[ad_1]
Modern antivirus programs typically include multiple layers of protection. Many combine simple signature-based detection, behavioral analysis, and network-level defense against malicious and fraudulent websites. Heimdal Premium Security Home includes all those layers, plus a simple firewall and a well-designed patch management system. Its price, however, is out of line with what the competition charges.
What Does Heimdal Premium Security Home Cost?
The most common price for a single antivirus license is just under $40 per year. Many products offer a volume discount, with three licenses generally going for just under $60. Bitdefender, ESET, Kaspersky Anti-Virus, and Heimdal Next-Gen Antivirus Home all fit that profile. As for Heimdal Premium Security Home, reviewed here, pricing starts at $99.95 per year for three licenses, which is more than the five-license price of any other antivirus that I track.
If you want licenses for five installations of Heimdal Premium Security, it’ll set you back $139.95 per year—more than double what the competition charges. For that amount or less (much less, in some cases) you could get a 10-license pack of Bitdefender, Kaspersky, or Panda Dome Essential. If a 10-pack of Heimdal is what you want, you have to pay $234.95, almost twice as much as the next most expensive 10-packs.
These are all list prices, it’s true, and they’re frequently discounted, at least for the first year. But even with a 25% discount, Heimdal’s 10-pack costs $176.21. And of course, the competing products offer their own discounts. No question, Heimdal’s pricing is outside the norm.
United at Last
Heimdal Security sells two other consumer-focused products, Heimdal Next-Gen Antivirus Home and Heimdal Threat Prevention Home. The former scans files for malware on demand, on access, and on schedule, but doesn’t include protection against dangerous URLs and other online threats. The latter does handle dangerous and fraudulent URLs but doesn’t attempt to detect malware files. Heimdal Premium Security Home, reviewed here, unites the two, literally.
The main window for all three products consists of two main tabs labeled Thor Vigilance and Thor Foresight. Heimdal is in the process of renaming the products. Thor Vigilance corresponds to the Next-Gen Antivirus product and Thor Foresight to the Threat Prevention product. The big difference with Premium is that the features on both tabs are fully enabled.
The file-level antivirus includes the expected on-demand, on-access, and on-schedule scans. A button on the main window launches a quick scan, and another opens the full range of scan choices. Those choices include: Quick Scan, Active Processes Scan, Full Scan, Hard Drive Scan, Local Drive Scan, Removable Drive Scan, System Scan, and Network Drive Scan. With most antivirus products, you get a quick scan and a full scan, plus a custom scan that you could configure to perform all or most of Heimdal’s other predefined scans.
On a standard clean test system, the full scan finished in about an hour and a quarter, just a bit longer than the current average. To supplement on-access protection, you can set Heimdal to perform any of its scans on a daily, weekly, or monthly basis.
Threat prevention components include DarkLayer Guard, TTPC, and VectorN Detection. DarkLayer Guard prevents browsers and other apps from connecting to malware-hosting sites, phishing frauds, and other dangerous pages. TTPC lists processes that may be targeted by malware; in testing, the only apps it listed were browsers.
VectorN Detection is harder to grasp. It’s described as using machine learning technology to analyze HTTP, HTTPS, and DNS traffic. According to the feature’s Quick Settings page, “It detects second-generation malware strains and even the most hidden threats that no other product can.” I didn’t find any way to prod component into action.
Both the half-antivirus products include X-Ploit Resilience. This is an unusual system that both keeps your apps fully patched and helps install new apps. I’ll describe it in detail below.
Absent From Antivirus Lab Test Reports
Testing labs around the world challenge antivirus products with real-world scenarios and in-the-wild viruses. I follow four that report their findings every few months: AV-Test, AV-Comparatives, SE Labs, and MRG-Effitas. If a product gets high marks from these labs, I feel confident that it’s an effective protector against malware.
Heimdal focuses strongly on the enterprise security space, so I wasn’t surprised at its absence from consumer-side reports. I did look at each lab’s enterprise-level tests, and I didn’t find Heimdal there, either. The only results I could locate involved a one-off test by AV-Test Institute from last year, which rounded up security suites rather than standalone antivirus products. The collection of products for testing included Heimdal Premium Security Home, which at that time was named Heimdal Thor Premium. The product didn’t do well in testing, but this wasn’t the same test I track for all the other vendors, so I didn’t count it.
