ThreatTrack Vipre Advanced Security

Threat Track's Vipre Advanced Security offers almost all expected suite features at a low price. It won't dethrone our Editors' Choice suites, but it's an improvement over the previous edition.

View Gallery View All 10 Photos in Gallery MSRP
$54.99

  • Pros

    Good scores in independent antivirus lab tests and some of our tests. Straightforward spam filter. Firewall stealths ports and offers simple program control. Tiny performance hit. Low price.

  • Cons

    So-so scores in our malware blocking test. Many firewall features disabled by default. Advanced firewall features did almost nothing in testing. Firewall not hardened against attack.

  • Bottom Line

    Threat Track's Vipre Advanced Security offers almost all expected suite features at a low price. It won't dethrone our Editors' Choice suites, but it's an improvement over the previous edition.

By Neil J. Rubenking

Each security suite vendor has its own way of setting up a product line. At one end of the scale, Panda offers seven distinct security products. Threat Track used to toe the standard three-product line of antivirus, suite, and feature-packed mega-suite. This year, it's strictly ThreatTrack Vipre Advanced Security. The company's principals decided to put all of their best technology in a single product, and sell it for a price that can hardly be beat. It's a big improvement over the previous edition, though it doesn't dethrone any of our Editors' Choice suites.

//Compare Similar Products

Compare

A common price-point for standalone antivirus protection is about $40 per year. Bitdefender Internet Security 2017, Kaspersky, and Norton all fit this model. The full-scale security suites from those same three vendors cost twice as much and get you multiple licenses—five for Norton, three for the rest. Enter Threat Track offering a single Vipre license for $34.99 per year, less than the typical price of a simple antivirus. You pay $44.99 for three licenses, a little more than half the going rate. That's a good price for a suite that has all the expected components except for parental control.

View GalleryView All 10 Photos in Gallery

The product's main window has three tabs: MyVipre, Account, and Manage. On the main MyVipre page, you get a simple report on security status and buttons to launch or schedule scans. The Manage tab naturally holds settings for the various security components. If you don't like the color scheme (mostly shades of blue and green on white), you can change it on the Account tab. There are six color themes in all, three with a light background and three with a dark one.

When you launch Vipre's installer, it starts by asking for the product key. Once you click the button to agree with the license agreement, Vipre handles the rest. It checks for the latest program version and antivirus definitions automatically, then runs a quick scan for active malware. I did find that it took quite a while to install, and it required a reboot to complete the installation process.

ThreatTrack Vipre Advanced Security Main Window

Good Lab Results

I follow five independent antivirus labs that regularly report on their test results. I also follow two labs that certify products for their antivirus ability. The difference with the latter two is that if a product doesn't reach certification, part of the service is that the labs help them fix any problems and retest them until they do succeed. Fewer companies go for either certification these days, and fewer still for both. Vipre is one of the few products certified by both ICSA Labs and West Coast Labs.

Virus Bulletin puts many, many antivirus products through its RAP (Reactive And Proactive) testing. It reports results in hundredths of a percent, which seems unduly precise to me. The average score for products I follow is roughly 82 percent, and Vipre's score came in at roughly 82 percent, as Emsisoft Anti-Malware 2017 also did.

The experts at AV-Test Institute evaluate each antivirus product on three criteria: protection against malware, a low impact on system performance, and few false positives. In that last category, which they call Usability, Vipre earned the maximum score, six points. It took 5.5 points in the important Protection category, and five points for performance. Vipre's total of 16.5 points isn't bad, but Trend Micro, Kaspersky Internet Security, and Bitdefender earned the maximum possible score, 18 points.

Lab Test Results Chart

When a product does well enough to pass a test, researchers at AV-Comparatives flag it for Standard certification. If it does more than the minimum, or a lot more, it can earn Advanced or Advanced+ certification. Out of the four of this lab's tests that I follow, Vipre managed two Advanced scores and two Advanced+ ratings. That's good, but Avira, Kaspersky, and Bitdefender took Advanced+ in all four areas.

MRG-Effitas is a more recent addition to the group of labs that I track. One test by this lab focuses specifically on banking malware, and products either do a near-perfect job of protection or fail the test. The other includes a wide variety of malware types. A product that completely blocks all attacks earns Level 1 certification. Clearing all malware traces within 24 hours gets Level 2. Vipre took Level 2 certification in the latter test, but failed the banking malware test. Because these tests don't distinguish between almost-pass and epic fail, I give them less weight when aggregating lab scores.

