Like many in the security industry are doing, Kaspersky Internet Security 2010 leverages anonymous data from its customer base to create a behavioral engine to further strengthen security safeguards. The new version also introduces several useful ancillary tools, including a sandboxing feature for running programs with a significantly reduced risk, and an auto-run disabler for closing up a pernicious Windows security hole. Frustratingly, a significant flaw in the interface design stands out because it's related to a key feature. Meanwhile, performance felt fine but benchmarking revealed inconsistencies.
Kaspersky Internet Security 2010 will run on Windows XP, Windows Vista, and Windows 7. It costs about $20 more than its competitors, but one license can run on up to three computers. Installation offers a Custom method for advanced users to configure which components will be installed, including parental control, the various antivirus engines, and the virtual keyboard. There's also an option to not install the anonymous data collection that Kaspersky's new behavioral engine, the Urgent Detection System, relies on. If you choose to not install it, you won't be any less secure--you just won't be contributing your data to it. If you do, there's a data collection statement so you know what's going on legally, although I suspect that most users will treat it like any other legalese EULA and ignore it.
The program will also ask you if you want it to disable your firewall if it's active, and offers a protected install process so your computer is no less safe. People can activate the program through the trial period or by purchasing a license immediately, and they can also toggle the program's sensitivity to user input by choosing the less-intrusive "trust Kaspersky" option or the more customizable "ask for user input" when it detects a threat.
You can also configure definition file updates as automatic--which is the recommended option--scheduled, or manual, and users will be able to password-protect Kaspersky's settings. This is a smart safety feature for computers that have more than one user. The last configuration window under the advanced user installation will ask you what kind of malware you want KIS to detect.
Once you've finished the installation, KIS won't require a reboot as it has in the past, although uninstallation still does. The first window that opens will be a virus definition warning that your local virus definition database requires an update. Clicking the link will open the main Kaspersky window and begin updating the program.
Overall, only power users should choose the longer advanced installation process, but the experience was smooth and flawless on a Windows 7 RTM laptop. It had no conflicts with the already installed security program AntiVir, and after uninstallation only two minor traces of the program were found in the Registry. Uninstalling using the included Modify, Repair, or Remove tool allows users the opportunity to keep certain program data on the computer, such as the contents of the sandboxed Safe Run Shared Folder or activation data, and after the reboot KIS had reactivated the Windows Defender firewall.
Interface and features
The full-featured suite, Kaspersky Internet Security, offers a complete and competitive range of security options. The new features in the 2010 edition include the aforementioned behavioral-based detection system called the Urgent Detection Sytsem. The UDS utilizes the anonymous data of 10 million of Kaspersky's customers who choose to participate in submitting their system scans to Kaspersky's central servers for analysis, and it "red flags" suspicious behavior so that even if a program used to be safe, it can shut down a newly activated malicious intent.
Although this might sound insidious, it's actually a smart way to leverage a huge consumer base for security purposes as long as the data remains anonymous. Many other security suites are incorporating behavioral detection engines, so this is something that users will have to get used to if they're not. Among UDS's better sub-features include the capability to customize how long it takes to pass judgment on a new program and per-user configuration of the rules governing program behavior.
Even if a program has deep penetration, if it starts behaving badly, then Kaspersky will block it. If it's an unknown, Kaspersky will treat it skeptically, monitoring and restricting the program until it has been proven safe. The Vulnerability Scan option, available under the Scan tab, utilizes tech from Secunia to determine which programs are potential security risks because they lack recent updates or patches. For programs that may not warn you that they have a pending security update, such as Adobe Flash, having this tool baked-in could be exceptionally useful.
The tools offered under the My Protection tab are nothing short of robust. There's antivirus protection for files, e-mail, HTTP traffic, and instant messaging. Application control, the aforementioned UDS, includes options for customization, should you need to force access for a specific program that Kaspersky is identifying as a threat. There are protections against spam, phishing, and banner ads, firewall control, and a network monitor to track network activities for users who like to drill down deep into their system's behavior. There's also a Parental Control filter, with options to outright block children from particular sites or merely log events. By default, the Parental Control filter is off, and when activated it assigns all other users on the computer Child status until directed otherwise. There's a Teenager status, as well, for more granular control of restrictions.
The My Security Zone tab is where most of the application control features live. From here, a clean chart organizes your installed programs according to trustworthiness, the Digital Identity Protection feature allows you to uncover which files your personal information resides in according to the program, and the Safe Run sandbox can be controlled. Safe Run nearly doubles the amount of RAM the program uses, but provides a secure environment for launching a program. Safe Run also comes with a sandboxed folder into which you can save files without worry. The feature currently will not run on Windows 7 computers, but Kaspersky has told me that they expect to have the feature fixed before the October release of the new operating system.