Kaspersky Internet Security continues to provide users with a high level of protection that includes security tools not offered by many competitors. The 2012 version won't change the face of personal computer security, although this particular package of security options and top-shelf performance has attracted enough devotees to make it a best-selling program, both in and out of the security field.
Installing Kaspersky 2012 was not the chore that last year's was. Kaspersky 2011 was plagued by a bug that would halt the installation process if even minor registry keys from competing suites were detected. The 2012 version had a smooth and fuss-free install, and although it didn't demand a reboot once completed, we found that registering the program wouldn't take until a system reboot was completed. Basically, you're on the hook for a reboot here. It's annoying, and there's nothing to be done about it because of the deep hooks into your system that security suites require.
In the security suite business, there's a lot of cribbing and looking over the shoulder of the kid sitting next to you, so Kaspersky's radically different new interface is a pleasure to use. First off, it doesn't suck the life from your eyeballs. It retains the green, white and grey scheme from previous years, and the rest is new.
Based on a mobile app-drawer design, it presents your security status at the top and stashes the four major security features of scanning, updating, parental controls and access to ancillary tools at the bottom. The app drawer layout puts key security status information up front, and keeps your tools organised yet easily accessible below. You can slide the features sideways to see more options, or click the arrow at the bottom to pull up drawer-style the full list of options. Settings and Reports live in the upper right corner, and both use terminology repeated throughout the interface. This creates a solid level of consistency, and ought to appeal to basic security consumers and power users alike.
A Cloud Protection button at the top of the interface opens a screen that explains Kaspersky's new cloud technology. Like its competitors that have already incorporated cloud-based detection, you can opt out of anonymously contributing your data. (This doesn't make you any less safe.) Kaspersky's opt-out is a bit tricky to get to, though. Hit Settings, the annoyingly unlabelled Advanced Settings tab, Feedback and then uncheck the box to opt out.
Unlike competitor Bitdefender, which allows you to reorder the tool buttons so that you can have the ones you use most often at the ready, Kaspersky's tool layout is locked down. This is one of the few drawbacks to the new design. Another is that in the Settings window, the tabs on the left are unlabelled and their icons are not necessarily as obvious to understand as possible. In order, they are Protection Center, Scan, Update and Advanced Settings.
Labelling aside, the settings themselves were remarkably easy to navigate and comprehend — even the advanced ones. Meanwhile, jumping from feature to feature was a zippy experience, and we encountered absolutely no lag when skipping between screens.
Features and support
The most notable improvement in Kaspersky Internet Security 2012 is its new cloud-based detection network. It sends data anonymously to Kaspersky's servers, where a combination of automatic and manual processes figure out whether that new program you've downloaded is safe or not. The point of cloud-based detection is to lighten the suite's load on your system, while providing faster real-time defence. As you'll see in the Performance section of this review, the changes have made Kaspersky better at keeping you safe.
The Safe Run sandbox has been changed, too. The updates to Safe Run allow it to be used on the desktop itself, protecting users system-wide. The in-app access to Safe Run includes a folder that bottlenecks files created during Safe Run, allowing them to be saved to the unsandboxed desktop but scanning them for threats before allowing them to move freely about your system. Transitioning between sandboxed and unsandboxed states is smooth. It's been designed to resemble the Windows default remote access tool, so using it feels like a native Windows feature.
The File Advisor is a Windows Explorer context menu option for checking out a file's reputation without having to go through the main Kaspersky program itself. It creates a pipeline from the Kaspersky Security Network, or KSN, to the files on your desktop. We found it to pull down reputation data quickly, although its speed also will depend on your internet connection. The Safe Run sandbox, which lets you run potentially dangerous programs in a walled-off garden, now works with both regular applications and websites. A green frame tells you when it's active.
The System Watcher was introduced last year as a fancy name for the refurbished system log. The Roll Back feature has been punched up in 2012, so the suite can now easily undo or roll-back damage caused by any malware that does slip through, and the Network Monitor feature shows you real-time traffic to and from your computer. Among the better ancillary tools are an Internet Explorer security analyser, a good idea if you're stuck on Windows XP and IE8 or earlier. It's weird that it doesn't support any other browsers. There's also a virtual keyboard for when you're worried about keyloggers. It's mostly an older feature that Kaspersky keeps around for bragging rights, because it's highly unlikely that you'd have Kaspersky running and be infected by a keylogger.
The features available in the desktop gadget have been overhauled to more closely reflect the full user interface (UI). Click the centre of the monitor-style gadget to open Kaspersky's interface. Across the bottom are four buttons: Update; a security-action Task Manager; Reports, for digging into what Kaspersky's been doing; and a one-click button for jumping right into Safe Run. It's a well-designed tool that puts the most essential Kaspersky tools front and centre. Security features worked just as fast as when going through the main program.
If you're familiar with current security suites, you know that they all have some variation of a "Quick Scan". Kaspersky eliminated this last year, instead introducing a Vulnerability scan and Critical Areas scan to complement the Full Scan. Part of this, we suspect, is because Kaspersky's scans just aren't that fast. It does refocus the user's attention on the nature of what the scan is looking for, although seeing as how most people probably want their security to just work, it might be a trend that's not worth bucking. When a scan is complete, it provides you with a list of recommended actions and information as to whether the problem ought to be fixed ASAP or whether it's a minor issue, like a tracking cookie.
Kaspersky Internet Security 2012 (KIS) shares the same detection engine as its less feature-laden sibling, Kaspersky Anti-Virus 2012 (KAV), so both are discussed here.
Kaspersky 2012 doesn't focus on speedy scans as much as its competitors. For most of the scan's duration on a real-world computer, it promised to complete in less than three minutes, when in reality it took an average of eight minutes, 10 seconds to complete over three runs. Meanwhile, the Full scan tightened up and completed scanning in one hour, 32 minutes — that's about average for Full Scans.
CNET Labs' benchmarks bear out these findings. The in-lab scan time for KIS took 1320 seconds, faster than last year's 1750 seconds and yet still the slowest scan we've seen this year. KAV took 1208 seconds, also faster than last year's and one of the slower scans this year. Note that CNET Labs has changed test computer operating systems, from a 64-bit version of Windows 7 to Windows 7 64-bit running Service Pack 1, so while we can mention the differences from last year's results to this year's, they're not directly comparable.
Kaspersky's system performance was fine once the computer had warmed up. The boot-time impact was atrocious, with KIS slowing down boot by 21.3 seconds and KAV adding 24.3 seconds. Shut-down impact was better, with KIS adding 12 seconds and KAV adding 9.6 seconds. On MS Office, iTunes decoding, media multitasking tests and Cinebench, the two suites were around average. However, as mentioned earlier in the review, Kaspersky felt light when using it, and it transitioned smoothly between its different features and when jumping to other programs.
systems (to date)
Note: all tests measured in seconds, except for Cinebench. On the Cinebench test, higher numbers are better.
As far as threat detection and removal go, Kaspersky retains high marks on both counts. Independent testing agency AV-Test.org has marked consistently high scores for Kaspersky Internet Security 2011 during the first two quarters of 2011. On a Windows 7 computer, Kaspersky scored 5.5 out of 6 on Protection, 4.5 out of 6 on Repair, and 4 out of 6 on Usability, for an overall score of 14 out of 18, clearing the minimum of 11 for an AV-Test.org certificate.
In the second quarter, on a Windows XP computer, Kaspersky Internet Security 2011 and 2012 did much better. The suite hit 5.5 out of 6 on Protection and Repair, and 5 out of 6 on Usability, for a total of 16 out of 18, one of the best scores. However, it was one point off from the best-rated suite, Bitdefender.
Note that AV-Test.org defines its categories as follows: "The 'Protection' covers static and dynamic malware detection, including real-world zero-day attack testing. In case of 'Repair', we check the system disinfection and rootkit removal in detail. The 'Usability' testing includes the system slowdown caused by the tools and the number of false positives."
Third-quarter results aren't in yet, but results shared by AV-Test.org with CNET indicate that the suite continues to perform well. It notched a 99.4 per cent malware detection rate, higher than the overall average rate of 98.5 per cent in May 2011 certification testing and just behind Bitdefender's 99.53 per cent. The suite was able to remove 100 per cent of active malware infections, matching the industry average, and 94.4 per cent of rootkit infections. The rootkit infection detection and removal rate far surpassed the matched industry average of 44.4 per cent. In AV-Test.org's zero-day attacks test, Kaspersky blocked 94.6 per cent of the attacks, compared with the average May 2011 certification results of 80.5 per cent. The suite also did not generate any false positives.
In short, AV-Test.org found Kaspersky 2011 and the new 2012 to be highly effective security protection.
The most recent AV-Comparatives.org Whole Product test, which looks at on-demand scanning, retroactive tests and "real-world" guards including cloud-based protections, puts Kaspersky 2011 in the top six suites tested. The June 2011 test found that it blocked 98.3 per cent of attacks and threats thrown at it, only behind F-Secure, Panda, Trend Micro, Bitdefender and GData. Meanwhile, looking at Whole Product test results cumulatively from January 2011 to June 2011 found that Kaspersky 2011 came in eighth, blocking 97.7 per cent of threats.
A third testing lab, Dennis Technology Labs, found Kaspersky Pure 2011 severely lacking on the efficacy front. Dennis Labs placed Kaspersky seventh out of 11 suites tested, with a Total Accuracy score of 101.75 out of 150.
It's fair to conclude that according to third-party tests, Kaspersky has been highly effective over the past year since two out of the three tests we looked at gave it solid marks. However, because of slow scan times, a big impact on boot time, and not getting the highest scores on the detection and prevention tests, it's also fair to say that Kaspersky could do better.
No doubt that Kaspersky Internet Security 2012 is a solid suite, with some innovative approaches to keeping your computer virus-free and your data secure. Hopefully, its new cloud tech will get it even higher efficacy scores, and allow its engineers to work on making it faster.