Heimdal isn’t the only absentee. A third of the antivirus products I track don’t participate in testing with any of the four labs. On the other hand, a quarter of them show up in results from all four, and some get high scores across the board. My lab scoring algorithm normalizes all the results to a 10-point scale and combines them for a single aggregate result. With perfect scores from all four labs, Kaspersky earned a perfect 10 points. ESET is close behind, with a respectable 9.9, while Avast and Norton AntiVirus Plus scored 9.7.
Mediocre Malware Protection
With no labs confirming Heimdal’s ability to do its job, my hands-on malware protection tests become especially important. Even for a product like Avast Free Antivirus that has plenty of lab results, running real-world tests gives me an opportunity to see the product in action.
It’s not uncommon for the simple act of opening my folder of malware samples to trigger a flood of popup notifications, warnings that the antivirus detected and quarantined a threat. That didn’t happen with Heimdal, but something was clearly out of the ordinary. For about half the samples, Windows Explorer displayed a blank document icon rather than the malicious program’s actual icon. Trying to launch any of these triggered an error message from Windows saying, “Insufficient system resources exist to complete the requested service.”
Heimdal’s main window reported dozens of infections, and the names lined up precisely with the samples that had blank icons. I chose to quarantine all the infections, and the files vanished from the sample folder. Once I did that, detected files from other folders such as my ransomware collection went straight to quarantine, with just a tiny popup notification.
Heimdal wiped out two thirds of the samples on sight, including all the encrypting ransomware samples. That seems good compared to products like Malwarebytes Premium and Avast, which don’t scan until the sample is about to launch. However, Kaspersky and Bitdefender eliminated 86% of these same samples as soon as they appeared in Windows Explorer, and Adaware Antivirus Pro caught 90%. On the plus side, when I exposed Heimdal to hand-modified copies of the same samples it had eliminated on sight, it saw through my trickery and quarantined all but two of them.
To complete the test, I launched each of the surviving samples and noted how Heimdal handled it. This is the point where I expected that Heimdal Premium might diverge from the basic antivirus, given that the network-level protection could kick in. Alas, the only difference was that in a very few cases Heimdal prevented the malware from displaying a web page. Everything else was the same. It missed some samples, caught others before they could launch, and let others place executable files on the test system even though it detected the presence of malware.
Overall, Heimdal detected 87% of the samples and earned an 8.2-point score, with 10 points being the highest possible. Looking just at products tested with my current collection of samples, this is the lowest score. It’s true that Bitdefender Antivirus Plus and Kaspersky also earned relatively low scores in this test, but these two have the virtue of top scores from the independent labs.
Collecting and curating a new collection of malware samples takes me weeks, so I use the same samples for quite a while. For a look at how each antivirus handles the very latest threats, I start with a feed of malware-hosting URLs spotted by researchers at MRG-Effitas. These are typically no more than a few days old.
The test is simple. I launch each URL in the browser and note how the antivirus reacts. If it diverts the browser to a warning page or otherwise denies access to the malware-hosting site, it gets full credit. If the malware download proceeds but the antivirus wipes out the payload during or right after that process, it gets equal credit. Of course, if the antivirus sits on its thumbs doing nothing while the browser blithely downloads malware, that’s worth zero points.
In its own test, Heimdal Next-Gen Antivirus detected and eliminated 74% of the malware downloads, without any ability to direct the browser away from dangerous pages. Heimdal Threat Prevention blocked access to 56% of the malware-hosting pages, with no ability to recognize and eliminate the malware payloads. I assumed that Heimdal Premium, equipped with both abilities, would do much better…and it did.
Preventing the browser from ever opening a dangerous page is a great way to keep malware out, and Heimdal Premium did so for 58% of the verified malware-hosting URLs. It wiped out another 33% by silently aborting the malware downloads. My only clue was that the download failed with one of several error messages, but the activity log showed Heimdal did the job. The premium product’s total score of 91% is vastly better than what either of the half-antivirus products did.
Even then, 91% is barely enough to get a product into the top half, score-wise. Using a combination of browser-level blocking and real-time scanning, McAfee earned a perfect 100% score. Bitdefender, Sophos Home Premium, and G Data all managed 99%.
Poor Phishing Protection
Phishing websites masquerade as financial sites or other sensitive sites with the sole aim of tricking poor schmoes into giving away their login credentials. There’s no high-tech operating system chicanery involved, just fooling unwary web surfers. Heimdal’s special defenses against modern malware attacks don’t apply when phishing is involved. I didn’t have to test Heimdal Premium separately from the Threat Prevention product, because the file-level antivirus doesn’t bring anything to the antiphishing party.
To test an antivirus product’s ability to detect phishing, I start by gathering hundreds of reported frauds from websites that track such things. I divide my attention between verified phishing frauds and sites too new to have hit the blacklists. With fraud list in hand, I launch each URL in four browsers at once. The product under test protects one of the browsers, of course. The other three rely on the protection built into Chrome, Edge, and Firefox.
Heimdal earned a seriously poor score in this test, 44% detection. Very few products have managed to score lower. All three of the browsers proved significantly more effective than Heimdal. At the top, F-Secure Safe and McAfee AntiVirus Plus detected 100% of the frauds presented to them.
See How We Test Security Software
Simple Firewall
Heimdal Premium Security naturally includes the same firewall component as Heimdal Antivirus. This component comes with both simple and complex settings. By default, it allows all outbound network and internet traffic and blocks all unsolicited inbound traffic. Simple! In testing, it correctly put all ports in stealth mode and fended off port scan attacks. Note, though, that Windows Firewall handles those tasks just fine.
The other half of a personal firewall’s job is to manage network permissions for the programs on your system. Some products handle this by popping up to ask you, the user, for a make security decision each time a new product attempts network access. Others, like those in security suites from Norton and Kaspersky, make their own decisions. With Heimdal, program control is left as an exercise for the user, without even the usual popup prompts.
To create a firewall rule, you start by picking a name and the program involved, and choosing the ports controlled by the rule. You define it as a rule that blocks or allows activity, and indicate whether it affects TCP, UDP, or both. Really, if you’re not a network expert you shouldn’t meddle with firewall rules.
In an enterprise setting, having a firewall that falls under the IT department’s remote control is a big plus. For consumers, the firewall doesn’t offer much beyond the built-in Windows Firewall.
A firewall’s protection means nothing if malicious code can simply turn it off. Most firewalls include self-protection code that keeps other processes from terminating them. I used a task killer utility to terminate Heimdal’s eight processes, with apparent success. However, the processes sprang right back into action, and I verified that protection was still active.
I didn’t have any trouble stopping Heimdal’s active Windows services, though. And setting the startup type for all 10 services to Disabled ensured their protection wouldn’t return on reboot. It appears that if a malware attack slipped past Heimdal’s layers of protection, it could permanently disable that protection by manipulating the configuration of its services.
Powerful Software Updater
Software isn’t perfect. Persistent hackers often find security holes in widely used programs, vulnerabilities that they can exploit to compromise the security of any PC that has the vulnerable program installed. The developers quickly gin up patches for these security holes, but until you get around to applying the patch, you’re exposed. Heimdal’s X-Ploit Resilience feature checks over 100 popular programs to make sure they’ve got all the latest patches.
My antivirus test systems aren’t loaded with apps, but Heimdal did identify Chrome and Firefox as programs subject to its care. As soon as I enabled monitoring for these two apps, the list changed to report that Chrome was fully patched, but that Firefox wasn’t.
When I set both programs for automatic update, Heimdal immediately started applying the necessary Firefox patches. If you use this product, you absolutely must take the one-time step of turning on monitoring and automatic updates. After that, you can check the history report from time to time to see what got updated.
Scanning for security vulnerabilities is a feature found in other antivirus tools. Avira Free Security identifies apps that lack security patches, for example, as does Avast Free Antivirus. In both those cases you must upgrade to a paid edition if you want patches applied automatically. Heimdal goes a step beyond the competition with the ability to install and monitor new applications.
When you choose One Click App Install, Heimdal lists over 100 covered programs, from 7-Zip to Zoom. Just click the Install button and it gets to work in the background, silently installing the app you chose and configuring itself to keep that app updated.
Complete, But Expensive
Heimdal Premium Security Home does everything an antivirus should, and it brings along a simple firewall and an advanced patch management system for lagniappe. It’s a complete solution, where Heimdal’s other two consumer-facing products each bring just half of what you need. Even so, it’s not the best possible choice for antivirus protection. None of the labs we follow vouch for its malware-fighting skills, and it earned mixed scores in our hands-on testing. On top of that, it costs more than all our Editors’ Choice-winning antivirus tools.
Bitdefender Antivirus Plus and Kaspersky Anti-Virus both consistently earn top marks from multiple independent labs. A single McAfee AntiVirus Plus subscription protects all devices in your household. And tiny, speedy Webroot SecureAnywhere AntiVirus can reverse any damage done by malware, including ransomware. Best of all, these Editors’ Choice winners cost substantially less than Heimdal.
[ad_2]
Source link