Norton 2013 Products Final Released.

Here's another glitch I noticed with the NIS 2013 install.

Went into WIN 7 device manager and noticed 3 of my USB drives were trashed. Two that are associated with my combo floppy/USB device that are card readers and my printer USB driver.

Getting them back no problem. Just uninstalled then and the did a scan for hardware changes and let WIN 7 reinstall the drivers for them.

None the less, really looks like Symantec blew it with this 2013 release. Q/C issues with the "Boys from Bombay?"

Also tried my first resume from standby op with NIS 2013. Everything seemed OK initially except for 130 entries in my eventlog? All related to protocol 0 attempts. I have seen those before but never that many. Shortly thereafter, I right click on the Norton icon on the toolbar. Zip, nada, no response. What? Go to checked statuses in Control Panel and guess what? WIN 7 firewall is turned on plus the NIS 2013 firewall. What the .... So reboot booted and all is back to normal. So far that is. This 2013 version is buggier than a maggot festival at Thanksgiving!

 

I have had no issues at all with 2013 I did however have a few with 2012 when that was 1st released, nothing major but enough for me to resort to using 2011 for 1st couple of months,not sure which release of 2012 finally ran perfectly on my machine but it wasn't any of very early ones,I suppose because of all different PCs with different hardware/software combos I doubt if any product will run 100% for everybody(not just anti-malware,I mean any app)

 

It's unfortunate that NIS is acting up on your configuration. I haven't had any of the problems you mentioned.

 

I guess no one has noticed a major change in how the NIS 2013 firewall works?

In prior versions of NIS, new outbound traffic was set to "auto" which basically only allowed outbound access. In NIS 2013, new outbound traffic if trusted as determined by NIS is set to "allow". The "allow" setting allows all inbound and inbound access. BTW - this includes the default rule created for your browser.

Here's a thread on the subject from the Norton forum: http://community.norton.com/t5/Norton-360-2013-Norton-Internet/Firewall-Rules-Allow-vs-Auto/td-p/775230.

What the ..............!

I have never seen a firewall including the WIN 7 firewall that does this.

Appears Symantec is tight lipped on this one. OP in the thread link I posted above never did a direct answer to his concern on this issue.

 

I am getting the distinct impression that you have something against Norton,if you set Kaspersky to auto that also determines what should and shouldn't be allowed,you don't seem to have looked very far for a firewall that behaves in a similar way,besides the apps that have been given "allowed" status as opposed to "auto" seem to be ones that Norton have got enough info on to be able to say that it is trusted from security point of view,don't forget most folk using NIS would have a clue about how much of a security risk anything on their PC may be or how to configure their firewall to suit,its probably better for most users that it is done this way

 

Actually, I and it appears many others based on postings on the Norton forums are having major reversations about the 2013 releases of NAV and NIS. Most were like myself in that the were long time users of the product.

That said. I happen to know a thing or two about firewalls. Any firewall that is stateful which the NIS firewall is does not need to allow expicit inbound access.

Next, there is the issue of the criteria under which the program firewall rules are being created. It appears NIS is using the Norton Community feedback for this. This leads to some interesting decisions being made. For example, most of my third party program rules created to date have been set to "auto" with detailed rules being created since they were not fully trusted per community feedback. This included Zemana Antilogger among others. CCleaner on the other hand was set to "allow" indicating it was fully trusted. Question is should application status be trusted to a general community of users?

Perhaps this is the "new brave world" of what is now being to referred to as an intelligent firewall. I personally will stick with the old fashioned technique of trusting nothing on my PC. After all, if everything on my PC is deemed "trusted" what do I need application firewall rules for? Just allow everything!

Getting back to the real issue, I don't know of any reason why any application or OS program should be given unrestricted inbound access. If a "trusted" rule is to be created, it should be for unrestricted outbound access only.

 

you'd rather have unrestricted outbound?what if you get a Trojan trying to send info from your pc?thought you understood firewalls?of both options unrestricted outbound is the more dangerous from a security viewpoint and if your behind a router inbound is protected by firewall in nearly all routers on the market outbound is slightly less so due to some older models not controlling outbound traffic at all,bit like windows firewalls on earlier OS's,in the past you definitely needed a software firewall to control outbound traffic,later routers also do that ,you just need to set the rules
If the rules set by Norton are such a problem there is the option to customise them to what you or anybody else would like them to be,I'm afraid that more and more security apps are going towards setting rules/actions automatically by default because they are aimed at the general public,most of who would have no idea what to set the products to to ensure they were secure

 

What does it mean? Why Bombay and not California?

 

think he is insinuating that Norton farmed out the coding for this product to cheapest/cheaper option:-its not relevant really just another dig I guess,put if you look at names in "credits" there seem to be all types of nationalities there!
Besides things made out in the east are usually better made than those in the USA!

 

That is exactly what I did; customize every allow program rule NIS has created so far.

The ones NIS have created to date are security risks in my opinion. For example, giving services.exe unrestricted in/out access. Then there is the wininit.exe firewall rule NIS created giving it unrestricted in/out access. NIS created a rule for lsass.exe giving it unrestricted in/out access.

