Interesting Test -- Norton Impresses Me

I'm also impressed with symantec.


http://www.symantec.com/business/se...=security_advisory&year=2010&suid=20100727_01

 

Exactly. Well said.

Thanks.

 

Here is the reason why

 

Well fair enough answer coz the novice users would never use BETA applications

 

That is likely because their analysts deem the rogue not to contain malicious code per se. This is the problem with these fraudulent programs and many AVs will not detect them. That said, several AVs are playing catch up in this area, but it is difficult when the file itself may not be malicious.

 

You may be misunderstanding the approach used by Norton Internet Security and the power behind it.

It would be trivial, of course, to block everything that is not “whitelisted” -- but that is not what the product does. Instead, the product maintains and queries a massive in-the-cloud resource of all executable files on all of the tens of millions of PCs around the globe participating in the Norton Community to assess the trustworthiness of a file. Yes, this assessment includes the prevalence of the file; but it goes beyond simple frequency to include the digital signature, the origin of the file, the recency of the file, etc. Furthermore, the confidence of the trustworthiness of the file is constantly updated as additional information from the Norton Community is gathered.

 

In addition to what Pleonasm described , it is also worth to mention that the whitelisting is constantly being updates - all the time , every second and a file which has first been untrusted can gain good reputation in just an hour or two (if it is really good file). Thanks to the approach Symantec use , they successfully block thousands of new malware every day which can't be otherwise blocked. And as it was posted by someone , common users use typical software most of the time so they are less likely to come accross a new file - clean one.

 

Yeah it's easy to forget sometimes that average users for the most part employ a quite narrow array of software,unlike the weird and wonderful stuff the typical Wilders dweller does .

 

So in conclusion Norton rules?

 

nah, as I am finding out, I beg to differ.

 

So , who is the ruler as for today ?

 

The last time i tried Norton 360, i felt like it was just the usual AV suite xD
Nothing special, though, i never tested it but i installed it for a few weeks

 

your thinking of norton like 4 years ago. its very light weight now. I thought KIS and avast were heavier on my test system than norton.

 

Did you happen to read my post? I answered this question in it.

 

Some people are so protective of their view on AV . I'm sure there are those who will argue the validity of my test but i those with an open mind will see it for what it is . I'm not trying to convince anyone to use any product and just wanted to just share my results. To me is valid because the links are quite random i chose and no matter how much you argue the point i know which one was left standing at the end .

 

Yes i'm sure kaspersky would have done better with tweaked settings but how much should you have to dig into the detail settings of a AV product for it to protect you? I didn't tweak and settings of any of the products i tested other than to do a full update. For example in NIS i could have easily set the heuristic protection to "Aggresive" but i didn't because this is not what 99% of the users are going to have it set to. They are going to just install their AV product and leave it at that.

 

I never said Norton was not good
During the time i had it installed never experienced any problems, error or FP, but i never tested it extensively

 

Norton's Sonar system is epically awesome.

 

Too many false positives with Sonar, alerts on everything, and a firewall that is either too chatty or too quiet. Everyone has their own preferences, and Norton wasn't for me.

 

What did you “find out”?

Everyone’s experience is different, but personally I have never had a single false positive from SONAR nor seen anything close to “alerts on everything” when using Norton Internet Security 2010.

 

a bunch of off topic posts ruled out. Please stay on topic. Thank you

 

well i must admit i was kind of skeptic but i gave it a shot and it is just great

Sonar is a powerful tool indeed.

 

Any 'professional' tests consider a Norton Insight warning a pass/detection? Which ones if any?

 

Of course you're going to get false positives from the Sonar. That's what it's there for - warning people the file might be unsafe because it just recently showed up in the cloud. Obviously, when new version of applications are released, you're bound to get a reaction from Sonar. That's what it's there for. Furthermore, with the Sonar technology and the amount of people using NIS in the world (they're the biggest AV-company, am I not right?), a false positive will get corrected as more (A LOT OF) people download and installs the file.

I'm not using it, but I've been trying a trial of it, and it's epically awesome. Wish PCA and Prevx would do the same thing - warn me when I've downloaded which is not safe. As it is now, I only get a warning when the file is executed and then it might be too late to let me know the file was unsafe (especially when it's a rouge AV).

 

You've written a lot and it is wrong . Too bad you have spent your time in writing nonsense.

The cloud of Norton (Insight) is different from SONAR .
While Insight is a reputation system , SONAR is a behavioral analyzer/blocker . SONAR3 in Norton 2011 checks for about 400 potentially dangerous actions and blocks suspicious files based on what they are doing against the system . Additionally , SONAR uses data from other Norton modules to help determinate if a file is good or bad , and SONAR3 particularly adds criteria for known goods files - files that can't be bad (based of specific good behaviour of a file).

False positives of SONAR can be fixed either by removing a specific rule (this might be a bad idea) or by entering a file into Norton's Iron Whitelist.

The Cloud - Insight is completely different module in Norton.
It seems to me you are talking about Insight .