Best Antivirus Solution for Home PC – Windows 10 – Review 2017

This article and its references are very specific to Home computers running Windows 10 OS, if you are looking for some other operating system, then you should refer somewhere else.

In the recent times, we have heard enough about cyber threats and data leakage. None of us want to be hacked. Everyone wants to have the best antivirus solution in their personal computer to protect their data, email, social networks, browsing information, …etc. There are few independent organizations – av-test.orgav-comparatives.org and se-labs.uk who perform comparative tests and reviews for antivirus software, antimalware tools and security software. We reviewed all of their reports, summarized them and recommend you these best antivirus solutions – ‘Kaspersky Lab Internet Security 2017′, ‘Avira Antivirus Pro 2016’ and ‘Bitdefender Internet Security 2016 & 2017’ for your Windows 10 OS Computers at home.

All home user looks for 2 objectives on their antivirus solution, first is to have full protection to their computer and secondly, no degradation of their computer performance.

In order to gain full protection benefit of antivirus solution, it is very important that you should be running an up-to-date windows 10 OS and more up-to-date third party software (e.g Adobe reader, Microsoft Office) in your computer. Remember that all the test result of these independent organizations are performed on up-to-date computers and not on pirated or outdated computer. Hence, in order to minimize the risk of being infected through exploits, keep your computer up-to-date.

Now, lets give you few hints about the second objective and the most common problem reported by users – ‘my antivirus is slowing down my system’. But users need to understand that other factors also play a role in system performance, and if users follow simple rules, system performance can be improved noticeably.

  1. Upgrade your PC hardware. You shouldn’t be running a ten-year-old hardware. If possible, buy a PC that meets minimum requirements of OS and software running on it, atleast 4GB Ram, multi-core processor and run only one security real-time protection program.
  2. Clean up the unwanted content of your hard disk. If your hard disk is full, your system performance will suffer accordingly. Leave at least 25% disk space free.
  3. Defragment your hard disk regularly. A fragmented hard disk can have a big impact on system performance as well as considerably increasing the time needed to boot up the system.

Having said all these tips, lets look at few international reports for choosing best antivirus solution –

AVTEST  – A Strong Player in the Field of Antivirus Research for Over 15 Years. The AV-TEST Institute is a leading international and independent service provider in the fields of IT security and anti-virus research.

The aim of the research work carried out by AV-TEST is to directly detect the latest malware, to analyse it using state-of-the-art methods and to inform our customers of the top-quality results obtained.

 

Kaspersky Lab Internet Security 2017 provides 100% protection against 0-day malware attacks and 99.9% detection of prevalent attacks, without compromising PC performance. As per AVTEST report, there was 1 false alarm, but that’s fine, it is not going to harm you anyway. All we want is total protection and best PC performance.

Avira Antivirus Pro 2016 has failed in 0.3% of its sample tests of prevalent malware detection, however its protection is 99.7% which is above the industry average. Additionally, your PC performance is no way affected and no false alarms.

Bitdefender Internet Security 2016 & 2017 provides 100% PC protection against 0-day malware attacks and prevalent malwares, however user may experience slight slowness in their PC performance. If you are more concerned about security and accept slight reduction in PC performance, go ahead with Bitdefender without hesitation.

 

AV-Comparatives is an independent organization offering systematic testing that checks whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Certification by AV-Comparatives provides an official seal of approval for software performance which is globally recognized.

AV-Comparatives works closely with several academic institutions, especially the University of Innsbruck’s Department of Computer Science, to provide scientific testing methods.

 

AV-Comparatives report that Kaspersky Internet Security 2017, Avira Antivirus Pro and Bitdefender Internet Security were succeeded in detecting 99.9% of malware files.

There is some contradictory to AVTEST and AV Comparatives results on PC performance test especially on Kaspersky. As per AV Comparatives, use of Kaspersky will cause some impact on system performance and use some percentage of system resources, compared to Avira and Bitdefender. However, you no need to worry, AV Comparatives (reference link) awarded Advanced+ (highest grade) to Avira, Bitdefender and also Kaspersky for PC performance, so 5.4 is probably too low value to worry.

Hope this article helps you to choose best antivirus for your home PC. And we assure that we update this article as and when new reports were released by these major av tests organizations.

Real-World Protection Test July – November 2016′ report of www.av-comparatives.org is not considered as the tests were performed under Windows 7 Home Premium SP1 64-bit.

SE-Labs report is also not considered as we couldn’t find out the OS on which their tests were executed.

 

We welcome your feedback and stay SECURE !

Check if your server is vulnerable to FREAK Attack

FREAK Attack, a new SSL/TLS vulnerability that allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weak encryption, which the attacker can break to steal or manipulate sensitive data.

Servers:-

Servers that accept RSA_EXPORT cipher suites put their users at risk from the FREAK attack. You can perform free SSL FREAK Check on your HTTPS servers to verify if they accept weak encryption.

Clients:-

Not all Client browsers are vulnerable at the moment, you can keep checking here for update if your Chrome, Firefox, IE or Safari browser is vulnerable. If possible, keep your browsers uptodate with latest version. You can perform free SSL FREAK Check on your client computer to verify if they accept weak encryption. You need to click on 2 links provided on this website and if the page loads, then you are vulnerable!

References:
https://www.smacktls.com/#freak
https://freakattack.com/

 

Configure inter-vlan routing in Paloalto Firewall

When I need to implement inter-vlan routing in a small/branch office, I prefer the firewall to do instead of a Layer3 switch for the following reasons

– you do not need a high cost Layer 3 switch in small offices

– you can configure port/application level access from 1 VLAN to another so you do not need to blindly open all access between VLANs and avoid unnecessary traffic flows

– firewall has in-built features like Dashboard which let you review access logs between VLANs in the readable format(Who access what), where as you need a syslog server to review logs of Layer 3 switch

so here I am working on PA 200 firewall to configure it as a one arm routing, also called as router on a stick.

Paloalto firewall-Inter-vlan routing diagram

Paloalto Firewall Configuration

Paloalto Support has detailed document explaining the steps to achieve inter-vlan routing, Download Paloalto Firewall Design Guide.pdf and view Section 4.8. We do not want to repeat the steps here but one thing we want to convey is configuring inter-vlan routing in Paloalto Firewall is so simple. All you need to follow are these 2 steps –

1) Configure interfaces, sub-interfaces and VLANs (I have attached a screenshot as an example from one of my PAFW)

2) Allow traffic from one zone to another in Security Policies and you are done in PAFW.

Paloalto-subinterface-interlan-routing

Switch Configuration

Configure the switch port as

(config)# interface gi 0/24

(config-if)# switchport trunk encapsulation dot1q

(config-if)# switchport mode trunk

Review of Web based Password Manager

Web based Password Management Tools such as Password Vault Manager provide easy and secure management of all your passwords and sensitive information in a centralized location. When you first evaluate these web based tools, they look to be a perfect solution for your core issue of password management in your organization. They provide plenty of features and very specifically

* Centralized storage of your passwords in MS SQL Server / mySQL or any other free database.

* Passwords are encrypted and stored in databaes

* Integrate with your Active Directory and apply restrictions

* Web based interface

and so many eye-catching features…

But think about what will happen during disaster situation, say your Password Management server crashed all of a sudden? You lost access to all your passwords! You then need to prepare a database server, restore your database from backup to finally get access to your passwords. Doesn’t it sound hard during disaster?

Paloalto Firewall Commands Reference

Group-Mapping:

1. view the state of Group Mapping whether any error occurred:

admin@HNSPAFW (active) > show user group-mapping state all

2. View list of Active Directory members synced with PA: say you have newly added a user to an internet access group in AD and want to check that it is reflected in PA

admin@HNSPAFW (active) > show user group name “hsngroup.net\level-internet-access-group”

3. Refresh members of specific AD Group in group mapping: say you have newly added a user to an internet access group in AD but he is still not able to browse, then refresh Group Mapping, below command doesn’t affect your existing traffic

admin@HNSPAFW (active) > debug user-id refresh group-mapping …………

4. Refresh members of all AD Groups in group mapping: below command doesn’t affect your existing traffic

admin@HNSPAFW (active) > debug user-id refresh group-mapping all