Intego’s New Mac Security Package is Important for Newbies

| In-Depth Review

In the current Internet threat environment, a security package that scans for incoming malware is essential. However, if security software is too technical or confusing, customers, especially those new to the Mac, won't use it. Intego has set out to change all that.

Introduction

Intego has found, through experience with customers, especially Switchers coming to a Mac, that a new environment is already a dizzying affair. As the user struggles to gain mastery over a new OS, exceptionally scary, geeky, and technical software is often avoided.

Also, a customer may have come over to the Mac, seeking a more secure computing environment and may feel that added security software is not an urgent affair. The problem is that there are still aggressive exploits lurking that need to be blocked immediately. The Mac is a solid, secure OS, but every OS has some flaws that professional bad guys are experts at finding. Intrusion kits are even sold amongst them.

Of course, one of the things that a major security products developer can do is operate a data center and watch for malware and trends. By pushing threat definition files to every subscriber that can detect the signature of not just viruses but a wide range of malware, the customer can take advantage of vast resources, quickly, for a modest annual subscription fee.

Still, if the security software is too geeky, introduces new and confusing terms, and is hard to understand and leverage, it will still be avoided. This is where Intego's Mac Internet Security Premium (MISP) package 2013 comes into play. It's basically Inego's Virus Barrier X6 product with a simplified user interface, some of the geekier features deleted and an extra security package added. It offers the same level of protection as X6, but with a simpler user experience (UX).

And that, right there, characterizes security software. There is a partition between what the software can do on its own and what the software may expect the customer to do in terms of 1) taking action and 2) configuring the software. If too much burden is placed on the user, then the part of the software that can work perfectly fine on its own won't get used.

Intego told me that, in the past, very technical people used security software because they were expert users. However, with the growth of the Mac business, with 50 percent of new customers coming from PCs, Switchers, it was time for a product for non-technical users. That's MISP 2013.

Product Profile

MISP 2013 consists of three primary OS X apps:

  • VirusBarrier.app
  • NetBarrier.app
  • Identity Scrubber.app

There is also a manager, NetUpdate.app, that takes care of updates, licensing, and the downlading of threat filters, called NetUpdate.

For newbies, I should note that the VirusBarrier app not only protects against Windows viruses that you may receive in an email so that you don't pass them on to others, but also protects against a host of OS X exploits, malware, keyloggers, trojan horses, and other kinds of malware that you might pick up from malicious websites or in your email.

Identity Scrubber, in contrast to the other two, scans the Mac for certain kinds of defined information that the user may not realize is on that Mac. Information, such as Social Security numbers, credit card numbers, bank account numbers, and so on, that could become the future target of malware or phishing emails.

Installation

The apps are all installed in the Mac's Applications folder in a folder called "Intego."

In the current version, Intego tried to keep the product simple, so no icons are placed into the Dock and no gateway app launches after installation. The goal was to be low key, but Intego told me that they will probably tweak things in a maintenance update to more visually affirm where those applications reside.

The goal in the installation process is 1) run the installer, 2) click just a few options and be done. From there on, the defaults let the software do its job.

The installer is designed for first time users. There is a comforting option to uninstall if that's ever needed in the future.

Current users of X6 do not need to worry about the uninstaller. If X6 is present, the installer will automatically uninstall it before proceeding. (You can also do it manually, if you prefer.) Those options should be made a little more clear for current users. Perhaps an auto-detect function could sort out a clean install from an upgrade.

The only configuration option is to select the level of coverage. The "Standard" coverage, in my optinion, is the best choice for most users.

When running one of the two basic Internet security apps for the first time, the user will see a graphical overlay, Basic help, explaining the operation of the app. The app's Help menu has two items. You can bring up the graphical Basic help again at any time or you can go to the Application's help page at Intego.

NetBarrier

The NetBarrier display is a considerable simplification over X6, but it can be confusing at first. Here's the display.

The app is trying to show two things simultaneously. Inside the black box, a conceptual firewall, apps that are communicating on the Internet and on your LAN are listed. Information flow in pale blue dots and arrows goes into the app. If information leaves the app, it is shown in animated flow immediately to the right of the app's (or daemon's) name. Hovering over the name brings up a settings gear where you can further control the flow of data if needed.

Outside the box are green data flow symbols that are static. The idea here is simply to suggest the ability to mamage four types of flow, left to right: 1) Incoming from the Internet, 2) Incoming from the Local Area Network (LAN), 3) Outgoing to the Internet and 4) Outgoing to the LAN. The small gears allow more detailed control.

