Norton Internet Security 2010 beta: Different approach, new features, some glitches

Computerworld - The just-released beta of Symantec's Norton Internet Security 2010 is more notable for what's under the hood than what you actually see. However, if you're planning to try it out, you'd better not do it on your main PC -- this is not only a beta release, but a temporary one as well. Currently, the installed beta says that it is good for only 14 days.

A shift from signatures to reputation

Symantec's comprehensive suite offers protection against viruses, Trojans, rootkits, spyware and malware of all kinds, as did the previous versions. Like those versions, it includes a firewall, intrusion protection, e-mail protection and Web protection; for example, it integrates with your browser and search engine to warn you away from visiting sites that might be malicious.

Symantec says that the newest release of its security suite marks a major shift away from signature-based detection to what it calls "reputation-based security technologies," which it claims offer more complete and up-to-date protection.

According to Symantec, traditional signature-based solutions simply can't keep up with the massive amounts of new malware released every year. The company says that Symantec researchers see more than 200 million attacks on PCs every month, many of them threats not seen before that may slip by signature-based security software. Because of that, the company claims, signature-based solutions by themselves can no longer adequately protect PCs.

Its new reputation-based security strategy relies heavily on Symantec's global product reach, in which millions of people who use Norton products and opt in to the Norton Community send information anonymously about the applications running on their system. Using this data, Symantec calculates a "reputation score" for applications, and uses that reputation score, in addition to traditional malware signatures, as the engine to keep PCs safe in Norton Internet Security Suite 2010.

Norton Internet Security 2010 scans a system for vulnerabilities.

Norton Internet Security 2010 isn't the first time a reputation-based technology has been used by anti-malware vendors. Cloudmark Desktop, for example, has been using it for years to protect against spam. But Cloudmark is a far smaller company than Symantec, with a smaller user base, and not as comprehensive a security suite. In addition, protecting against spam is far simpler than protecting against the myriad constantly evolving threats on the Web.

These days it takes a large-scale lab to judge whether reputation-based security is superior to signature-based security, so the final answer will have to wait until the fall of 2009 when NIS 2010 is expected to be released in final form. At that point, various labs will weigh in with their results.