In the current Internet threat environment, a security package that scans for incoming malware is essential. However, if security software is too technical or confusing, customers, especially those new to the Mac, won't use it. Intego has set out to change all that.
Introduction
Intego has found, through experience with customers, especially Switchers coming to a Mac, that a new environment is already a dizzying affair. As the user struggles to gain mastery over a new OS, exceptionally scary, geeky, and technical software is often avoided.
Also, a customer may have come over to the Mac, seeking a more secure computing environment and may feel that added security software is not an urgent affair. The problem is that there are still aggressive exploits lurking that need to be blocked immediately. The Mac is a solid, secure OS, but every OS has some flaws that professional bad guys are experts at finding. Intrusion kits are even sold amongst them.
Of course, one of the things that a major security products developer can do is operate a data center and watch for malware and trends. By pushing threat definition files to every subscriber that can detect the signature of not just viruses but a wide range of malware, the customer can take advantage of vast resources, quickly, for a modest annual subscription fee.
Still, if the security software is too geeky, introduces new and confusing terms, and is hard to understand and leverage, it will still be avoided. This is where Intego's Mac Internet Security Premium (MISP) package 2013 comes into play. It's basically Inego's Virus Barrier X6 product with a simplified user interface, some of the geekier features deleted and an extra security package added. It offers the same level of protection as X6, but with a simpler user experience (UX).
And that, right there, characterizes security software. There is a partition between what the software can do on its own and what the software may expect the customer to do in terms of 1) taking action and 2) configuring the software. If too much burden is placed on the user, then the part of the software that can work perfectly fine on its own won't get used.
Intego told me that, in the past, very technical people used security software because they were expert users. However, with the growth of the Mac business, with 50 percent of new customers coming from PCs, Switchers, it was time for a product for non-technical users. That's MISP 2013.
Product Profile
MISP 2013 consists of three primary OS X apps:
- VirusBarrier.app
- NetBarrier.app
- Identity Scrubber.app
There is also a manager, NetUpdate.app, that takes care of updates, licensing, and the downlading of threat filters, called NetUpdate.
For newbies, I should note that the VirusBarrier app not only protects against Windows viruses that you may receive in an email so that you don't pass them on to others, but also protects against a host of OS X exploits, malware, keyloggers, trojan horses, and other kinds of malware that you might pick up from malicious websites or in your email.
Identity Scrubber, in contrast to the other two, scans the Mac for certain kinds of defined information that the user may not realize is on that Mac. Information, such as Social Security numbers, credit card numbers, bank account numbers, and so on, that could become the future target of malware or phishing emails.
Installation
The apps are all installed in the Mac's Applications folder in a folder called "Intego."
In the current version, Intego tried to keep the product simple, so no icons are placed into the Dock and no gateway app launches after installation. The goal was to be low key, but Intego told me that they will probably tweak things in a maintenance update to more visually affirm where those applications reside.
The goal in the installation process is 1) run the installer, 2) click just a few options and be done. From there on, the defaults let the software do its job.
The installer is designed for first time users. There is a comforting option to uninstall if that's ever needed in the future.
Current users of X6 do not need to worry about the uninstaller. If X6 is present, the installer will automatically uninstall it before proceeding. (You can also do it manually, if you prefer.) Those options should be made a little more clear for current users. Perhaps an auto-detect function could sort out a clean install from an upgrade.
The only configuration option is to select the level of coverage. The "Standard" coverage, in my optinion, is the best choice for most users.
When running one of the two basic Internet security apps for the first time, the user will see a graphical overlay, Basic help, explaining the operation of the app. The app's Help menu has two items. You can bring up the graphical Basic help again at any time or you can go to the Application's help page at Intego.
NetBarrier
The NetBarrier display is a considerable simplification over X6, but it can be confusing at first. Here's the display.
The app is trying to show two things simultaneously. Inside the black box, a conceptual firewall, apps that are communicating on the Internet and on your LAN are listed. Information flow in pale blue dots and arrows goes into the app. If information leaves the app, it is shown in animated flow immediately to the right of the app's (or daemon's) name. Hovering over the name brings up a settings gear where you can further control the flow of data if needed.
Outside the box are green data flow symbols that are static. The idea here is simply to suggest the ability to mamage four types of flow, left to right: 1) Incoming from the Internet, 2) Incoming from the Local Area Network (LAN), 3) Outgoing to the Internet and 4) Outgoing to the LAN. The small gears allow more detailed control.
That mixture of actual data flow and the conceptual operation of the firewall can be confusing at first, but it's easy to get used to when you understand it.
VirusBarrier
This app has basically two sertings at the bottom. On, by default, is "Real-Time Scanning, "indicated in the diagram below by the green light in front of the that text. The gear icon allows you to specify what to do if malware is found. On the right is the ability to schedule periodic scanning.