That mixture of actual data flow and the conceptual operation of the firewall can be confusing at first, but it's easy to get used to when you understand it.

VirusBarrier

This app has basically two sertings at the bottom. On, by default, is "Real-Time Scanning, "indicated in the diagram below by the green light in front of the that text. The gear icon allows you to specify what to do if malware is found. On the right is the ability to schedule periodic scanning.

The layout is simple. The buttons for the two kinds of manual scans have yellow popup rectangles that explain them, the date of the last threat filter update and date of the last formal scan of storage are clearly shown. This kind of simplification combined with essential configuration options is what makes for a fun, convenient, yet trustworthy app.

Identity Scrubber

This app is not part of the previous X6 package. As a result, while the other two apps are simpler, this is an added function. One could, then, describe MISP as both an upgrade and a downgrade.Identity Scrubber, as I mentioned above, looks for personal information that you may not have realized is on your HDD/SSD. It will not look inside encryted files or DMGs. This app can be password protected so that other users of your Mac cannot scan for that data without authorization -- such as a child who shares the Mac.I discovered that the time it takes for a full scan depends heavily on the options chosen and the type of file. For example, if you elect to scan for "Personal Addresses," that is, street addresses, the scan of even a small hard disk or SSD can take over night. Also, if you search for data embedeed in PDF files, the algorithm to do that takes some added time.

I'd suggest looking for the the data you most suspect may be present, with few boxes checked, to get a feel for the time involved. Later, it's reasonable to check more boxes, leave the Mac alone, and come back much later.

Current Users

Current X6 users will also be presented with an option to switch to MISP with a NetUpdate entry called: "Internet Security 2013."

This is not a new component in X6, rather, it's an option to completely switch to MISP 2013. Experienced X6 users may not want to do that, so be sure to uncheck that box before updating threat filters. Intego is aware of that annoyance and plans to fix it.

Life with MISP

I installed MISP on a MacBook Air, a Mac I use for various tests and evaluations, and tried it out for two weeks. There was never a time when I felt that protection measure had been lost compared to X6, and I wasn't terribly annoyed with the simplifications. Sometimes, a simpler user interface can provide more confidence instead of less: you better understand the scope of what the apps are trying to achieve.

By way of contrast, this is what you see when you run X6.

I would say that if you are an expert user, may want to stick with X6, just because of familiarity or because you need some of the advanced functions. Intego supplied a list of what's been removed from MISP 2013 compared to X6.

  • Highly advanced firewall rules. The firewall in X6 allowed you to configure rules that were beyond what even IT professionals would require. We simplified the firewall and tried to make it something that is useful for a large range of people so, consequently, there are a subset of users who created sophisticated firewall rules. We plan to address that capability in a professional version.
  • Anti-Vandal. This was largely looking for attacks that really aren't very likely anymore and quite honestly are better addressed by making the firewall work well.
  • Anti-Phishing. A little more controversial but for the most part, this is better addressed by support built in to browsers nowadays.
  • Web-threats data vault. This was a feature whereby you could, for instance, type in your credit card number and we'd look for it in network traffic leaving the computer. It was not used very often.
  • Network utilities. Some of these were kind of cool for a network geek. Looking at it through the lens of a mainstream user, these were not useful and most of them had pretty direct replacements in the OS. Traceroute for instance.

If you never used these deleted features, you may want to upgrade to enjoy the added simplicity. However, any user new to the Mac or someone who wants to install security software for the first time will certainly benefit from the clarity of MISP and will likely never miss those esoteric functions listed above.

Finally, one of the objections some people have raised in the past about security software is that it chews up the CPU and slows down the Mac. I have not had that experience with the realtime scanning function of Intego products. Of course, the full scans of the HDD/SSD for data or malware will have a impact. For example, a full scan of my MBA's SSD consumed almost all of four virtual cores. But then, that's not something you do all the time. Again, set the Mac aside for awhile.

System Requirements & Upgrade

MISP 2013 requires OS X 10.6, 10.7 or 10.8, a Mac with at least Intel Core 2 Duo CPU and 1.5 GB of free storage. An Internet connection is also required.

For a single user for one year, the introductory price is US$52.48. Family packs are available for three computers priced at $104.98. For the corresponding number of users, the upgrade to MISP is free for current customers of X6.

Also available for new users is Mac Intenet Security for $37.48 for one year. It does not include the Indentity Scrubber.

Summary

There are still some wrinkles to work out with this new product. Some of the install experience, as I described above, could be and will be improved.

The real question is whether Intego has been able to invoke its traditional system of security management, simplify the product, but not greatly annoy current customers who might want to upgrade. The essence, of course, is whether the Mac is properly protected and a comprehensible way, and I think Intego has achieved that. Everything else is just familiarity, a few seldom used advanced functions in X6 and customer preference.

Because this suite of apps works so well, never crashes, presents to the user a generally comprehensible user interface and experience, uses tried and true Intego technologies, simplifies the installer, keeps the customer continuously protected, and has simple to understand, accessible documentation, it warrants a "Great" reating, 4/5. When some of the minor issues I mentioned above are ironed out, the rating has a chance to go even higher.

Product: Mac Internet Security Premium 2013

Company: Intego

List Price: US$52.48

Pros:

Works well, never crashes, comprehensible user interface and experience, uses tried and true Intego technologies, simple installer, continuous protection, simple to understand, accessible documentation. 

Cons:

Some minor install user interface issues that don't affect the operation of the app.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

5 Comments Leave Your Own

furbies

What about ClamXAV & Little Snitch ?

Granted it means using 2 separate Apps by different companies, but I’ve not found anything to fault them on ?

John Martellaro

furbies:  There is no apparent conflict with Little Snitch or with the firewall in OS X on my MacBook.  I haven’t used ClamXAV.

iJack

Have you tried Avast?  I’m always up in the air about which of these is the best.  Avast is one of the simplest to use, and it seems to be constantly updating.  I feel like I’ve tried them all–including NetBarrier–but I never felt comfortable that I set it up correctly and that ‘stuff’ might be slipping by.

Maybe you could take a look at it John, and give us your opinion. 
Oh, and it’s free.

(I had entered the url here, but TMO doesn’t like it, so Google “Avast!”

Paul Gorski

Intego’s comments regarding the sophistication of users are a little disingenuous or ignorant. Switchers to Mac would be no more or less technically challenged than old time Mac users. Most PC to Mac switchers are already be accustomed to a dizzying choice of anti-virus products. Intego’s dumbed down product is more challenging than the free Avast! product for Mac, but it is simpler to use than many of the PC anti-malware products.

As to not crashing, that’s not true. I had some hard lockups while testing the product in December 2012 on one workstation, but perhaps they’ve worked those bugs out. Worked fine on another computer. And yes, the real-time scanning does slow the Mac down, but no more, and probably less than some other products.

I’m testing Avast! now. Simpler interface, but takes a long time to download updated virus defs on first install.

Have also used ClamXav, but it doesn’t have true real-time scanning. Have also used Sophos, and it seems to work OK unless you have Microsoft Office installed. Sophos and Office for Mac seem to bring my test Macs to a crawl.

So at this point, if you were looking for a paid product with support, Intego is not a bad solution. Otherwise, I’d go with Avast!.

Daniel Goldman

There is also a great anti-virus from Sophos for mac that’s free. I had been using it for awhile. It’s really sparse of options and you really can’t do much with it, but it seems to work really well. As a matter of fact, it worked well in ways I didn’t expect it to. An example: I do some web dev and one new client had a site that was hacked. It was a CMS system like WordPress or some such. I wasn’t sure exactly what was wrong, so I decided to FTP the whole directory from the server down to my local mac. Sophos started complaining about a problem. As it turned out, it found a server hack on the website. This was really cool. It identified it, and gave me a huge head start on fixing it. I recently ran into a bundle deal with Virus and NetBarrier (and some other stuff). I turned off the Sophos and installed the paid ones from Intego. So far I am not so impressed. It has taken all night to NOT finish. Also, it just seems really slow in general. Sophos had on-access scanning and temp decompression of archive files that did not slow up my machine. Intego VirusBarrier seems to slow this whole workflow to a crawl. And I know it’s not my hardware because I have 12GB Ram on an I7 Mac Book Pro. It’s not the latest, but it’s pretty recent.

I am going to give Intego a full trial, but really although Sophos had absolutely no whizzy factor, it did it’s job well and stayed out of the way.I know I sound like a Sophos shill, and I am not. I actually ran into them by accident one day when doing some corporate IT work. It was free and had minimal requirements. Additionally of all the anti-virus, this one generated the least amount of complaints from the end-users. That’s why I tried it myself.

Log-in to comment