

The installation is very straightforward and doesn't allow for any customization beyond choosing the installation directory. A single reboot is required after which your PC will be protected by TrustPort Internet Security 2011. There are no extras such as toolbars or other applications installed along with TrustPort. If not for the two new system tray icons, you may not even notice the product was installed at all. The system tray icons allow you to launch the main application and also provide insight into whether or not the on-access scanner is running. You can also right click the on-access icon to display a small statistics pop-up.

The main TrustPort interface is well organized and easy to follow with minimal options. The status of each area is presented clearly, and identifying how current the virus definitions are is an easy task. The main areas are reserved for actions associated with Antivirus, Network and Updates. There is the option to select Expert Settings which thankfully does not change the main interface, rather it opens a new window with the main application settings.

All in all, I am quite impressed. I have not seen a single prompt since installing TrustPort Internet Security 2011 and none of my typical Internet activity has been hindered. TrustPort does a good job with ending the Windows Firewall and Defender services.
Also, the initial impact on system resources is reasonable, even while running an initial scan. In the next section we'll discover how easy or difficult TrustPort is to configure and use.

Ease of Use and Configuration

The usability of the main TrustPort interface is something to be admired. They managed to keep the options to a minimum without sacrificing links to the critical features one would need quick access to. More importantly, in my opinion, is that none of the links from the main interface take you into the Expert Settings. This simple accomplishment makes accessing the Expert Settings an intentional action on the part of the user.

The Antivirus section allows you to start varying types of scans behind the Scan for viruses link; however, when you run a scan you must answer a prompt indicating you are using a trial version. This trial prompt is not displayed for a scheduled scan. The More functions link will take you into the quarantine or deliver you to related reports. You also have the option to configure Real-time and On-demand scanning. When configuring the scanning types you have a few options available to you including the types of files to scan and the default action to take on identified threats.

The Network section of the main interface allows you to change the basic firewall behavior otherwise known as Protection Against Hackers. You can choose how connections are managed, whether or not to allow trusted programs and if you should be prompted when connections from unknown or untrusted programs are attempted. Each of these options are only a click or two away and you have yet to be forced into the Expert Settings.

When you do choose to investigate the Expert Settings, you'll find all the other options associated with most security suites. Among the Antivirus options you'll find scheduling a scan, excluding file types or directories and managing heuristics. You'll also find that TrustPort utilizes two scanning engines when detecting and cleaning threats. The scanning engines are BitDefender and AVG. You have the choice of using one engine or both for the different types of protection provided: On-Demand, On-Access and Internet Protection.

The TrustPort Personal Firewall settings are also found within the Expert Settings. Here you can view the firewall log, choose how connections are managed and whether or not firewall rules should be used. You'll find rules are managed via the Filter Definitions interface. Adding rules is a pretty easy wizard driven task. You can create a custom rule or create a rule from the log. The latter is handy if you find an application is being blocked. Simply selecting the log entry blocking the application allows you to create the rule and edit access to allow.

I really only have one criticism of TrustPort and that is regarding the system tray icons. They disappeared. They were in the tray after the installation and reboot but a subsequent reboot found them gone and gone they have remained. The services all start and the system is protected, there is just no visible cue TrustPort is running. I'm hoping this is an anomaly with my system because otherwise TrustPort is very easy to use and configure.

Firewall

Working with the TrustPort Personal Firewall has proven to be one of the easier firewalls to manage and configure.

From the main application interface you can adjust how network connections are handled. The choices here include:Permit All Connections, Enable Outgoing Connections, Use Firewall Rules and Deny All Connections. The default is to Use Firewall Rules. The main interface also allows you to address a couple of Protection Against Hackers settings via the Configure link.

The main interface also provides a handful of at-a-glance real time statistics which can prove helpful if you suspect nefarious activity is occurring.

If the options presented above do not provide the flexibility you need, you'll find more within the Expert Settings. The most notable feature here is the ability to mange rules and rule sets.

Rule sets, found within Filter Administration, give you the ability to group rules together. This might be helpful if you have specific ports that should be open or applications that should be denied within a workplace setting. Using rule sets, you can define the rules that should be applied if the network you are connecting to matches the rule set definition. The rule set definition can apply to a single IP address, a range of addresses or addresses within a specific netmask.

TrustPort includes a default rule set which contains all the predefined rules. There is an option to export and import sets as well, which could certainly come in handy if you were upgrading your system or reinstalling the operating system. Unfortunately there doesn't appear to be a way to move rules from one set to another or import into an existing set. This is cumbersome and is screaming for a nice drag and drop interface to manage the various sets.

Managing the rules themselves is fairly simple. Creating new rules is a wizard driven process where you can create a custom rule or create one from a firewall log entry. Editing rules is also pretty simple considering how complex some rules can be.

I took some time to scan the test system to test the effectiveness of the default firewall configuration. The results weren't ideal but I expect the firewall would protect a home system well enough. Nessus identified twelve open ports while Nmap identified eight. There was also a little too much information revealed from netbios queries and the operating system was identified easily.

Aside from tweaking rules, there is little, from a novice perspective, that can be done to tighten the security without blocking traffic indiscriminately.

The TrustPort Personal Firewall is easy to configure and provides acceptable protection for the novice user, however there remain opportunities for improvement.

Antivirus and Antispyware Features

Have I mentioned how quiet TrustPort Internet Security 2011 is? The only prompt I have seen, post-installation, was when I inserted a USB drive and was asked if I wanted to scan it. While this can be considered a good thing, I have to wonder if too quiet really is a good implementation.

As with other reviews, I planted several infected files pre-installation and introduced more after the install. TrustPort handled each infection easily within a couple of passes: one quick scan (which scans a small portion of the system) and a scheduled full disk scan. The quick scan completed in a few minutes and the proof of removal was displayed in the details screen. The full scan also uncovered undesirables yet reported nothing at all in terms of prompts or notifications. I had to check the AntiVirus logs to know for certain the threats had been handled appropriately. I expected the cleaning to take a couple of scans due to the level I had buried some of the threats. A quick scan usually covers processes resident in memory as well as user directories and sometimes the top level directories of the main system drive.

This lack of prompts is where I question how useful this implementation is. Prompts do serve a purpose beyond simple notification or annoyance, they should also educate. Most issues where security is compromised, whether on your local computer or through a phishing scam using the telephone, can be avoided by adjusting our behavior. In the context of this review, prompts and notifications can help direct a behavioral adjustment. The good thing is that the default behavior can be changed. If you want to see a prompt for action, you can easily set TrustPort to notify you.

I also took my testing online to see how effective TrustPort is at blocking real-time threats executed via malicious sites. This is getting more and more difficult to test as browsers become adept at playing the role of security officer. Of the few sites the browser didn't detect first, TrustPort did. On at least one occasion, I allowed the connection and subsequently was fed an infected file which TrustPort handled with aplomb.

The task of scheduling a scan is well implemented in TrustPort. The interface is easy to manage and a clean status screen provides visibility into when the task last ran and whether or not it was executed successfully. Each scan type that can be scheduled is set to run silently. This is not something that can be changed, and goes hand in hand with the predominantly silent implementation we have encountered thus far.

I also like the decision to use multiple scanning engines, namely BitDefender and AVG. In many cases this can result in a system that scans a bit slower than a single scanner counterpart. I did not find this to be the case with TrustPort. While performance wasn't stellar, it certainly was better than average in my testing and did not impede typical usage.

Of course, you should always consider more than one opinion when it comes to security software. Av-comparatives.org last tested Trustport at the 2010 version and awarded the Advanced certificate. It seems the reason Trustport was not given the Advanced+ certificate was due to a greater number of false positives being identified. The flip side is that TrustPort had the second best rating when it came to identifying real threats. In August 2010 TrustPort was awarded the VB100 badge for excellent testing results. The Virus Bulletin results concluded that TrustPort had no missed threats nor any false positives.

TrustPort has an effective scanning solution. My only criticism would be the lack of prompts. It seems crazy to be critical of such a thing but I believe we have been taught to expect them and at this point I'm not sure which mindset is the right one.

Verdict

TrustPort Internet Security 2011 is responsive and provides a suitable level of security for the home user. Of course there is always room to improve and TrustPort would do well to not become complacent. Opportunities exist to improve the user experience a bit yet none are so great that the novice user would feel ill at ease with the application. There remains the question of whether or not an implementation that shows next to no prompts is a wise and safe one. However, this can be changed with ease and you can make the application work the way you want it to.
Overall, TrustPort's user friendliness, discreteness and good level of provided security make it a solution worthy of the "Buy for Grandma!" award.

Related articles: