During product preparation several competitor offerings were considered and analyzed - firewalls, security suites systems, which position themselves as proactive in defence and HIPS systems. Combination of in-hosue innovative developments and results from analysis gathered through the industry allowed to jump onto a new level of protection for personal users, whereby offering even more hardened and less annoying computer protection from all types of electronic threats - malicious programs of different types, hacker attacks, spam mailings, program-root kits, phishing emails, advertisement popup windows etc.
WHAT'S NEW IN KASPERSKY 2011:
New in protection:
* The Sandbox technology, which uses virtualization methods to create a safe environment for running applications (Safe Run for Applications), has been significantly improved. The application now features the option to run suspicious applications on a dedicated virtual desktop, which ensures reliable protection of the operating system. Safe Run for Websites (safe browser), which protects data being entered by the user, has been implemented to allow handling websites that require entering confidential information.
* The scope of the Web Anti-Virus component has been expanded thanks to the new modules that had been added:
- Online Banking identifies banking websites and allows the user to switch to Safe Run for Websites, which has been designed to handle this sort of web resources.
- Safe Surf consists of previously implemented Kaspersky URL Advisor enhanced with a new mode of blocking websites with high threat rating calculated by Kaspersky Lab. When this mode is enabled, access to dangerous websites will be blocked. When viewing unknown websites, the component will offer the user to switch to Safe Run for Websites.
- Geo Filter lets you block or allow access to regional domains depending on their infection level.
* A new technology named Wisdom of the Crowd has been implemented; it provides information about applications usage frequency and data on trust group distribution among the participants of the Kaspersky Security Network service. This information allows making a weighed decision when assigning a trust status to a new application.
* Users of Microsoft Windows Vista and Microsoft Windows 7 can enable Kaspersky Gadget, which displays the computer protection state and allows scanning objects for threats.
* System Watcher has been added, a new protection component, which analyzes file, registry, system and network activities on the computer, while collecting information about events detected by other protection components.
If any dangerous activity in the system is detected by Proactive Defense or File Anti-Virus (or in the course of virus scan), System Watcher rolls back the actions that have been performed by malicious programs.
System Watcher contains patterns of dangerous activity (BSS). Those patterns allows detecting both dangerous and suspicious activities on the computer. If any suspicious activity in the system is detected based on the patterns (or by Proactive Defense), a notification with information about the event is displayed on the screen.
* A new technology, which has been designed to run tasks on an idle computer, allows performing resource-intensive tasks, such as automatic update, scan of system memory, and scan of objects for rootkits, while the computer is turned on but remains idle.
* To improve reliability of the application, it provides protection against interception of DNS requests and substitution of network node addresses.
* In addition to HTTP traffic scan, Web Anti-Virus also scans FTP traffic now.
* Since new mail clients (such as Microsoft Live Mail) appear, Mail Dispatcher functionality is no longer supported.
What has been improved:
* The HIPS (Host-based Intrusion Prevention System) technology designed for controlling applications' activity has been significantly improved, which allows applying a unique set of restrictions and rules to an individual application, blocking run of untrusted applications until Kaspersky Internet Security is started, and excluding specified objects from the list of resources that should be controlled. The range of the application's privileges has been extended; a more accurate algorithm is now used to define application statuses.
* The Parental Control component has been enhanced and improved to better ensure control of messaging via social networks and IM clients, blockage of messaging with unwanted contacts and transfer of identity data, and restriction of computer and Internet usage time, file downloads, and run of various applications.
* The technologies of the Anti-Spam component have been enhanced. The image processing technology has been brought up to a new level of quality, the size of the databases has been reduced, and the text filtering technology for non-Latin languages has been improved.
* Advanced disinfection technology has also been improved. The AVPTool utility can be downloaded now. It scans the computer if any errors have been encountered when installing the application, thus giving rise to suspicions that the computer had been infected.
Thanks to a more efficient processing of installation errors detected when the computer is suspected of being infected, the rollback procedure has been improved for installation complicated by errors.
* The Rescue Disk creation service has been improved: an ISO image file can now be recorded on a CD or a USB data medium. The option to work in text mode has been added. When booting the system from the Rescue Disk, startup objects are scanned, in addition to boot sectors and file systems.
* The scope of the Kaspersky Security Network service has been extended. Protection and reliability of interaction with Kaspersky Security Network have been improved, including proxy server mode.
* The Urgent Detection System (UDS) technology has been enhanced by increasing the speed of adding new threats into the database and by improving the algorithm of UDS access.
* The application now scans the system for rootkits with higher efficiency. The new updatable component allows detecting a greater number of rootkits and adding entries of new rootkits into databases with a shorter response time. Fully updatable disinfection logic ensures quick counteraction to new types of rootkits.
* The Anti-Phishing technology has been enhanced thanks to use of analysis of images, HTML pages and URLs, as well as linguistic analysis of text content in messages.
* News Agent has been optimized still remaining the main tool of news delivery initiated by Kaspersky Lab.
* Automatic downloading and installation of a new version of the application have been implemented in addition to notification of release of a new version.
What's new in the application interface:
* The application interface has been optimized to simplify usage for beginners.
* Event notifications are completely redesigned to gain more intuitive and informative appearance.
* The context menu that provides access to the main features of the application has become more convenient and better structured.
* Starting from the 2011 version, custom component selection is not supported when installing the application. The application is installed in its entirety. If necessary, individual protection components can be excluded from the application interface.