Norton Internet Security, developed by Symantec Corporation, is a computer program that provides malware prevention and removal during a subscription period and uses signatures and heuristics to identify viruses. Other features included in the product are a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after fourteen years as the chief Norton product. It is superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.
Symantec distributed the product as a download, a boxed Compact Disc (CD) copy, and as OEM software. Some retailers also distributed it on a USB flash drive. Norton Internet Security held a 61% market share in the United States retail security suite category in the first half of 2007. In this study, competitors, in terms of market share, included security suites from CA, Inc., Trend Micro, and Kaspersky Lab.
Video Norton Internet Security
Windows edition
In August 1990, Symantec acquired Peter Norton Computing from Peter Norton Norton and his company developed various applications for DOS, including an antivirus. Symantec continued the development of the acquired technologies, now marketed under the name of "Norton", with the tagline "from Symantec". Norton's crossed-arm pose, a registered U.S. trademark, was featured on Norton product packaging. However, his pose was later moved to the spine of the packaging, and later dropped altogether.
Users of the 2006, and later versions, can upgrade to the latest version of the Norton software without buying a new subscription. The upgraded product retains the same number of days left on a user's subscription.
Releases are named by year but have internal version numbers as well. The internal version number was advanced to 15.x in the 2008 edition to match the Norton AntiVirus release of the same year. As of the 2013 (20.x) release the product has dropped the year from its name, although it still is referenced in some places.
Version 2000 (1.0, 2.0)
Norton Internet Security 2000, released January 10, 2000, was Symantec's first foray beyond virus protection and content control filters. Its release followed an alliance between Internet provider Excite@Home and antivirus vendor McAfee.com to provide Internet subscribers with McAfee's new firewall software, McAfee Personal Firewall. Version 2000s firewall, based on AtGuard from WRQ, filters traffic at the packet level. It can block ActiveX controls and Java applets. Other functionalities include cookie removal, and banner ad blocking. ZDNet found the ad blocker removed graphics that were not ads, breaking pages. Adjusting the settings fixed the problem, however the process was complicated. ZDNet noted the lack of information presented concerning attacks the firewall blocked. Norton LiveUpdate downloads and installs program updates.
The Family Edition adds parental controls. Parental controls are backed by a quality control team of 10 searching the web for inappropriate content. Found content is categorized in subject matter and placed on a blacklist of about 36,000 sites. A designed administrator can add blocked sites, however the pre-supplied blacklist cannot be viewed or edited since it is hard coded. Administrators can block certain subject matters. Another option is to block all sites, then create a whitelist of allowed sites. Family Edition can also block transmission of specified personal information. Such information is replaced with the letter "X". However, CNN noted X-rated sites are retrieved when personal information is queried by a search engine.
Version 2.0 was released June 12, 2000
Version 2001 (2.5, 3.0)
Version 2001 (2.5) was released September 18, 2000, adding support for Windows ME in addition to the Windows 9x series, Windows NT, and Windows 2000. Following attacks by the ILOVEYOU and Anna Kournikova script viruses, this version can block malicious scripts without virus signatures, but by analyzing behavior.
The firewall scans for Internet-enabled applications and creates access rules based on a knowledge base maintained by Symantec during installation. In PC Magazine testing, the installation took 24 minutes to complete on a 750 MHz Pentium III with 92 Internet-enabled applications. Using the firewall, users can determine whether to accept cookies, Java applets, and ActiveX controls on a global or per-site basis. A new feature, Intrusion Detection with AutoBlock, can detect port scans and block further intrusion attempts. The program provides notifications for intrusion attempts, stating the severity level and providing access to threat details. Alternatively, the firewall can put the computer in stealth, essentially hiding the system. Users can configure the security level, affecting the number of notifications. Testing conducted by PC Magazine using Shields Up and Symantec's Security Check found that the firewall successfully stealthed all ports, hiding the computer from view. A leak test was conducted to see the firewall's ability to detect outbound connections. Each attempt was detected and the suite offered to block the attempts.
The Family Edition, like the prior version, includes parental controls and the information filtering feature. Parental controls come with a list of objectionable sites, separated into 32 categories. The list is updated every two weeks by Norton LiveUpdate. Using the list alone, Norton only blocks sites present on the list. Consequently, Norton may not block sites until the next update. Parents can customize the list, adding or removing sites. A list of allowed sites can be created to restrict children to those specific sites. This version uses application blocking rather than protocol or port filtering to control Internet access. Children can be restricted in what applications they used to access the Internet. A parental controls profile can be set up for each child, and settings can be automatically configured based on their age group, whether they be a child, teenager, adult, or administrator. Internet usage and violations are noted in a report presented to parents. PC Magazine found that enabling parental controls added a minute to a computer's boot time.
Version 3.0 was released March 19, 2001
Version 2002 (4.0, 5.0)
Version 2002 was announced August 28, 2001. The Family Edition was dropped, so parental controls and information filtering are bundled with this release. The installation was noted as quick and simple by both PC Magazine and CNET. An installation requires a reboot, and afterwards the Security Assistant guides users through a questionnaire to best configure the settings. A problem CNET encountered when upgrading from the prior release was the loss of customized settings. PC Magazine found the default settings, aimed at avoiding frequent notifications, were somewhat permissive. Windows 95 support was also dropped.
Running a full scan complies a list of Internet-enabled applications. Users set permissions or accept Norton's default settings. The firewall detects and blocks port scans and logs intrusion attempts. This version does not run a trace on attackers, however Symantec is planning an online tool to do so. To ensure rogue programs can not masquerade as trustworthy applications, Norton verifies programs against a list of digital signatures for known programs, update Tracker warns users if hackers attempt to gain access to users' computers. The firewall blocked all access attempts from Shields Up and Port Checker. This version includes a wizard to simplify firewall setup to accommodate for multiple computers sharing an Internet connection. With this release, Norton can prevent specified personal information from being transmitted via a compatible instant messenger client, e-mail, and websites. Ad-blocking includes the Ad Trashcan, where users can place ads that slipped past ad-filtering.
A Professional Edition was announced December 11, 2001, with marketing aimed towards business owners. This version features Norton Intrusion Detection, which intercepts suspicious connections and attacks, such as the Code Red worm. Intrusion Detection focuses on Windows-based attacks only. Central management is also present in this version. Administrators configure firewall and productivity settings for client computers. Productivity settings allow administrators to block newsgroups, websites, and advertisements. The suite integrates with XP user accounts; settings can be personalized for each user.
Version 2003 (6.x)
Version 2003 was announced September 16, 2002, scheduled to be available for purchase later that month. This version adds Norton Spam Alert to reduce. Spam filtering scans the whole message and its context, rather than looking for keywords to ensure accuracy. A POP3 client must be used. When a message is identified as spam, Norton inserts an identifier, by default it is "Spam Alert:", in the subject line. Using the mail client, users can create a rule to delete or move flagged messages. Users can also create strings of text for Spam Alert to look for when classifying e-mail. In PC Magazine testing, Spam Alert mistakenly classified 2.8 percent of legitimate e-mail as spam. 47 percent of spam slipped past the filter. Although false positive rate was low, the feature did not fare well at finding actual spam.
The updated main interface has green and red indicators to show which features are active and which need attention. The firewall has several updated features in this version. A Block Traffic button present in the main interface blocks all incoming and outgoing Internet traffic. Another new feature, the Visual Tracker, graphically maps attacks back to their origin. The firewall blocked all port scans conducted by CNET, stealthing each port.
Following the Nimda and Code Red worms, this version scans all incoming and outgoing traffic for suspicious data exchanges against a routinely updated database, a feature ported from Norton Internet Security 2002 Professional Edition. Connection to the offending computer is automatically severed if the traffic matches a database item.
Symantec announced a Professional Edition on November 19, 2002. Data recovery tools in this version allow users to recover deleted or malware-damaged files. The inclusion of a data erasure tool allows users to delete files while minimizing the chance of recovery. Web Cleanup removes browser cache files, history, and cookies. To maintain dial-up connections, Connection Keep Alive simulates online activity during periods of user inactivity. Norton Productivity Control enables users to filter Internet content and block newsgroups. When used with the User Access Manager, multiple filtering profiles can be created, assigned to different users.
Version 2004 (7.x)
Announced September 8, 2003, version 2004 adds adware, spyware, and keylogger protection. PC Magazine found the added protection to be weak. Out of the spyware samples Norton detected, a significant number were not removed completely, requiring manual removal. Norton also did little to prevent spyware infections.
Norton AntiSpam, the renamed spam filtering feature, has a set of spam rules, which cannot be viewed or edited. Whitelists and blacklists of senders can be created. Users may also create their own spam definitions. AntiSpam integrates with Outlook, Outlook Express, and Eudora, allowing users to tag e-mail as spam on-the-fly. E-mail identified as spam are either quarantined by default, however the feature can be configured to delete such messages automatically. In CNET testing, AntiSpam correctly identified 94 percent of spam messages.
Product activation was introduced in this release. After installation, users are allowed a 15-day grace period to activate their copy of Norton Internet Security 2004. The program will not work after the deadline without the 24-character product key. The product key used to activate a copy of Norton Internet Security ties in with an alphanumeric code based on a computer's hardware configuration. Users may activate their product five times with the same product key, however licensing terms dictate users are allowed only to install Norton Internet Security 2004 on one computer.
Version 2005 (8.x)
Symantec introduced Version 2005 on August 17, 2004. This version is sometimes referred to with the tagline of "AntiSpyware Edition", since spyware detection is integrated with Norton and is by default enabled. Found threats are listed, separating the ones already dealt with and the ones requiring user interaction. More detailed information is provided through a link to Symantec's website. However, PC Pro and PC Magazine noted lengthy scan times. A full scan took 24 minutes to over half an hour, respectively. In PC Pro testing, Norton detected 61 percent of the spyware samples, compared to an average of 68 percent for all the tested products. Removal rates were above average, 72 percent versus the average of 68 percent. Norton blocked reinstallation with a score of 48 percent, compared to the group average of 43 percent. Overall, Norton ranked fifth among the tested products. In PC Magazine testing, Norton installed slowly on infected systems and failed to install on one altogether. Contacting Symantec did not resolve the issue.
Other new features include Internet Worm Protection to block worms, which scan IP addresses for open ports. It also blocks inbound ports based on known and suspected exploits using signatures and heuristics. The addition of the feature follows MSBlast in 2003 and Sasser in 2004, worms that exploited vulnerability in Microsoft Windows' operating systems. In response to emerging privacy threats -- 75 percent of the threats in the last 12 months attempted to steal confidential information -- this version adds phishing protection. Using the firewall component, users can create a whitelist of sites where confidential information can be transmitted. Users are alerted when information is transmitted to a site not on the list. The Outbreak Alert feature warns users of major threats as classified by Symantec, and users can press the Fix Now button to applies a set of changes to close vulnerabilities, such as blocking necessary ports used by a propagating worm. The Browser Privacy can suppress information website generally receive about its visitors, such as the browser and operating system used. The feature can also block advertisements.
Privacy Control can warn users when sending confidential information. It can also be configured to block the transmission. It allows users to specify how the information can sent, such as via IM or e-mail. Item-specific exceptions allow users to control where there data can be sent. However, PC Pro found a flaw in the information filtering feature. The way information is formatted on the list of confidential information can affect its effectiveness. For example, entering the last six digits of a credit card number will not stop the numbers from leaking if they are grouped in four digits. PC Magazine also noted the fact anyone who can login to the computer can view the database of private information. For that reason, Symantec recommends entering only the last portion of sensitive information.
Norton AntiSpam now scans e-mails for spoofed URLs and deals with any offending e-mail as spam. E-mails can also be blocked based on language, however by default the filter allows all languages. AntiSpam can sync its own list of allowed senders with POP3 address books. Users can train the spam filter by pointing out valid e-mail marked as spam and vice versa. Support for Yahoo! Mail and Hotmail was added in this release.
Version 2006 (9.x)
Norton Internet Security 2006 debuted on September 26, 2005. The new main interface, the Norton Protection Center, aggregates all information in a central location. Security status is shown by how secure the computer is for tasks such as e-mail and Internet browsing, not in the context of which features are enabled. The Protection Center can also recognize third-party software protecting the computer. The new interface advertises additional products from Symantec; some categories of protection, such as "Data Protection", will read "No Coverage" until the user purchases and installs Norton SystemWorks. An additional system tray icon is created by the Protection Center.
The installation was noted as lengthy by PC Magazine, especially on malware-infected systems. Spyware detection has been tweaked since the last release. It has been updated to better identify keyloggers. In PC Magazine testing, Norton successfully detected all 11 spyware threats and removed all but two. PC Magazine did give Norton credit even when manual removal was required. The suite also removed three of four commercial keyloggers. When attempting to install the spyware on a clean system, Norton blocked all 11 and two of the four commercial keyloggers. In most cases, it did not block the installation, however Norton did call for a scan after the spyware was installed. In PC Pro testing, Norton detected 78 percent of spyware, removed 82 percent, and blocked 65 percent from installing.
Norton AntiSpam was discontinued as a separate product from Symantec, now only available in Norton Internet Security. The feature can block all e-mail from unknown senders, and automatically blocks messages with suspicious elements such as invisible text, HTML forms, and phishing URLs. To improve accuracy, Norton analyzes outgoing e-mails and messages whose categorization is corrected by users by hitting the "This is spam" and "This is not spam" buttons. In PC Magazine testing, the feature marked one in ten valid e-mail as spam and let one in every six spam messages in the inbox. 400 messages were used, and the program was allowed to process the messages for over a week. In PC Pro testing, the feature performed better, blocking 96 percent of spam, with a false positive rate of 0.2 percent.
Norton recommends disabling the Windows Firewall to avoid redundant alerts. The firewall stealthed all significant ports in PC Magazine testing. Attacking the firewall itself was unsuccessful, and PC Magazine was unable to stop its service, terminate its process, or disable the firewall using simulated mouse clicks. The firewall also passed PC Pro's tests, successfully stealthing all ports.
Other features include Bloodhound technology, which looks for virus-like behavior to better find zero day viruses. The Security Inspector looks for common vulnerabilities, including insecure user account passwords and browser insecurities. Advertisement blocking rewrites a website's HTML to prevent advertisements from being displayed. Parental controls, an optional component, can block certain programs from accessing the Internet, such as IM clients, and restrict newsgroup access. Restrictions can be assigned to different Windows users accounts. Sites are classified in 31 categories, and the four profiles which can be assigned each block different categories of sites. Supervisors define exceptions, add global blocked sites, or block all access to sites not on a user-created whitelist. Both PC Magazine and PC Pro noted the exclusion of time-based restrictions. Information filtering can be controlled on a per-user basis.
Windows 98 compatibility was dropped from this release.
Version 2007 (10.x)
The 2007 version was announced September 12, 2006. A tabbed interface allows users to access the Norton Protection Center and the program settings without separate tray icons and windows open. Symantec revised Norton Internet Security and made this version more modularized, which has reduced the suite's memory usage to 10-15 megabytes and scan times by 30-35 percent. Another result is that spam filtering and parental controls are separate components to install. When installed, the features consume 100 MB of disk space.
Anti-phishing integrates with Internet Explorer. It analyzes sites, examining the website's URL, title, form, page layout, visible text and links, and uses a blacklist to detect phishing sites. Users are blocked access from suspected phishing sites, however are presented an option to continue. In PC Magazine testing, the feature blocked 22 of 24 phishing sites, while Internet Explorer 7 recognized 17 of the 24 sites. In PC Pro testing, the feature successfully blocked access to every phishing site it was tested against. Spam filtering no longer includes a language feature, Symantec claims it is less useful with current spam and created false positives. Tested against 1,500 messages by PC Magazine, Norton let over half of the spam to the inbox. Five percent of valid mail were marked as spam. This version utilizes Symantec's Veritas VxMS technology to better identify rootkits. VxMS allows Norton to find inconsistencies among files within directories and files at the volume level. A startup application manager allows users to prevent applications from launching at login. This release drops support for Windows 2000 and was compatible with Windows Vista upon its release with an update.
The firewall makes all decisions by itself to lessen the chance of being weakened by a misinformed decision. Applications known to be safe are allowed Internet access, and vice versa for malicious applications. Unknown ones are analyzed and blocked if they exhibit malicious behavior. In both PC Magazine and PC Pro testing, the firewall did not incorrectly block any safe applications from Internet access. All malware was blocked by the firewall. PC Magazine testing reflected the same results. The firewall also stealthed all ports. Exploits were blocked by the intrusion prevention system, which prevents threats from leveraging vulnerabilities. The system is updated whenever a vulnerability is identified for Windows-based computers. Attempts to disable the firewall were unsuccessful; registry changes, process termination, and simulated mouse clicks all failed. Disabling Windows services had no effect on the firewall since it works at the kernel driver level. This version automatically adjusts configuration for different networks based on the physical address of the gateway rather than IP addresses.
In PC Magazine testing, Norton detected 15 of 16 spyware samples. 13 of the 16 were removed. Against eight commercial keyloggers, the suite removed all the samples. On a clean system, Norton blocked 14 of the 16 spyware samples from installing, and stopped seven of the eight keyloggers from installing.
Version 2008 (15.x)
The 2008 version was announced on August 28, 2007, adding support for Windows Vista 64-bit. New features include SONAR, the Norton Identity Safe, and Browser Defender. SONAR monitors applications for malicious behavior. The Identity Safe supersedes the information filtering function; instead of blocking personal information from leaving the computer, it stores personal information to fill webforms. It is password protected and checks a website's authenticity before filling any forms. Browser Defender inspects and blocks suspicious API calls, intended to stop drive-by downloads. The Network Map identifies networked computers with Norton Internet Security 2008 installed. Remote monitoring allows checking the status of other installations on different computers; problems are identified with a red "X" icon. Using the feature, users also can control network traffic between computers. It also warns users if they are using an unencrypted wireless network. The startup application manager and advertisement blocking features were dropped from this release. Information filtering, although superseded by the Identity Safe in the suite, is available separately. It can be used in conjunction with the Identity Safe.
Phishing protection now integrates with Mozilla Firefox. Testing by PC Magazine found that Norton blocked 94 percent of phishing sites, compared to 83 percent for Internet Explorer 7 and 77 percent for Firefox 2. CNET identified an issue with the feature; when anti-phishing is disabled, the Identity Safe still offers users to automatically submit personal information to websites, including phishing sites. Symantec declined to call it a "flaw", stating it is recommended to use the Identity Safe with anti-phishing enabled. Alternatively, the Identity Safe could be used with Firefox and Internet Explorer's built-in anti-phishing capability.
PC Magazine found that the firewall put all ports in stealth mode. The firewall blocked ten of 12 leak tests, used to see if malware can evade the firewall's control of network traffic. Previous versions did not identify the tests because none carried a malicious payload. Another test was conducted using Core Impact, which successfully exploited one vulnerability on the test computer. However, other components of Norton stopped the exploit from causing harm. The other attempts were unsuccessful either because the system was invulnerable or Norton's Intrusion Prevention System stopped it. Attempts to disable the firewall were unsuccessful by PC Magazine. On the contrary, PC Pro identified 15 open ports on a computer with Norton installed.
In PC Magazine testing, Norton completely detected most of the malware samples. For two-thirds of the samples, all traces were removed. Norton found and removed all the commercial keyloggers. A full scan took nearly an hour to complete though, twice as long as the 2007 version. The suite blocked most of the malware from installing and all the commercial keyloggers, regardless of any modifications made to the samples. PC World noted that Norton removed 80 percent of malware-associated files and Registry entries.
Spam filtering imports users' address books to compile a whitelist of allowed senders. Addresses to which users send mail and e-mail tagged as valid mail can be automatically added to the whitelist. Using several thousand messages, PC Magazine found that Norton marked over 40 percent of valid e-mail as spam. Over 80 percent of valid newsletters were marked as spam. Norton did correctly identify 90 percent of spam e-mail.
Version 2009 (16.x)
The 2009 version was released for sale September 9, 2008. Symantec set several goals for version 2009 while in development: complete installations under minute and a footprint of 100 MB. Average installation times range from eight to ten minutes, and the previous 2008 version had a 400 MB footprint. Other goals included reducing load time after the computer starts, from 20-30 seconds to 10 seconds, and file scanning times with a technology allowing Norton to skip certain trusted files. The technology works on the basis that if a piece of software runs on a significant proportion of computers, then it is safe.
A public beta was released July 14. A reduction in memory consumption was made, prompted by the fact 40 percent of people contacting Symantec support had 512 MB of RAM. The beta uses about 6 MB of memory, compared to 11 MB by the prior version. To reduce scan times, Norton Insight uses data from Norton Community participants to avoid scanning files that are found on a statistically significant number of computers. Citing a NPD Group study finding that 39 percent of consumers switching antiviruses blamed performance, a CPU usage meter will be available within the final product to allow users to find the cause of high CPU usage, whether it be Norton or another program. This version features more frequent updates, a change called Norton Pulse Updates. Rather than deliver an update every eight hours, as the 2008 version does, Pulse Updates are delivered five to fifteen minutes. The Silent Mode automatically suspends alerts and updates when a program enters fullscreen mode and can be manually enabled. The suite's activities take place while the computer is idle, and terminate once user activity is registered. The final release (16.5) bundles spam filtering, which used to be a free download from Symantec. This release also bundles Norton Safe Web, which identifies malicious websites, compatible with Internet Explorer and Firefox. Norton Safe Web color codes search results from famous search engine such from Google and Yahoo for safety. The Norton Safe Web toolbar also includes an Ask.com search box. The search box does not share code with the Ask toolbar; instead the box redirects queries to the Ask search engine. Norton Safe Web is compatible with Internet Explorer and Firefox. Norton Safe Web.
Benchmarking conducted by PassMark Software highlights the 2009 version's 52 second install time, 32 second scan time, and 7 MB memory utilization. Symantec funded the benchmark test and provided scripts used to benchmark each participating antivirus software. Tests were conducted in Windows Vista running on a dual core processor. PC Magazine found the suite added 15 seconds to the boot time, with a baseline of 60 seconds. Norton added less than 5 percent to the time it takes to complete file operations. 25 percent more time was taken to unzip and zip a set of files.
In PC Magazine testing, Norton removed most traces of 40 percent of the malware. On a similar test, specifically using commercial keyloggers, Norton was able to remove most of the keyloggers, beating other tested products. Norton blocked all attempts to install malware on a clean system. Modifications made to the samples did not fool Norton. Norton was not able to block the installation of all the commercial keyloggers.
Phishing protection blocked 90 percent of verified phishing websites in PC Magazine testing. Internet Explorer 7 caught 75 percent, and Firefox caught 60 percent.
Norton stealthed all ports, according to PC Magazine. Port scans were unsuccessful. The firewall blocked all exploit attempts by Core Impact.
Malware blocking and removal garnered good results in PC Magazine testing. All but one malware samples contained within a folder were removed once the folder was opened. The last one was removed when executed. Modifications made to the samples did not affect detection. On a similar test, specifically using commercial keyloggers, Norton did not successfully detect all. In removing threats, Norton almost completely removed 40 percent of the malware samples and related executables. Norton was also able to remove more commercial keyloggers than any other product.
Version 2010 (17.x)
Version 2010 was released officially on September 8, 2009. This version features a technology code named, Project Quorum, which introduces reputation-based threat detection to keep up with the 200 million attacks each month, many of which Symantec claims evade signature based detection. The new approach relies on Norton Community Watch, in which participants send information about the applications running on their computers. Safe applications exhibit common attributes, such as being of a known origin with known publishers. Conversely, new malware may have an unknown publisher, among other attributes. Using the data a "reputation score" is calculated and can be used to infer the likelihood of an unknown application being safe, or malicious.
Other facets of Quorum are parental controls and spam filtering. Norton Internet Security 2010 bundles a free subscription of OnlineFamily.Norton, which PC Magazine found to be an improvement over the parental controls bundled with prior releases. Spam filtering uses technologies Symantec acquired from Brightmail. Two filters are used to find spam: a locally installed one and a check against Symantec's servers to see if the message is known spam. In PC Magazine testing, no valid e-mail were marked as spam. However, 11 percent of spam still made it to the inbox. This was a significant improvement over prior releases. Another improvement to the product is the improved heuristic feature called SONAR 2. It leverages reputation data to judge if a program is malicious or clean. Norton Insight has also been expanded, showing users the number of Norton Community participants who have a certain program installed, its impact of system resources, and how long it has been released. Information about the program's origin and a graph of its resource usage is also provided. A new feature codenamed "Autospy" helps users understand what Norton did when malware was found. The malware's actions and Norton's resolution are presented to the user. Previous releases removed threats on sight and quietly warned users, potentially confusing when users are deceived in downloading rogue security software.
