Norman Security Suite PRO 11 Review

One typical product-line model for security vendors involves a standalone antivirus, a security suite that builds on the antivirus's features, and a top-level mega-suite that adds bonus features to the security suite. Norman handles things a bit differently, withholding Web-based antivirus protection in all but the mega-suite. As a result, Norman Security Suite PRO 11 ($76.95 per year for three licenses) is a better antivirus than the other two Norman products. Even so, it's not a suite you'd want to rely on.

The main window is identical for all three Norman products. All three have big buttons to launch a scan, check for updates, and view quarantined files, as well as a list of latest events. All three are titled "Security Suite 11," even the antivirus. You'll only see the difference when you switch to the Settings page. In the PRO suite all components are available; in the other two, some are disabled, with the confusing label "The license for this product has expired."

Shared Suite Features
This suite includes all the protective components found in Norman Security Suite 11, and more. As noted, some important antivirus features are present only in the PRO edition. I'll summarize the elements that are the same in both suites, to start, then proceed to the antivirus.

Similar Products

4.5

Outstanding

Bitdefender Total Security

 

$99.99 Save 50%

Check Price Read Our Bitdefender Total Security Review

3.0

Average

Webroot Internet Security Complete

 

 

Check Price Read Our Webroot Internet Security Complete Review

4.0

Excellent

Trend Micro Maximum Security

$49.95 5 Devices / 1 Year at Trend Micro Small Business

 

See It Read Our Trend Micro Maximum Security Review

4.5

Outstanding

Kaspersky Internet Security

 

 

 

Read Our Kaspersky Internet Security Review

3.5

Good

McAfee Total Protection

 

 

Check Price Read Our McAfee Total Protection Review

Norman Security Suite PRO 11 Lab Tests Chart
Norman Security Suite PRO 11 Antispam Chart
Norman Security Suite PRO 11 Performance Chart

Only a few of the independent antivirus labs include Norman in testing. The last 12 tests by Virus Bulletin saw a Norman product (not the PRO suite) included in 11, but Norman achieved VB100 certification in just 6 of the tests. AV-Test Institute specifically examined the PRO edition, and found it wanting. With just 12 of 18 possible points in this lab's three-part test, Norman passed certification, but not by a lot. Bitdefender Total Security 2015(40.00 3 devices / 1 year – 50% off at Bitdefender) and Trend Micro Maximum Security 2015($53.95/Year at Trend Micro Small Business) managed 17.5 points, as did Kaspersky Internet Security (2015)($29.00 at Amazon).

Norman's spam filter didn't wildly throw any valid mail into the spam folder, but it missed a huge amount of undeniable spam. It allowed over 40 percent of undeniable spam messages to clutter the inbox of my test system. That's a lot of spam to miss.

The firewall component comes with three different levels of configuration, but most users should leave the advanced configuration choices alone. It handled all of my Web-based tests, as any firewall should. Program control is old-school; any time an unknown program attempts network access the firewall asks you what to do. In probing for weaknesses, I found a way that a malware coder could disable firewall protection.

I had assumed that the additional Web protection features in the PRO edition would help it detect and block exploit attacks, but I was wrong. When I attacked the test system with about 30 exploits generated by the CORE Impact penetration tool, the result was just the same as with the entry-level suite. I saw no blocking at the network level, but the antivirus wiped out the exploit payload for about 40 percent of the samples.

This definitely isn't a suite for those who need parental control built in. Its content filtering system missed plenty of porn in testing, something I rarely see. And a savvy teen could circumvent its monitoring. It lets you define a weekly grid of acceptable times for Internet access, but a child with Administrator access can evade the scheduler. That's the extent of parental control.

I run a few simple real-world tests to measure each suite's impact on system performance. Specifically, I measure boot time with and without the suite, and similarly time a pair of scripts that perform common file operations. Norman's overall impact, averaging the three tests, was the largest among current suites. Actually, the PRO edition was a few percent worse, but I gave it a pass to use the entry-level suite's numbers.

See How We Test Antispam

See How We Interpret Antivirus Lab Tests

See How We Test Security Suites for Performance

Improved Antivirus

The difference in the two editions wasn't evident until I tried launching the malware samples that weren't wiped out on sight. In particular, the PRO edition stymied some samples by actively preventing them from going online to download essential files. The PRO suite detected 91 percent of the samples and earned 8.6 of 10 possible points, where the antivirus came in at 83 percent and 8.1 points. Norman PRO actually did a tad better than Bitdefender's 8.4 points, though Bitdefender's stellar performance in lab tests outshines most competitors. In my own test, Webroot SecureAnywhere Internet Security Complete (2015)(29.99 More than 50% Off Exclusive for PCMag at Webroot) scored best, with a perfect 10 points.

Norman Security Suite PRO 11 Malware Blocking Chart

The additional Web-based protection really showed its power in my malicious URL blocking test. For this test, I start with a feed of very new malicious URLs supplied by MRG-Effitas. I filter out those that don't point to executable files and then simply try to visit each URL. For those that aren't already defunct, I note whether the security product keeps the browser from reaching the URL, wipes out the payload file, or sits idly doing nothing.

