Summary: Malware terminology has become more confusing over time. Definitions for anti-virus, anti-spyware and internet security are unclear and inconsistent.
What is difference between antivirus and internet security? How to compare two products for their dependability when both offer same services?
•
I'll start by saying that it's a confusing mess.
I'll also start by lumping them all together as "security software", and then point out that the confusion is really in some security software vendor's best interest.
Why? In the name of fear, people purchase more security software than they need.
So let's compare the various terms.
•
First the basic, "big three":
Anti-virus programs scan for viruses and related malware by examining the files on your system for patterns of data that have been identified as being viruses. On some regular basis the database of patterns the programs use is updated to contain the latest information on known viruses.
Anti-spyware programs monitor your system as you use it for behaviours that are known to be spyware-related. For example, an anti-spyware program might trap attempts to change your browser home page, or attempts to install software that starts automatically.
Firewalls prevent malware from reaching your machine through your network. They don't prevent things you control, like downloads or email, but rather stop attempts to connect to or infiltrate your machine without your knowledge or participation.
In short, you should have one each of all three.
It's seems simple, but sadly it's not.
"Internet security suites" are, in essence, bundles of two or more of the basics above, and typically also include additional security software or shortcuts as well. For example, one extremely popular internet security suite contains all three: anti-virus, anti-spyware and a firewall, as well as calling out "phishing" protection, keylogger protection, website reputation information, email and download monitoring, spam filtering, parental controls and even throws in some PC performance tools to boot.
Everything but the kitchen sink, it seems.
Once again, on the surface it seems like a good idea. Who wouldn't want all that?
Based on my experience here at Ask Leo! I've become fairly biased against internet security suites or bundles. I see several problems:
-
I get more problem reports about security suites than I do with the individual programs that they replace.
-
From what I can tell, most suites are based on one very good program - say an anti-virus tool - and then add additional tools and features, typically of lower quality, simply so that they can claim a longer checkbox list of features.
-
Much of what these suites call out as separate features are, in fact, fundamental to one of the big three tools anyway. Saying you have "keylogger" protection and spyware protection, for example, is redundant.
-
Much of what these suites include is also unnecessary, or not something I'd go to them for. I wouldn't use my internet security suite to try and tune up my PC, for example.
But, that's what internet security suites are: they give you a lot of stuff in a single package; some of it good, some of it not so good, some of it, in my opinion, completely unnecessary. And with so much stuff being added to your system, it's not at all uncommon for the suites to in fact cause both functional problems and system performance issues.
Now, there's one other point of confusion that's worth addressing: the growing convergence of spyware and viruses and the technologies that scan for them.
You've probably seen an increase in the use of the term "malware". That's a generic term meaning "bad" "software", and is used to encompass viruses, spyware and in fact anything else that might come along.
The problem is that the line between viruses and spyware isn't nearly as clear as I've painted above. And as a result, the scanning and prevention technologies are also overlapping more and more. In fact, some tools are now starting to label themselves as simply anti-malware, since their approach and their coverage seems to straddle the definition.
Unfortunately, it leaves us in an interesting position: if you know you need both anti-virus and anti-spyware tools, is a single anti-malware tool sufficient?
Maybe.
It all depends on the specific tools involved.
My recommendation for determining which tools are right for you, and which might be better than others, is simply to do some research on the internet. I'm a huge believer in reputation as a guideline. While no tool has a perfect reputation, you'll often see both good and bad information that will allow you to compare relative merits.
But, ultimately ... well, I told you it was a confusing mess.
Related:
-
Do I still need anti-virus software if my computer came with a security suite? Many computers come pre-configured with security suites. I'll look at why you might or might not want to keep them, and why they might not be free.
-
What Security Software do you Recommend? I have recommendations for specific products in various places on the site. Here's a short single page summary.
-
How do I pick the right tools to protect my system? There are many choices when looking for solutions to protect your system. I'll review how I look for things and how I make my decisions.
Article C3880 - September 27, 2009
I only use trial versions of internet security suites.I change them every month or two.Security suites offer more protection than a personal firewall or antivirus.I think it's worth the money to buy one.
Posted by: Andrew at September 29, 2009 2:30 AMI agree that some of the suites are not that good overall, but they are getting better. There are several good products now that combine anti-virus and anti-spyware (Webroot's Antivirus/Antispyware and Sunbelt's Vipre specifically are two very good ones.) Some people prefer using free products and while many are quite good, I have found most lacking in one or more important aspects. I prefer paid products, but I do use the free ones to double check on my paid versions. Also, as pointed out, no one product finds everything, so best to use an array of products to checks things. Just don't run two anti-virus programs at once or two Firewalls at once, as you can get conflicts.
Posted by: David Hutchins at September 29, 2009 9:48 AManti spyware free I have used ADAWARE and found it excellent and also PC Tools Spy Doctor downloadable ffree fromm Google pack (has a lot of good free programs.
Posted by: Bob at September 29, 2009 10:52 AMAntiVirus free Try Bitdefender also Comodo now has a free one that is supposed to be good
I have to agree with you Leo, Suites are bloated, resource hungry tools that just don't cut it in my opinion. I use AVG free, a variety of free online virus scanners and at least three different spyware and malware tools of the paid variety. My router provides the main firewall and I use Windows 7's firewall.
Posted by: Craig Griffin at September 29, 2009 1:15 PMHave you ever used a Live CD to scan for viruses? I've heard some guys working on a Linux live CD that you basically boot the computer into Linux, and it scans for problems... The idea being a virus written for windows won't effect linux... you heard of it?
Justin Davis
30-Sep-2009
damn my link looks huge. sorry about that I can blog at work, but they make me put a disclaimer on everything
Posted by: Justin Davis at September 29, 2009 3:15 PMI have several different "security" apps on my computer. Only is running "real-time" and, that is ZoneAlarm Security Suite (ZASS). The other apps, while installed, are not set-up to run in real-time. I use these other apps to perform scans of my computer (manually - if no scheduler is available) to look for "stuff" that the primary app (ZASS) may have missed. Each app is run on a weekly basis. This may be "over-kill" but, for me, that's what I want. Safe computing yaw-ll!!!
Posted by: Michael at September 29, 2009 7:22 PMThe Live CD to scan for viruses may be a reference to the Ultimate Boot CD for Windows. It boots to Windows however, not to Linux. This makes sense as antimalware software runs on Windows. See ubcd4win.com and this
http://www.esecurityplanet.com/features/article.php/3821001/The-Best-Way-to-Remove-Viruses-Spyware-and-other-Malware-Part-1.htm
Posted by: Michael Horowitz at September 29, 2009 7:37 PMThe issue with malware is really very very sore. The best would be get behind a NAT router as always pointed out by Leo and follow safe browsing practices. This should keep most of the malware out of one's business.
For the techies, it would be to use any flavor of Linux and for those diehard techies who know everything, it would be better to run the Internet on a Virtual Machine.
But I personally am very much inclined not to use such security suites type of stuff. I follow the above guidelines and have rarely been infected. Most of the infections I receieved were from USB pendrives. After that I completely turned off AutoPlay and haven't faced a single problem since then.
Ravi.
Posted by: Ravi Agrawal at September 29, 2009 10:57 PMI've used free tools for years now, and I recommend them to everyone I speak to. I use Avira anti-virus, and Malawarebytes’ anti mal-ware. The latter has literally brought two computers back from the dead. I found 50 or so malware infections on a friend’s computer that refused to boot, but my daughter’s computer set the record with 610 malware infections. In both cases, Malawarebytes’ had the machines back to operational within an hour.
Posted by: Duane at October 3, 2009 3:33 AM