Another addition to the product is the new "Flip Screen". With a compatible graphics card, the main display "flips over" to show the opposite side of the main interface, consisting of a chart of CPU or memory usage and a timeline of security events. Without one, the "Flip Screen" link is replaced by a "back" link, which opens the back of the windows as a separate window.
The product also adds a search engine labeled "Safe Search". The custom search allows the user to filter out unsafe sites, get insight on them, and keep track of HTTP cookies. Malware removal and blocking performed well, setting or meeting records in PC Magazine testing. It achieved a detection rate of 98%. The highest out of 12 tested antivirus products. The exception was blocking commercial keyloggers, where Norton made an above average score. File operations took 2 percent longer, and the file compression and extraction test took 4 percent longer. The only area where Norton introduced a significant delay was when the system was booting, the beta version of the suite added 31 percent to the boot time, significantly longer than prior versions. According to the Norton performance comparison website, Norton Internet Security scans 31 percent faster, is 70 percent lighter, and installs 76 percent faster than the leading Anti-virus product. According to AV-comparatives, Norton Internet Security was "Best Product of 2009", Bronze award for 98.6% detection rate in 2010 and Norton Internet Security 2010 blocked 99/100 internet threats from infecting the user's computer.
Version 2011 (18.x)
Norton Internet Security 2011 was released for Beta testing on April 21, 2010. Changes include a new user interface and improved scanning of internet sites for malware. With the 2011 version, Symantec also released an application that "scans" the user's Facebook feed for any malware links. This application does not require a valid subscription. In a test sponsored by Symantec, Norton Internet Security 2011 was the only security suite to ever achieve a 100 percent protection score in a new third-party test from Dennis Labs. Improved reputation scan provides the user with an easy to understand interface on files stored on the user's computer. Marking them as trusted, good, poor, or bad. The final version of Norton Internet Security 2011 was released on August 31, 2010. New features in version 2011 also include Norton Rescue Tools. These tools include Norton Bootable Recovery tool and Norton Power Eraser.
On December 9, 2010, Symantec released the 18.5 version through Norton LiveUpdate. However, this update was later pulled due to numerous reports on the Norton forums that the update is causing system instability and freeze ups during system scans (both full and quick scans). This issue only affects some customers. Users affected by this update are advised to uninstall the product, run the Norton Removal Tool, and reinstall the 18.1 version from http://www.norton.com/nis11. Symantec later fixed the bugs and re-released the update.
Following the acquisition of VeriSign Security by Norton's parent company Symantec, several of VeriSign's features were incorporated into the 2011 edition. The new product features a new Norton logo which uses the VeriSign checkmark formerly seen in VeriSign's own logo, as well as several new icon changes to the Norton Safe Web and Norton Identity Safe features.
Version 2012 (19.x)
Released (19.1.0.28) on September 6, 2011, Norton Internet Security 2012 brought new features. One of the new features included in the new release is Download Insight 2.0, which not only monitors files for safety but also the stability of a given file. That means that if a file is stable on Windows 7, but unstable on Windows XP, XP users will be notified of the file's instability.
Enhanced removal tools are tightly integrated for better cleanup of already infected systems. Once triggered, the new, more powerful version of Norton Power Eraser restarts the system to locate and remove fake antivirus software fake antivirus software and other deeply embedded threats that are otherwise hard to remove. A new tool called Norton Management helps manage different computers and devices equipped with Norton software from a single location.
Other changes in this release include SONAR 4, Google Chrome compatibility for Identity Safe and Safe Web and the ability to store passwords and notes in the cloud. However, the License Agreement does not guarantee passwords are stored securely and provides no remedy if the cloud vault is compromised.
The user interface is also simplified with only three buttons. The third button opens a more advanced and complicated menu, where the user is able to manage settings and access different product features. The CPU meter that was removed from Norton 2011, also makes a return (only on the "advanced screen").
Combining the netbook and desktop line, Norton Internet Security integrates Bandwidth metering, which controls the product's traffic usage and takes it down to minimum if necessary. This is ideal for networks with limited traffic. Also, the user interface window adjusts accordingly to the size of the computer screen.
This version of Norton Internet Security includes several Easter eggs. Pressing Shift+1, 2, 3 or 4 would change the theme to default background (plain black), ray, animals, and floral respectively. Also holding Control + Win Key + Alt while pressing "performance button" to activate "Crazy Flip", which will make the window flip head over heels. The effect would continue until the main window is closed and reopened.
Furthermore, scans are no longer scheduled through the Windows Task Scheduler, but through the Symantec's proprietary one, which performs tasks while the computer is idle (i.e., when the user is away from the computer).
Version 20.x (2013)
Version 20 (2013) began a "Version-less" approach by dropping the 20xx naming convention, and will automatically update itself as new releases become available. Notable changes include a new user interface better suited for touchscreen devices, "Social Networking Protection," which intends to protect against threats targeted at social networks, and was also the first release to officially support Windows 8.
Version 21.x (2014)
This version, released on October 7, 2013, became the last version to be marketed by Symantec. Norton Internet Security, along with Norton Antivirus and Norton 360, have been replaced with Norton Security.
Version 22.x (2015)
A version 22.5 update was released in June 2015. It includes a restyled user interface and Windows 10 Support.
Norton Security
In September 2014 Norton Internet Security was folded into Norton Security, as part of Symantec's streamlined Norton line.
Maps Norton Internet Security
Netbook edition
Symantec has released a special edition of Norton Internet Security optimized for netbooks. This is available as download from the Symantec website or in a USB thumb drive. Symantec states that the Netbook edition is optimized for netbooks. The main display is optimized to provide support for the 800 x 480 screen resolution. In addition, non-critical tasks are delayed while the netbook is on battery. Furthermore, the Netbook edition contains complimentary access to Norton's secure online backup and parental control to protect children as they surf the web.
Macintosh edition
Version 1.0
Norton Internet Security version 1.0 for Mac was released November 1, 2000. It can identify and remove both Windows and Mac viruses. Other features include a firewall, advertisement blocking in the browser, parental controls, and the ability to prevent confidential information from being transmitted outside the computer. Users are prompted before such information is able to be transmitted. The incorporation of Aladdin Systems' iClean allows users to purge the browser cache, cookies, and browsing history within Norton's interface. Operating system requirements call for Mac OS 8.1. Hardware requirements call for 24 MB of RAM, 12 MB of disk space, and a PowerPC processor.
Version 2.0
Norton Internet Security version 2.0 for Mac was released on ( date unknown if you know please provide it). Version 2.0 also ties in with the WHOIS database, allowing users to trace attacking computers. Users can inform network administrators of the attacking computers for corrective actions. When running under Mac OS 8.1 or 9, a PowerPC processor, 24 MB of RAM, and 25 MB of free space is required. Under Mac OS X 10.1, a PowerPC G3 processor, 128 MB of RAM, and 25 MB of free space is required.
Version 3.0
Norton Internet Security version 3.0 for Mac was released on ( date unknown if you know please provide it). The subsequent release, version 3.0, maintained the feature set found in version 2.0. The firewall now allocates internet access as needed rather than relying on user input using predefined rules. Compatibility with OS 8 was dropped. When running under OS 9.2, a PowerPC processor, 24 MB of RAM, and 25 MB of free space is required. Under OS X 10.1.5 through 10.3, a PowerPC G3, 128 MB of RAM, and 150 MB of free space is required. However, version 3.0 is not compatible with Mac OS X 10.4, or "Tiger".
Version 4.0
Version 4.0 was released on December 18, 2008. Symantec also markets a bundle of Version 4.0 and the 2009 version for Windows, intended for users with both Microsoft Windows and Mac OS X installed. iClean was dropped from this release. The firewall now blocks access to malicious sites using a blacklist updated by Symantec. To prevent attackers from leveraging insecurities in the Mac or installed software, exploit protection was introduced in this release. Phishing protection was introduced in this release as well. Operating system requirements call for Mac OS X 10.4.11 or higher. A PowerPC or Intel Core processor, 256 MB of RAM and 150 MB of free space are required.
Version 5.0
Features
- Norton Safe Web: Proactively protects you while you surf the Web by warning you of and blocking unsafe and fake websites right in your search results. (Mac OS® X 10.7 only)
- Antiphishing Technology: Blocks fraudulent phishing websites created to steal your identity and your money.
- Smart Two-Way Firewall: Prevents cybercriminals from hacking into your Mac®, stealing your personal information and messing with your stuff.
- Location Awareness: Lets you adjust your level of protection depending upon where you're using your Mac® (at home, the office, the local coffee shop, on the road).
- Vulnerability Protection: Updates daily to stop cybercriminals from using vulnerabilities in applications and other software to sneak threats onto your computer.
- AntiVirus Protection: Protects your Mac®, iPhoto® pictures, iTunes® media, iMovie® projects and all your important stuff from viruses, spyware and other threats without slowing down your computer.
- Confidential File Guard: Password protects your stuff to keep it safe from prying eyes.
- Daily Protection Updates: Runs in the background to protect your Mac®--and your stuff--from new, late-breaking threats.
- Email and Instant Message Monitoring: Scans MobileMe®, iChat® and other IMs for suspicious attachments and other tricks used to steal your identity and your hard-earned money.
- FREE 24x7 Support: Symantec provides free 24/7 email, chat and phone support for a period of one year from initial product installation.*
- Protection options for Mac OS X 10.4 to 10.7: Includes both Norton(TM) Internet Security 5 for Mac® (for Mac OS® X v10.7)
Norton vs. others
Norton Internet Security underwent considerable changes in performance after Symantec rewrote their code for the 2009 release. Norton products now have only two running processes, using about 15 MB of RAM. According to PassMark Security Benchmark 2012, Norton AntiVirus and Norton Internet Security are the lightest suites available. AV-Comparatives.org also tested these products and gave similar results. PC Magazine recognized the 2011 and 2012 lines as the fastest and strongest in protection. PCWorld's tests of security software put Norton Internet Security 2009 in first place. In a 2011 test conducted by PC World, Norton Internet Security was the winner. Dennis Technology Labs (in tests sponsored by Symantec) confirmed the performance and effectiveness of Norton 2011 and 2012 lines.
Criticism of older versions before 2009
FBI cooperation
Symantec, in compliance with the Federal Bureau of Investigation (FBI), whitelisted Magic Lantern, a keylogger actively developed by the FBI. The purpose of Magic Lantern is to obtain passwords to encrypted e-mail as part of a criminal investigation. Magic Lantern was first reported in the media by Bob Sullivan of MSNBC on November 20, 2001 and by Ted Bridis of the Associated Press. Magic Lantern is deployed as an e-mail attachment. When the attachment is opened, a trojan horse is installed on the suspect's computer. The Trojan horse is activated when the suspect uses PGP encryption, often used to increase the security of sent e-mail messages. When activated, the trojan horse will log the PGP password, which allows the FBI to decrypt user communications. Symantec and other major antivirus vendors have whitelisted Magic Lantern, rendering their antivirus products, including Norton Internet Security, incapable of detecting it. Concerns include uncertainties about Magic Lantern's full potential and whether hackers could subvert it for purposes outside the jurisdiction of the law.
Graham Cluley, a technology consultant from Sophos, said, "We have no way of knowing if it was written by the FBI, and even if we did, we wouldn't know whether it was being used by the FBI or if it had been commandeered by a third party". Another reaction came from Marc Maiffret, chief technical officer and cofounder of eEye Digital Security, "Our customers are paying us for a service, to protect them from all forms of malicious code. It is not up to us to do law enforcement's job for them so we do not, and will not, make any exceptions for law enforcement malware or other tools."
FBI spokesman Paul Bresson, in response to the question of whether Magic Lantern needed a court order to be deployed, said, "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."
Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Unlike a predecessor, Carnivore, implementing Magic Lantern does not require physical access to a suspect's computer, which would necessitate a court order.
Uninstallation
Older versions of Norton were hard and slow to uninstall, leaving many traces and sometimes completing with errors. However, in the 2009 versions, Symantec featured their own uninstaller, that removes their products better and more quickly, usually in less than a minute. Norton Removal Tool is a well known instrument that removes Norton products completely, without any trace. The tool can be downloaded from Symantec's website].
Symantec reports that Norton 2010 range of products feature a cleaner uninstall and over-installs is the recommended update route to 2011.
Windows Service Packs
When Norton Internet Security 2008 is installed, users may encounter incompatibilities upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1. Users report numerous invalid registry keys being added by a tool named fixcss.exe, resulting in an empty Device Manager and missing devices such as wireless network adapters. Symantec initially blamed Microsoft for the incompatibilities but has since accepted partial responsibility.
Dave Cole, Symantec's Vice President & General Manager, acknowledged that users running Norton products were experiencing problems, but said the numbers are small. Cole also said that Symantec had done "extensive testing" of its products with Windows XP SP3, but this issue was not encountered. Cole blamed Microsoft "This is related to XP SP3." Microsoft recommended that users contact Windows customer support. To resolve the problem, Symantec has issued a fix intended for users before upgrading. Symantec also recommends disabling the tamper protection component in the 2008 release, dubbed SymProtect. A tool to remove the added registry entries is also available from Symantec.
Windows Vista
Sarah Hicks, Symantec's vice president of consumer product management, voiced concern over Windows Vista 64-bit's PatchGuard feature. PatchGuard was designed by Microsoft to ensure the integrity of the kernel, a part of an operating system which interacts with the hardware. Rootkits often hide in an operating system's kernel, complicating removal. Mike Dalton, European president of McAfee said, "The decision to build a wall around the kernel with the assumption it can't be breached is ridiculous", claiming Microsoft was preventing security vendors from effectively protecting the kernel while promoting its own security product, Windows Live OneCare. Hicks said Symantec did not mind the competition from OneCare. Symantec later published a white paper detailing PatchGuard with instructions to obtain a PatchGuard exploit. After negotiations and investigations from antitrust regulators, Microsoft decided to allow security vendors access to the kernel by creating special API instructions.
See also
- Internet security
- Comparison of antivirus software
- Comparison of firewalls
- Peter Norton
- Norton Antivirus
- Norton 360
References
External links
- Official website
- Norton Internet Security For Windows
- Norton Internet Security For Mac
- Norton Partner Portal
Source of article : Wikipedia