Well continuing my review of ‘integrated security solutions’ I have once again become dismayed by the terrible offerings by the various security vendors out there.
Today we don’t have massive virus outbreaks, nor do we even have a big problem with Trojans (except when it comes to malware) and worms are even starting to slow down. We can thank enterprise scale solutions and active monitoring of networks for this. Yes, even email/spam solutions are stopping many of these things right at the server at our ISP, so very little should be getting into our machines today, unlike just a couple years ago when ISP’s were leaving each of us to our own solutions.
Today, malware in the form of ADWARE and SPYWARE, as well as BOTNETS and ROOTKITS are our big challenge, and in many of these that we encounter tend to not be detected in many products until they are discovered. In my mind this does not provide a solution but a clean up.
So I don’t recommend people who are pro-active to buy these ‘Internet Security’ solutions that the vendors are pumping. They are just no good and a waste of CPU time.
F-Secure’s offering is probably the worst I’ve encountered to date. But like many of these packages, they taunt you with a free trial offering, which seems to work pretty good.
F-Secure offers the same as every other package, Anti-Virus, Anti-Spam, Firewall, as well as malware detection and a rudimentary rootkit check tool. Let’s start at the top.
The anti-virus solution is definitely the best of the inclusions with this product. When it updated that is. Our biggest challenge was getting this product to work through a proxy. Seems the F-Secure developers don’t comprehend proxies and the awesome solutions they provide, and many times our updates would never get downloaded. An Anti-Virus product is only as good as it’s updates, and we constantly had to fiddle with the settings to do a simple update. Pathetic. So we would just as soon use Avast for FREE which does not seem to have a problem with proxies.
The anti-spam solution was incredibly poor however causing several minutes of delays in processing email from nearly every ISP I tested this with. A normal POP session usually takes about 1 minute and about 10 seconds per email on the slow side. With F-Secure Anti-spam this increased ten fold. We were easily waiting about a minute per email, causing us to go for coffee every time we checked email. Since we use spam-assassin on our free servers and a very pricey solution for our Microsoft exchange server, we really don’t need anti-spam. It was no better at detecting the stuff that made it through these tools so it was simply wasting time.
The firewall was the worst of the bunch. First problem we encountered was one of our test boxes had NVideo Forceware Network Access Manager already installed. This is a firmware based firewall, and it works very well. The downside was that F-Secure Internet Security refused to install “anything” with this product installed. In this box we simply wanted to test the anti-virus and anti-spam solutions but we were forced to install the firewall product also. Trying to disable the firewall and reinstall NAM was ok, and thankfully NAM remembered are old settings saving us more time. Not F-Secure!
Once everyhting was installed in this box, we found out we could no longer access our network shares. Yes F-Secure firewall was blocking these accesses. Adding rules to allow this traffic made no difference. Isn’t a firewall made to configure what “I” want, not what some dork developer wants? I guess not. Nothing we could do (short of disabling the firewall) would allow us access to our network shares again.
The rootkit checker was bland. Featureless, did not detect 22 of our suspicious ADS streams and did not provide any output that could be used to track and discover where potential problems could be. The average person does not understand rootkits enough to be able to troubleshoot this without a lot of hand holding, and this tool has none of that available. Eeye’s BLINK was better for this yet even it was an ineffective tool at current rootkits. Old and very public rootkit technology was noted effectively, but most of the problems these days are botnet driven and none of these were detectable until infection occured and the OS was exploited. Then the anti-virus solution did it’s job.
The anti-malware portion of this software was very paranoid and kept advising us of tools that it didn’t think the average PC should have, like netcat or nmap, even PE builder tools were quarantined by F-Secure which annoyed me to no end. Sure one could build exceptions but shouldn’t the tool ask this during detection, not AFTERWARDS? Barts PE builder broke thanks to F-Secure’s gross paranoia. Perhaps they should devise a color coding like DHS has for terrorist alerts, ah never mind, they’d all be red…
The kicker was purchasing a license and getting technical support. I had to send two emails to get my license since they didn’t bother sending it automatically as part of the order. Very irritating to have to ask after a week of buying a license where it is.
The next kicker was contacting support about our two major issues. Updates and our firewall problems. Neither were addressed in a satisfactory manner. We were advised to disable proxies for updates. Ok, not a big deal but every week this needed to be changed since it seemed to forget the settings. As a consequence we were hardly up to date. This should be automatic and not require tweaking internet settings just to update so we fail this product on this point alone. The other components had very few updates (some never updated in the two months we used this product) so we wonder how effective a solution is if it is never updated. Snort rules for instance are updated almost every day, and they haven’t come close to detecting everything yet, so if I have a choice I’ll stick to a real IDS solution and not the ‘cleanup’ proposed by F-Secure.
Technical support was terrible also. Three phone calls to them and after explaining my problem to some fellow who speaks very poor English, he would offer to ‘email’ me a solution. I think he simply could not grasp the English alphabet over the phone when I tried to spell my email address since on all three occasions I never received an email from him. By phone call#4 I asked if he could simply walk me through this on the phone. He refused and insisted to email it. I then asked if he really was a technical support person? He said yes. I asked if he could REALLY help with my problem or if he didn’t have a clue how to fix my firewall/proxy solutions? He said he could. So I told him that I want him to help me now on the phone. He hesitates, but otherwise agreed..
F-Secure — you call that support? I call that very disappointing and disrespectful of your clients when you continually waste there time. Secondly, get people who can speak English. Make it a requirement of the job for those who prefer to get support in english.
After talking to this guy for about 20 minutes and following his instructions I was able to ‘one time’ update the package (I had to repeat his instructions every time I needed an update), but my firewall issue was not finding a solution. Even with rules in place (confirming I had indeed set them up correctly, but it still didn’t work) with the fellow from technical support still did not lead me to a working solution. I asked if there was a way to remove the firewall component completely. The tech stated I would have to download the Anti-virus program alone to accomplish this. I did not have a license for that product so I would have to buy another product to do this.
At this point I simply stated this product was ineffective and I requested a refund. This the tech support fellow was able to do very quickly, and in minutes I had a email in my inbox to confirm this.
This was the best performance I received from F-Secure.
My suggestion for you considering this ‘integrated solution’ Save your money and just buy the Anti-Virus product alone. IT’s the only thing worth any money, provided you don’t have any proxies to affect your updates.My suggestion was to stick with Avast anti-virus, which does most of this stuff for free and much more effectively.
My rating of this product is 1 out of 10. This should not even be out of beta, but getting a refund was no trouble.
Comments (1) 
