Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Thursday, 17 October 2013
Webroot Proves 'Secure' Need Not Mean 'Slow'
Back in the dark days of 2005 and 2006, many computer users started noticing an unpleasant phenomenon. They'd install a recommended security suite only to find that ordinary activities got sluggish, or worse. Norton had a particularly bad reputation for hogging resources. Some people were permanently traumatized by the experience; to this day, they believe that installing a security suite will bring their daily computer use to a grinding halt. Well, it just ain't so, not anymore. One suite in particular is both crazy small and crazy lightweight, but suites in general are doing much better.
Measuring Performance Impact
Starting five or six years ago, security vendors got the message. It's not enough to pile on code for protection against phishing, malware, spam, and exploits. They also needed to streamline that code, make it as efficient as possible, and look for every possible way to limit use of system resources. And they're succeeding!
I run several tests to evaluate what impact a suite's protection has on system performance. One script moves and copies a ton of huge files between drives. A suite whose real-time antivirus spends too much time checking these files might slow down that process. The same might happen to another script that zips and unzips this same collection. I time ten or twelve runs with no suite and average the result, then do the same with a security suite installed. Recent suites have averaged a 20 percent increase in time required for the move/copy test, and 16 percent for the zip/unzip test, which is nothing compared to the bad old days.
Getting all of those security services running at startup can take time, so I also measure boot time with and without a suite. This one's a little harder, because a number of modern security suites will let the user trade security for speed by choosing to delay the launch of some security components. If there's a choice, I always switch to maximum security. The average modern suite slows the boot process by 24 percent. Give that might mean the system boots in a minute and a quarter instead of a minute, again that's not so bad.
The Tiniest Impact
I find that some security suites run ten or fifteen distinct processes and services. A few actually install and run multiple separate modules—Trend Micro Titanium Maximum Security 2014 is an example. At the far opposite extreme is Webroot SecureAnywhere Complete (2014), with just one process. Not surprisingly, Webroot has less impact than any other suite in my tests.
Webroot also takes less space on disk than any other suite I've seen. The installer (which is the same for all Webroot products) is about three quarters of a megabyte in size, and Webroot SecureAnywhere Antivirus (2014) takes barely more than that once installed. Even with all of the additional features in the full Webroot suite, it's still less than 100MB on disk.
I spoke with Joe Jaroch, a VP of Engineering at Webroot, about just how this is possible. Jaroch explained that the designers always look for ways to re-use code. The same antivirus code that checks for a changed file can be used by the backup system to identify a file that needs to be re-synced, for example. Also, as much of the malware analysis process as possible occurs in the cloud, not on the local system. He noted that the user interface is almost entirely created using drawing commands, not by stored bitmaps and other resources.
However they manage to do it, Webroot is definitely the smallest suite around, with the lightest performance impact I've measured. Sure, it does omit spam filtering and parental control, but not everyone needs those. If you're still traumatized by the days of big, resource-hogging suites, Webroot may be just what the doctor ordered
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment