When it comes to anti-malware utilities, a few prominent names stand out, including Norton, Kaspersky, and Sophos, in addition to some smaller and perhaps Mac-only tools like iAntiVirus and MacScan. Among the popular options for OS X is VirusBarrier from Intego, which I recently gave a spin.
VirusBarrier is offered in two versions: the basic VirusBarrier X6 package and the extended Internet Security Barrier suite that includes VirusBarrier and a number of additional utilities. I chose the latter to see what advantages it may offer over the basic VirusBarrier antivirus scanner, especially given recent malware developments on the Mac and people's interest in keeping their systems safe.
VirusBarrier X6: The center of it all
Unlike most scanners that will watch folders and schedule scans, VirusBarrier has both incoming and outgoing firewall options to help keep the system safe. Given that most modern-day malware attacks include attempts to steal data and send it to remote locations, the inclusion of a reverse firewall is an added benefit.
Reverse firewalls (of which another popular option is Little Snitch) allow you to monitor outgoing traffic and allow or deny a program access to external servers. VirusBarrier's reverse firewall, categorized as its "antispyware" feature, when enabled will block all outbound activity unless you specifically allow it. This is done on a network port basis, so when you launch Safari and try to contact a server (such as www.macfixit.com), VirusBarrier will ask you to allow the connection over the default HTTP port (port 80). If you access an online banking site with Safari that uses the secure HTTP protocol on port 443, then VirusBarrier will require you to authorize that connection separately.
Reverse firewalls are a great way to lock down the security of your system. However, because many programs these days use network connections (for update checks, registration connections, syncing, Web connectivity for help files, and so on), if you enable a reverse firewall be prepared for a few weeks of warning messages while you fine-tune the firewall to meet your needs. Initially all connections will be brought to your attention, but (as is the case with Safari) once you've accepted a connection option then this setting will be saved and you won't have to approve it again in future.
Intego's reverse firewall is a solid implementation that should be able to prevent unwanted program registration and personal information from being sent, in addition to catching malware that attempts to make external connections. The firewall warning will also show you where the program is residing on your filesystem so you can quickly access it if needed (useful for tracking down potential malware).
If for some reason you forget to click either "Allow" or "Deny" for the connection, the connection warning will disappear and the connection will be temporarily denied, instead of cluttering your system with warning messages.
The last option in VirusBarrier X6 that stands out is its data-filtering option, which Intego calls Data Vault. In here you can set up a list of phrases that the program will not allow to be sent out over the Internet. For instance, if you do not want passwords or credit card numbers to be sent without you being notified, then you can make entries for them in the Data Vault list. If they are included in the data sent to remote servers, then VirusBarrier will notify you of this activity via a system sound, a dialog box, or an e-mail alert.
While the Data Vault feature is a useful option, I found that it does not work in two situations. The first is if the phrase has any spaces in it, which means it may miss credit card numbers that might have spaces, dashes or other characters in them. Additionally, if the data is encased in another format such as a ZIP file (which is often how malware packages personal information for sending to remote servers), then Data Vault will not catch it.
Beyond these features VirusBarrier includes options for filtering ads, cookies, phishing attempts, and other potential threats when surfing the Net, and also offers options for blocking specific incoming activity with its firewall, which appears to be a highly configurable option, far more than Apple's basic Application Firewall.
Intego's security suite offers a number of additional utilities for increasing system security in addition to its main malware scanner and firewall utility. These include ContentBarrier, for managing what users can and cannot do on the system, FileGuard for encrypting collections of files, Personal Backup for backing up collections of files or the whole system, and Personal Antispam as an enhanced junk mail filter.
Finally, ContentBarrier has a recording option that can take regular screenshots of a user's session, and also log a user's keyboard activity, both of which can be reviewed to see what a user has been doing on the system.
For systems with one user account, Intego's ContentBarrier tool is rather pointless, but in family situations it may be beneficial to set up a separate account that kids can use, and then use this program to monitor and limit what they are doing.
Unfortunately, FileGuard does seem to have a bug or two. After installing Security Barrier I tried creating a file safe with the program, but upon opening the safe FileGuard issued an error stating the safe was corrupted and would not mount. Subsequent attempts did result in working safes, but it was a little disappointing to see my first attempt immediately run into problems.
Overall Intego might do better to create a tool to manage encrypted disk images themselves, instead of reworking them into separate applications the way FileGuard does. However, if you would prefer to have more options like floating the encrypted files window above others, then FileGuard may be useful to you.
- Personal Backup
Like most backup options, the program can schedule and maintain per-folder and per-file backups, but in addition it can create bootable backups of the system and keep these synchronized. The interface for the program is fairly intuitive, especially for those who have used Apple's Automator, since in a similar way the program offers backup scheme options that flow into each other. For instance, with a backup routine you can have a preparation step in which scripts are run, followed by exception rules that prevent the inclusion of some files, and then a finishing step that can run additional scripts if needed. These steps can be mixed and matched, based on your needs.
- Personal Antispam
The final option in Internet Security Barrier is the Personal Antispam tool, which is an advanced junk mail filter that interfaces with Mail, Entourage, and Outlook. Apple's built-in junk mail filter works for some junk, but does make errors quite often and depending on the situation may not be adequate to meet a user's needs. There have been a number of Junk mail filters developed for Mail over the years, including JunkMatcher and SpamSieve, and Intego's Personal Antispam is another. All of these are great ways to manage junk mail, but if you install Internet Security Barrier for its other benefits then you get the Personal Antispam tool included.
After using Intego Internet Security Barrier for a while, I've found the suite definitely offers a more secure environment without much intrusion into the system with its default settings. The basic configuration offers adequate security for most purposes, but you can configure it to lock down every aspect of your system if necessary, from the management of Internet cookies, to every connection attempt your system makes, to filtering and blocking programs and content that are sent over the Internet.
The Personal Antispam tool does make a few initial mistakes, but seems to learn quickly and is far more robust than Apple's built-in junk filter. ContentBarrier is a nice enhancement to Apple's Parental Controls, taking the filtering and management options a step or two further. FileGuard may work for some people, but isn't a necessary application given Apple's built-in options, especially with the presence of FileVault 2 in Lion. Lastly, Personal Backup is an OK option, but free tools like Carbon Copy Cloner can provide similar if not better and more tailored backup options, and Apple's Time Machine is proving hard to beat.
These tools in Security Barrier seem like add-ons to the main functions offered in VirusBarrier X6, but they are nice enhancements to have available. As with any security suite, there is potential for turning on too many restrictions, which can result in constant messages and warnings, but the program provides easy ways to customize its behaviors and turn features off.
Despite some unnecessary aspects of the suite, Intego's Security Barrier offers robust options for securing your system and tackling threats such as malware, network attacks, and unwanted outgoing connections. Overall, it is the most complete security and data protection package I've seen to date.