Norman completely blocked access to 71 of the 100 URLs I used in testing, and the antivirus component wiped out another 10. Its overall protection rate of 81 percent is excellent, surpassed only by McAfee Total Protection 2015($39.99 at McAfee), which managed 85 percent.

See How We Test Malware Blocking

Norman PRO also attempts phishing protection, a feature not found in the other Norman products. To test antiphishing, I scrape phish-reporting websites for the very newest reports, URLs too new to have been verified as fraudulent. I launch each URL in five browsers, one protected by the product under test, one by Norton, and one by the built-in protection in Internet Explorer, Firefox, and Chrome.

Norman Security Suite PRO 11 Antiphishing Chart

Norman's detection rate came in 34 percentage points lower than Norton's, which puts it a little below the middle as far as current products go. It also lagged 31 percent behind Chrome alone. Firefox was apparently having a bad couple days, as Norman beat Firefox by 26 percent. It also beat perpetual loser Internet Explorer by 32 percent.

This is a decent showing, but I wouldn't turn off your browser's built-in phishing protection. Note that Bitdefender is among the very few products to outperform Norton in this test.

See How We Test Antiphishing

Intrusion Guard

You can set this component to Allow or Deny a variety of suspect behaviors, or to Prompt you for a decision. The configuration pages for Intrusion Guard show that it's almost entirely set to Allow. If a program attempts to modify the HOSTS file, it will prompt you to allow or deny it. The only other settings that don't default to Allow are a few specific to 32-bit systems.

I chose Deny for all of the Intrusion Guard settings and retried my malware blocking test, but didn't observe any change. However, when I tried to install 20 legitimate PCMag utilities, five of them failed, with no message from Norman and nothing recorded in the events log.

My Norman contact confirmed that Intrusion Guard events aren't logged (why not?) and advised trying again using the Prompt setting. This time I got clear messages from Norman about the behaviors it considered suspicious, things like installing a service, adding a plug-in to Internet Explorer, and modifying the startup sequence. Ignoring a message caused it to select Deny after a timeout period.

I'm not a fan of simple behavior detectors like this one, tools that warn about individual behaviors without looking at the process as a whole. In particular, I found that Norman's blocked a number of valid programs, but I didn't see it blocking any malware. Perhaps that's why it's turned off by default.

Privacy Tools
The PRO suite includes a few privacy tools not found in the entry-level suite. When you right-click any file or folder, you'll see a menu entry for Norman Secure Delete. Choosing this option first overwrites the file and then deletes it, to prevent forensic recovery of sensitive data. You can also reach this function in the settings page for Privacy Tools. There's no provision to specify how many overwrites it will perform, but even one should be enough to foil all but the most determined recover efforts.

Norman's privacy tools are designed to run periodically in the background, once you've enabled them. You can choose to clear program history for Windows, Windows Media Player, and popular browsers, at intervals ranging from every 10 minutes to once each week.

Norman doesn't offer a preview of the changes it will make, nor does it log those changes. I clicked a triangle-icon Play button next to the Clear program history task, thinking this might launch the cleanup immediately. Nothing obvious happened. With no user manual available, I tried searching the online support system. That turned up nothing, so I simply waited 10 minutes for the cleanup to occur.

An hour later, the Recycle Bin was still full, my browser histories hadn't been deleted, and all cookies were still present. I was left wondering just what the history cleaner had done.

Another privacy tool, called System check, is even more opaque. It purports to look for "malicious behavior and suspicious programs running in the background," and you can set it to do so hourly, daily, weekly, or monthly. This seems like it ought to be continuous, and not optional, for real-time malware protection.

The Best of a Mediocre Line
If you're compelled to buy from the Norman product line, Norman Security Suite PRO 11 is definitely the best choice. It's the only one that includes full antivirus protection, and it did well in my hands-on tests. Other added features weren't as impressive, though. Intrusion Guard flagged more good programs than bad, and I couldn't actually determine that the history cleaning component did anything.

For just a little more cash, you can get our mega-suite Editors' Choice, Bitdefender Total Security 2015(40.00 3 devices / 1 year – 50% off at Bitdefender), which includes just about every imaginable suite feature, all top quality. Don't need parental control or antispam? The ridiculously tiny Webroot SecureAnywhere Internet Security Complete (2015)(29.99 More than 50% Off Exclusive for PCMag at Webroot) takes care of your security needs, offers impressive online backup and sync, and seems quite a bargain, with five licenses for roughly the price of Norman's three.

If your aim is to protect devices on multiple platforms, one license of McAfee LiveSafe 2015 lets you install security software on all of your Windows, Mac, iOS, and Android devices. With choices like these available, there's no need to consider Norman.

Sub-Ratings:
Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.
Firewall:
Antivirus:
Performance:
Antispam:
Privacy:
Parental Control: