We’ve often been impressed by Kaspersky’s rock-solid anti-virus applications, and it was a pioneer in the use of heuristic scanning technology. However, with Internet Security 6, it’s finally adopted a holistic approach to the blended security threat. Kaspersky has a well-implemented control panel user interface, with a reassuring clarity to its status screen information. But delve into the configuration settings and you’ll appreciate the power on offer.
Unfortunately, our enthusiasm is tempered by the far too frequent need to restart the computer after downloading updates. In fact, during the full system scan Kaspersky closed down, popping up a message that it needed to “reconnect”. Once running again, we were informed the application had been updated and a system reboot was required.
Beyond that, the Anti-Virus component itself is hugely impressive. All email, files and downloaded web content are scanned in real-time, yet the impact upon system resources is negligible thanks to the ability to suspend scanning operations during resource-intensive user operations. This resource throttling, coupled with the fact virus and spyware scanning are integrated into a single process, lifts Kaspersky above most of the competition in this regard.
There’s much to be impressed by, such as the improved scanning speed and quicker downloading of database updates, as well as the inclusion of hidden code detection to protect from rootkits, and the ability to actively protect against zero-day attacks. The spyware protection is also well implemented, with a rollback option for the file system and Registry, removing all references to a malicious file when it’s removed and restoring the system to its former state. Although the initial integrated virus/spyware scanning isn’t particularly fast, Kaspersky doesn’t rescan unchanged files, so it’s quick at subsequent scans.
Proactive Defense monitors your system for suspicious activity such as hidden rootkit processes, unusual values in the Registry, launching of a web browser with parameters, and scanning Visual Basic for application macros with suspicious code. While the Anti-Hacker module is a standard software firewall, it installed in “low security mode”. This allows network activity of all apps except those prohibited by user-defined application rules, rather than the preferable “training mode” that prompts the user for action when any app attempts to connect to either the LAN or internet.
The Intrusion Detection System, however, is thankfully toggled on. This blocks the attacking PC for a default of 60 minutes if port scanning, DoS or other “intrusion attacks” are detected. Although our stress testing proved successful with regard to stealthing system ports and configuring basic apps, expect the usual barrage of confirmation boxes to click through during the initial training period. Kaspersky also passed our exploit tests with flying colours, although we recommend configuring Proactive Defense to track changes made to applications’ components via the application integrity control, and monitor changes to core system Registry keys by enabling the Registry guard.
The Anti-Spy feature takes an active stance, blocking access to known sites with potentially dangerous content, but it goes downhill after that. The Anti-Phishing component creates so many warnings, many false positives, that we suspect people will simply disable it. Similarly, the anti-spam module detected only 82% of our known spam, with 7% being wrongly flagged as spam.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