From what I can ascertain, appears NIS is relying on its global rules to block everything and giving anything else OS related unrestricted access. In a perfect Internet world that would be fine. However, malware does slip by all malware scanners and your first line of defense is your firewall alerting you that a "trusted" system process is doing something it should not be doing.

 

If anybody knows what rules that they want to apply to each application it doesn't matter if your chosen firewall already has a different one set for it than what you like as long as the rules are alterable(is that a word?)which they are in the Norton fire wall,so I cannot see what the problem is,if like 99% of the population you don't know anything about rules to apply to applications then having pre-configured ones is better than letting this 99% trying to do it for themselves and probably causing all sorts of problems for themselves

 

One more glitch I discovered about NIS 2013.

Appears the stateful inspection option only applies to the general or global rules and not the program rules.

"For incoming data traffic, the Stateful Protocol Filter applies the General Rule. The filter first determines if the protocol used by the incoming communication type is allowed. It then identifies the source of the traffic and validates the reliability of the source address. Based on this analysis, the Stateful Protocol Filter allows or blocks the traffic."

For me, this is a not a major concern since my router firewall has a full implementation of stateful inspection.

 

we sell nis and i personally on my own machines will not use it. i was a huge fan for 2009 and mostly in 2010, then 2011 and each year on i lost more andmore interest due to increasing issues and it starting to get heavier (imo) each year that went on. its a great product for a normal every day user though i cant knock that it offers great protection but i find it almost to picky. and for the average person the auto firewall i think is okay if done right. but i much prefer a real app based firewall and when set to this mode nis offers a barrage of pop ups to a user. again not a horrible program it offers great detection but a lot of other stuff irks me and i dont use it because of that.

 

I'm very surprised that you find 2013 heavier than earlier releases,I found 2012 slightly heavier than 2010/2011 but find current release lightest of all,even on pretty old XP machines we have it installed on

 

I mostly agree. 2010 was great. 2011 was a little slower with 2012 being the worst of the bunch. 2013 seems very light but also the buggiest of the bunch. It has greatly improved since the original release. The current build seems like a keeper, even though it still hangs on some downloads.

 

Here's a tip that will save you tons of grief if you configure your own firewall program firewall rules in NIS 2013 on a WIN 7 installation using an IPv4 only router.

Do not under any circumstances turn off "Automatic IPv6 NAT Trasversal Traffic" setting under the Automatic Program Control section in the Smart Firewall settings. If you read the Norton help on this setting, they state it controls Teredo tunneling. Well, I have all the WIN 7 turnnels disabled since they are generally considered security risks since the tunnels bypass firewalls. Teredo is the highest risk since it has to be proper configured to only connect to established worldwide Teredo servers of which only a handful currently exist.

I was very surprised to see this setting turned on by default since Symantec was one of the strongest outfits against Teredo.

Well in true Symantec fashion, appears the help description for this Automatic IPv6 NAT Trasversal Traffic setting is flat out wrong. Turning off the setting appears to disable all IPv6 traffic including local subnet. The result was the Smart Firewall going bonkers and totally overridding all my custom program rules.

 

Just to inform UK users that a new 1 year 3 pc NIS licence can be bought for ~ £12 after 25% quidco cashback. Go to Symantec via quidco.com and then change website address to
http://buy-static.norton.com/norton/ps/3up_uk_en_navnis360_br_nf_360.html

enter code "STORE40", this will bring price down to £14.99 which is what you pay Symantec, you'll get 3 quid or so from Quidco a few months later.

 

You can get NIS 1 PC 1 year for £4.20 using coupon code STORE40: http://uk.norton.com/free-antivirus/promo.

 

nice offers

 

"The Best Security Suites of 2013"
http://www.pcmag.com/article2/0,2817,2369749,00.asp

"As you can see in the chart below, Norton Internet Security (2013) excels in every area."

 

obviously itman didn't have any input to that report!

 

Unfortunately these independant tests along with the AV labs test do not factor in user feedback. In reality, I don't know how they could. They test in isolated dedicated environments. Their primary objective is to evaluate security effectiveness.

Actually what really is needed for all retail software in my opinion is an independant organization that solicits user feedback on product usefullness and reliabilty. I find it interesting that such outfits exist such as WOT and the various security vendor user groups for the purpose of product secuirty safety.

What we need is a 'Consumer Reports' for retail software.

 

I would really like to see that. For all these controled detection rate tests are worth my biggest problems with most of these security suites is the fact that more of them than not are unusable due to conflicts, broken network connections, interferences with Windows Update, and so on. As good as some of them look in print based on those supposed detection rates, the unspoken usability issues are the deal breaker for most of them.

 

Problem is that there is so much different hardware/software configurations out there that there is too many variables for there to be any real worthwhile way of doing so,besides they could be too easily skewed by folk with a dislike of a vendor or product(how would Microsoft do in such a test??),which isn't objective in any way:-At least testing all the products the same way does give a kind of objective result,but some configurations of hardware/software will still favour some and not others,who knows the best answer to this is anybodys guess!

 

20.2.1.22 is being released in a phased manner.

Product Update - 20.2.1 of Norton Internet Security and Norton AntiVirus
Product Update - 20.2.1 of Norton 360