The layout is simple. The buttons for the two kinds of manual scans have yellow popup rectangles that explain them, the date of the last threat filter update and date of the last formal scan of storage are clearly shown. This kind of simplification combined with essential configuration options is what makes for a fun, convenient, yet trustworthy app.
Identity Scrubber
This app is not part of the previous X6 package. As a result, while the other two apps are simpler, this is an added function. One could, then, describe MISP as both an upgrade and a downgrade.Identity Scrubber, as I mentioned above, looks for personal information that you may not have realized is on your HDD/SSD. It will not look inside encryted files or DMGs. This app can be password protected so that other users of your Mac cannot scan for that data without authorization -- such as a child who shares the Mac.
I discovered that the time it takes for a full scan depends heavily on the options chosen and the type of file. For example, if you elect to scan for "Personal Addresses," that is, street addresses, the scan of even a small hard disk or SSD can take over night. Also, if you search for data embedeed in PDF files, the algorithm to do that takes some added time.
I'd suggest looking for the the data you most suspect may be present, with few boxes checked, to get a feel for the time involved. Later, it's reasonable to check more boxes, leave the Mac alone, and come back much later.
Current Users
Current X6 users will also be presented with an option to switch to MISP with a NetUpdate entry called: "Internet Security 2013."
This is not a new component in X6, rather, it's an option to completely switch to MISP 2013. Experienced X6 users may not want to do that, so be sure to uncheck that box before updating threat filters. Intego is aware of that annoyance and plans to fix it.
Life with MISP
I installed MISP on a MacBook Air, a Mac I use for various tests and evaluations, and tried it out for two weeks. There was never a time when I felt that protection measure had been lost compared to X6, and I wasn't terribly annoyed with the simplifications. Sometimes, a simpler user interface can provide more confidence instead of less: you better understand the scope of what the apps are trying to achieve.
By way of contrast, this is what you see when you run X6.
I would say that if you are an expert user, may want to stick with X6, just because of familiarity or because you need some of the advanced functions. Intego supplied a list of what's been removed from MISP 2013 compared to X6.
- Highly advanced firewall rules. The firewall in X6 allowed you to configure rules that were beyond what even IT professionals would require. We simplified the firewall and tried to make it something that is useful for a large range of people so, consequently, there are a subset of users who created sophisticated firewall rules. We plan to address that capability in a professional version.
- Anti-Vandal. This was largely looking for attacks that really aren't very likely anymore and quite honestly are better addressed by making the firewall work well.
- Anti-Phishing. A little more controversial but for the most part, this is better addressed by support built in to browsers nowadays.
- Web-threats data vault. This was a feature whereby you could, for instance, type in your credit card number and we'd look for it in network traffic leaving the computer. It was not used very often.
- Network utilities. Some of these were kind of cool for a network geek. Looking at it through the lens of a mainstream user, these were not useful and most of them had pretty direct replacements in the OS. Traceroute for instance.
If you never used these deleted features, you may want to upgrade to enjoy the added simplicity. However, any user new to the Mac or someone who wants to install security software for the first time will certainly benefit from the clarity of MISP and will likely never miss those esoteric functions listed above.
Finally, one of the objections some people have raised in the past about security software is that it chews up the CPU and slows down the Mac. I have not had that experience with the realtime scanning function of Intego products. Of course, the full scans of the HDD/SSD for data or malware will have a impact. For example, a full scan of my MBA's SSD consumed almost all of four virtual cores. But then, that's not something you do all the time. Again, set the Mac aside for awhile.
System Requirements & Upgrade
MISP 2013 requires OS X 10.6, 10.7 or 10.8, a Mac with at least Intel Core 2 Duo CPU and 1.5 GB of free storage. An Internet connection is also required.
For a single user for one year, the introductory price is US$52.48. Family packs are available for three computers priced at $104.98. For the corresponding number of users, the upgrade to MISP is free for current customers of X6.
Also available for new users is Mac Intenet Security for $37.48 for one year. It does not include the Indentity Scrubber.
Summary
There are still some wrinkles to work out with this new product. Some of the install experience, as I described above, could be and will be improved.
The real question is whether Intego has been able to invoke its traditional system of security management, simplify the product, but not greatly annoy current customers who might want to upgrade. The essence, of course, is whether the Mac is properly protected and a comprehensible way, and I think Intego has achieved that. Everything else is just familiarity, a few seldom used advanced functions in X6 and customer preference.
Because this suite of apps works so well, never crashes, presents to the user a generally comprehensible user interface and experience, uses tried and true Intego technologies, simplifies the installer, keeps the customer continuously protected, and has simple to understand, accessible documentation, it warrants a "Great" reating, 4/5. When some of the minor issues I mentioned above are ironed out, the rating has a chance to go even higher.