Eset Smart Security Beta Review
First published—07 April 2007.
Updated—07 January 2008.
Eset Smart Security (ESS) is a newcomer in the world of complex security software solutions for PC. The company is well known for its NOD32 antivirus which has proved to be light on resources and efficient, and now Eset decided to release a more serious solution, combining antivirus, firewall, and anti-spam modules into one package.
Again, I was particularly interested in this due to Windows Vista 32-bit compatibility (how long will it take more for Outpost and ZoneAlarm to catch up?). About screen [screenshot] is telling you the version number (3.0.128.0) and what components you have installed. Please note, Eset Smart Security is in beta stage, so there is no guarantee the final version of ESS will closely resemble the one I’m describing.
What is interesting to mention here is the name of this new package: Eset Smart Security is a rough trademark to me, because I think not many people know “Eset” as a term/name. Besides, “Smart Security” is not a smart name, not convincing at least. Why don’t they call it NOD32 Security Suite (my humble suggestion) or something?
Installation
Installation went well on my Windows Vista Ultimate 32-bit, running on virtual machine (that’s why all the screenshots are in Vista Basic theme).
[screenshot 1]
[screenshot 2]
[screenshot 3]
[screenshot 4]
![[screenshot 1]](img/ess_beta/install_01.png){kind=link}
![[screenshot 2]](img/ess_beta/install_02.png){kind=link}
![[screenshot 3]](img/ess_beta/install_03.png){kind=link}
![[screenshot 4]](img/ess_beta/install_04.png){kind=link}
ESS updated itself successfully and was quickly up and running.
Graphical User Interface
First impression about ESS graphical user interface is good: color palette is pleasing the eye, icons a fonts are neat, naming is consistent (if you think it is obvious, look at the Microsoft OneCare’s interface), etc. What I don’t like about it is that Eset is coping basically the big guys like Kaspersky or Symantec in the interface design, not trying to make a revolution (NOD32 antivirus design was a revolution in a way to me, because it combines the beauty of simplicity and easiness of accessing the setup). What is wrong in this approach to copy big guys? It is simply not efficient, too many text and links instead of control elements. Look at the screenshots of the main ESS screens:
[screenshot 1]
[screenshot 2]
[screenshot 3]
[screenshot 4]
[screenshot 5]
![[screenshot 1]](img/ess_beta/protection_status.png){kind=link}
![[screenshot 2]](img/ess_beta/protection_status_01.png){kind=link}
![[screenshot 3]](img/ess_beta/protection_status_02.png){kind=link}
![[screenshot 4]](img/ess_beta/protection_status_03.png){kind=link}
![[screenshot 5]](img/ess_beta/tools.png){kind=link}
Some information in the dashboard is redundant by definition: why would a home user need to know the percentage of infected objects?
I would suggest we see how much CPU power we spend on security activities in relation to CPU “normal” load, for instance. Or, to see what file types are most time-consuming to check. Or something like that. Show me something interesting instead of this sleep-inducing percentages.
Firewall
I quite like ESS firewall, although I have to say something about the design again. Fist of all, why do they call it “personal firewall”? What kind of relationship is described by that “personal” definition? Is it in the sense that it serves only one PC? But then it should be the same for the anti-spam module, no? Look at this screen: [screenshot]
![[screenshot]](img/ess_beta/firewall_01.png){kind=link}
What really irritates me is those links style like “Block all traffic”, etc. How do I know they are links and not just a text in different color? Make them underlined or make buttons for them. Again, it is just a humble suggestion. ESS firewall has a nice user-interaction dialog for outbound connection, descriptive and easy to understand:
Inbound alert is equally good. Red color I think should represent a higher level of danger, but it is not indicated:
You can monitor the current connections [screenshot] with sufficient level of details. What I really like is the Firewall setup (and ESS setup interface in general).
![[screenshot]](img/ess_beta/connections.png){kind=link}
On the other hand, I’m not sure why would a regular home user need to deactivate protection for CodeRed worm detection or Sasser worm detection. [screenshot] To me it is like to have a button in the car to switch off the airbag. Weird stuff, but, of course, it is good to have the control. I did not try any leaktests. I assume it is a decent firewall, giving the seriousness of Eset as a security provider.
![[screenshot]](img/ess_beta/firewall_setup.png){kind=link}
Antivirus
I expected to find good-old NOD32 antivirus engine under the ESS hood, and, although I can not say for sure, I think that is the one.
I observed a very annoying quirk with NOD32 antivirus in Windows Vista 32-bit (not sure if it is found in other OS): when you finish downloading file from the internet there is a huge time gap (up to a few minutes, depending on the size and file type) before the file becomes available. This time is occupied by the antivirus (I assume) for checking the content, but somehow it takes a way too long. So the same repeated in ESS to me. [update: this bug could be directly related to Windows Vista, so it is not a statement, just observation ] But OK, giving the protection is solid, it is not a big deal to wait, just annoying. I fed my usual virus testing collection to ESS and started watching the alert screens one after another: [screenshot]
![[screenshot]](img/ess_beta/alert_01.png){kind=link}
Then, surprise – surprise, I found a well-known Sasser virus packed with ASPack being ignored by ESS antivirus. Puzzled I went to the setup. What I found in the setup for the “real-time file system protection” [screenshot] was quite strange — in the “ThreatSense engine parameter setup” runtime packers were deactivated by default:
![[screenshot]](img/ess_beta/real_time_protection_01.png){kind=link}
As explained in ESS help: “After executing, runtime packers (unlike standard archive types) decompress in memory. In addition to standard static packers (UPX, yoda, ASPack, FGS, etc.), the scanner supports (thanks to emulation of code) many more types of packers.” So, this setting is responsible for missing the Sasser in my case.
After selecting this option and running the check again, ESS managed to kill the monster. There was another disabled option — “Advanced heuristics” [screenshot], but I do not know what the effect is.
![[screenshot]](img/ess_beta/real_time_protection_03.png){kind=link}
Conclusion
It is too early to say something definite with regard to Eset Smart Security at this stage of beta testing as the form is shaping. To me it can be very interesting, giving the good experience in the past with NOD32 antivirus. I would only suggest Eset streamline the interface and add advertising filtering and active content (Flash, etc.) filtering. Then it can be a real hit in Security Suites for Windows Vista.
Make it cool, like NOD32 is.
Popular Searches
Windows Vista Firewall Outbound Protection