Getting tested by four labs is impressive; only Kaspersky, Bitdefender, AVG, and Avast Premier 2017 show up in results from all five. Vipre's aggregate lab score is 8.8 of 10 possible points, which is decent, but nowhere near the 9.8 points earned by Kaspersky and Bitdefender.

So-So Malware Blocking

Even when the lab results indicate that a product does a good job, I always run my own hands-on malware blocking tests. One test starts the moment I open a folder containing my current collection of malware samples. The tiny file access that occurs when Windows Explorer displays details for a file is enough to trigger Vipre's real-time scanner. For each detected sample, it popped up a transient, floating notification window. Vipre detected and quarantined 75 percent of the samples at this point.

I maintain a second set of samples, hand-tweaked versions of the originals with different filenames, file sizes expanded by appending nulls, and a few nonexecutable bytes changed. Discarding the 25 percent whose originals weren't caught, I exposed this collection to Vipre's examination. It missed fully a third of the modified samples. Fortunately, Vipre includes a number of other protective layers beyond simple signature-based malware detection.

When I launched the surviving samples, Vipre detected some of them. In a few cases, it didn't fully prevent installation of malware-related executables by detected samples. Overall, it detected 89 percent of the samples either on sight or after launch, and earned 8.4 of 10 possible points. Challenged with the same sample set, Emsisoft managed 100 percent detection and 9.4 points.

Vipre's score isn't precisely comparable with scores of products tested using my previous malware collection, naturally. Still, it's worth noting that Webroot SecureAnywhere Internet Security Plus, PC Matic, and Comodo earned a perfect 10 points when tested against that collection.

Malware Blocking Results Chart

My malicious URL blocking test doesn't rely on a specific collection of samples. Rather, it uses malware-hosting URLs captured by MRG-Effitas during the previous day. These samples are different every time, but they're always real-world nasties, and they're always recent. I use a small utility program to launch each in turn and record whether the antivirus prevented the download, either by blocking all access to the URL or by quarantining the downloaded file. Once I have 100 valid data points, I check the numbers.

ThreatTrack Vipre Advanced Security URL Blocked

Vipre fended off 86 percent of the malware downloads, a bit more than half of those by blocking access to the dangerous URL. Quite a few products have done better. Avira Total Security Suite managed 95 percent protection, blocking almost all of those at the URL level. Norton came in with a near-perfect 98 percent.

Good Phishing Protection

The same mechanism that helps protect against malware-hosting URLs also serves to save you from accidentally giving away your login credentials to a phishing site. These sites masquerade as secure sites of all kinds. If you log in unwittingly, you've given your account to the bad guys.

Of course, these fraudulent sites don't last long. They quickly wind up blacklisted. The fraudsters don't care; they just set up another fake site. For testing purposes, I scour fraud-prevention sites for the very newest reported phishing URLs, those that haven't yet been analyzed. I launch each of them simultaneously in a browser protected by the product being tested and in another browser protected by Symantec Norton Security Deluxe, which has long been a strong protector against phishing. I also launch each in instances of Chrome, Firefox, and Internet Explorer, protected only by the browser's built-in antiphishing component.

Antiphishing Results Chart

Last time I tested Vipre's antiphishing abilities, it did very well, with a detection rate just 6 percentage points below Norton's. This time around it lagged 17 percentage points behind Norton, but retained its place on the leaderboard, below Sophos Home and above F-Secure. None of the three browsers outscored it, so while it may not be the best at anti-phishing, it's definitely a step up from a naked browser.

While Norton is my touchstone for this test, it's not always the winner. Bitdefender, Kaspersky, and Webroot all did better than Norton in my latest tests, if only by a few percentage points.

Firewall: Good News, Bad News

Vipre offers a full set of firewall-related features, but there's a catch: Most of them are turned off by default. In the version I tested previously, that made sense, because turning them on caused a variety of problems. The problems have been sorted, so you should click Manage, click Firewall, and turn on Intrusion Detection Systems (IDS) and Process Protection. In addition, you should check the box labeled Stealth Mode.

With those settings in place, I launched a number of port scans and other web-based tests. Vipre correctly put the system's ports in stealth mode, making them invisible to outside attack. Of course, the built-in Windows Firewall can also accomplish this feat. Success in this test is the baseline for a third-party firewall, not a major achievement.

SecurityWatch

The other main task of a personal firewall is managing how programs access the network and internet, to prevent misuse. Vipre defines permissions for its own processes and a few essential Windows processes. For others, it allows all outbound traffic and blocks all unsolicited inbound traffic. This arrangement avoids the annoying firewall popup queries that plague users of some firewall products, but it also means that the firewall's application control just doesn't do much.

Many firewalls include a simple switch that turns on prompting, so that when a program attempts internet access for the first time, the firewall reports it and asks what to do. You can enable prompting in Vipre, but it's more complicated. The Apps tab of the Firewall Rules dialog lists all programs that have rules defined, along with an entry for all other applications. Four columns define the behavior for trusted and public traffic, inbound and outbound. Both types of inbound traffic are blocked. To enable prompting, you click each entry in the row marked Any Other Application and change the action to Prompt.

Firewall popups typically occur only for unknown programs. To ensure I have an unknown program in hand, I usually test with a tiny browser I wrote myself. This time I didn't have to, as the firewall popped up asking whether to allow Chrome to access the internet. Check Point ZoneAlarm Extreme Security 2017 uses popup queries for unknown programs, but as its database of known programs is ginormous, it rarely needs to. Norton handles all such decisions itself, putting unknowns under heightened monitoring and smacking them down if it detects they are misusing the network. Either solution offers better protection than Vipre's.

Having enabled Intrusion Detection and the Host Intrusion Prevention System (HIPS), I anticipated that Vipre might exhibit protection against exploit attacks. However, when I hit the test system with 30 exploits generated by the CORE Impact penetration tool, neither component reacted. The antivirus did kick in to quarantine the payload for a fifth of the samples, though.

ThreatTrack Vipre Advanced Security Firewall

Looking more closely, I realized that, by default, the firewall only blocks high priority intrusions. I set it to also block medium and low priority intrusions, and notify me when it did so. I applied the same setting to the HIPS component. The last time I tested Vipre, doing so caused quite a ruckus, blocking ordinary activities, Windows components, and Internet Explorer. This time it did absolutely nothing. Exploit test results were unchanged, with no notifications from the newly enabled components. But it also didn't screw up the system with false warnings about valid programs, which is an improvement. Out of 20 old utilities, it did erroneously accuse one of code injection, which demonstrated for me that the components were indeed working.

I tried attacking Vipre directly using techniques a malicious program could manage. I found no way to flip a Firewall Off switch in the Registry, so I tried terminating its processes. In previous editions, I had no trouble killing off all Vipre processes. This time, I could only kill user interface processes such those providing the main window and the notification area menu. The essential process, the one that actually handles protection, resisted termination.

I did manage to completely disable Vipre in a way that a malicious program could do (assuming that none of Vipre's protection layers quarantined it). I set both of its essential Windows services to start up disabled and rebooted the computer. That did it. My Threat Track contact points out that they don't buy the initial assumption behind this test, the idea that such a program would get past the antivirus. It's a reasonable objection, and yet many other security suites manage full protection of their processes and services.

Overall, this version's firewall is an improvement. It protects the most important of its processes from termination. It now correctly puts all your ports in stealth mode, if you remember to change its default settings. Full popup-happy application control is available, again, if you change the defaults. And cranking up the power on its HIPS and IDS components didn't unleash chaos on the system. It's still not up there with the champs, but it's decent.

Related Story

See How We Test Security Software

Subtle Antispam

The last time I reviewed Vipre's antispam component, I reported a ton of bugs and problems during testing. The Vipre team thoroughly cleaned up the antispam component, which relies on antispam hero Cloudmark for the actual filtering.

The spam filter supports POP3 and IMAP email accounts. It integrates invisibly with Outlook, diverting spam into the correct folder. There's no toolbar, no buttons to mark misfiled valid mail or missed spam. In past tests, Cloudmark proved to be extremely accurate, so you probably won't miss those buttons. If you're not using Outlook, you simply define a message rule to divert marked spam messages into their own folder.

I'm a fan of simplicity. I don't necessarily admire the fact that ZoneAlarm's spam filter comes equipped with seven pages of configuration settings. Vipre's spam filter takes the cake as far as simplicity goes. You can turn it on or off. You can whitelist or blacklist email addresses. And that's it. The program takes care of the rest.

Vipre also can scan incoming and outgoing mail for malware. It's on by default if you use Outlook, but you can enable it for any local email client by checking a box and entering the ports your email program uses for POP3 and SMTP traffic.

Vulnerability Scanner

Have you noticed how often many applications release security updates? There's good reason for that. When a security hole in an app becomes public, all users are vulnerable until that security patch comes out. Vipre's Auto Patch feature aims to keep your essential apps up to date, and you don't have to do a thing. By default, it runs a scan every other day and applies any patches it finds.

If you want to change its settings, perhaps to make it get your approval before applying updates, you can find them under Updates on the Manage page. This is also the spot where you can launch a manual scan. On my test system, it found updates for Firefox, Chrome, and Java, even though I thought I had them all up to date. The programs it checks include popular browsers, browser extensions, and utilities, as well as some full-scale applications.

Privacy Protection

Clicking Privacy on the Manage page turns up three privacy-related components, of varying usefulness. If you connect the Social Watch component to your Facebook account, it watches for dangerous links in your feed. It used to automatically post a warning on your account upon detecting danger, but Facebook no longer permits that. At present, it doesn't even display an in-program notification. You must click the View History button and look for any entries with a nonzero number of threats found. Even then, you just get a summary of the post, not a direct link.

ThreatTrack Vipre Advanced Security Privacy

The History Cleaner is more useful. It can clear around 50 kinds of file and Registry traces from your computer and online activity. Among these are cached files, cookies, and history for your browsers, numerous lists of recent files, and various temporary file locations. It works in a jiffy.

This page also controls the Secure File Eraser feature, which disabled by default. Once you've turned it on, you can right-click files or folders to securely erase their data so that even forensic software can't recover it. Many products pair secure deletion with encryption—after encrypting files, you securely delete the unsecured originals. Kaspersky Total Security, Bitdefender Total Security 2017 Security, and adaware are among the products that offer this pairing. Vipre doesn't offer encryption software, but thankfully it also doesn't confuse the user with a yard-long list of different secure delete algorithms.

A Tiny Performance Hit

These days it's rare to find a security suite that has a severe impact on system performance. Security companies know that users will just turn off a suite that seems to be draining system resources. I still perform a few hands-on tests, however, to identify the rare suite that does have a noticeable impact. Thankfully, Vipre isn't one of those.

Getting security components loaded when Window starts can affect boot time, so I run a script that measures the time from the start of the boot process until the system is ready for use. Averaging many runs before and after installing the security suite, I measure the suite's impact. Booting my test system took 19 percent longer with Vipre loading at startup. That's better than the previous version did, and better than the current average of 25 percent.

Performance Results Chart

Real-time antivirus scanning has the potential to slow down ordinary file operations. To check on this I run a script that moves and copies an eclectic collection of files between drives. Averaging many runs before and after installing Vipre, I found the script took 4 percent longer. The current average for this test is 15 percent, so Vipre did well here. Another script repeatedly zips and unzips the same file collection; Vipre had no measurable effect on the timing for this script.

Vipre's three performance scores average out to an 8 percent slowdown. You're not likely to notice this. However, others have done even better. Webroot and adaware antivirus total 12 had no measurable impact on any of the three tests.

Definite Improvements, Room for More

With the latest edition, Threat Track has rolled up its whole product line into the singular Vipre Advanced Security and slashed its price. This suite has all the expected components except parental control, which many people don't need, and they all do a good (if not stellar) job. Serious glitches that I encountered in my previous review didn't make an appearance. However, the firewall's advanced features remain disabled by default, and didn't seem to do much when I put them all in high gear. Also, while Vipre's independent lab test scores have improved, its scores in my hands-on tests weren't top-notch.

You can get significantly better protection if you're willing to pay the price. Bitdefender Internet Security and Kaspersky Internet Security are our Editors' Choice security suites. Both get excellent scores from all of the independent labs, and both offer features above and beyond Vipre's. Still have a little cash? Bitdefender Total Security and Kaspersky Total Security don't cost a lot more, and they pack in so many features your head will spin. These two are our Editors' Choice winners for security mega-suite.

Sub-Ratings:
Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.
Firewall:
Antivirus:
Performance:
Privacy:
Parental Control: n/a

Neil Rubenking By Neil J. Rubenking Lead Analyst for Security Twitter Email

Neil Rubenking served as vice president and president of the San Francisco PC User Group for three years when the IBM PC was brand new. He was present at the formation of the Association of Shareware Professionals, and served on its board of directors. In 1986, PC Magazine brought Neil on board to handle the torrent of Turbo Pascal tips submitted by readers. By 1990, he had become PC Magazine's technical editor, and a coast-to-coast telecommuter. His "User to User" column supplied readers with tips… More »

More Stories by Neil J.

See More +

Comments

Please enable JavaScript to view the comments powered by Disqus. blog comments powered by DisqusRead more

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.