PROS / The Norman SecuritySuite accommodates beginners and experts.
CONS / There is no online support chat.
VERDICT / The firewall requires some improvement in order to remain competitive.
Norman ASA (based in Oslo, Norway) develops and markets firewall software in the form of the Norman SecuritySuite. The job of the firewall component of the Norman SecuritySuite is to allow or deny traffic based on security-industry standard practices or on user responses that teach rules to the firewall or on rules configured by security-savvy users.
The firewall can place ports known to invite hacker attempts into stealth mode and it can inspect traffic and identify packets with tell-tale signs of malicious intent. Unfortunately the Norman firewall is not able to hold its own when subjected to advanced hacker techniques.
Additional Security Features
Because of stateful inspection of incoming/outgoing data packets, the firewall can detect and report Trojans and spyware. However it is not the job of a firewall to quarantine or remove poisonous material, which is why the Norman firewall is part of a security suite that knows what to do with malware.
The vendor offers a free service to allow clients to upload files suspected of being malicious or infected to the Norman Sandbox at Norman’s corporate website. Norman analyzes the suspected file and then emails the results to the user. The Norman Sandbox aggregates statistics for all received files and provides a list of malicious software on a rolling seven-day basis to reveal current tendencies.
Ease of Use
The Norman Security Suite is easy to use because it can protect inexperienced users from unnecessary complexity. For example, after installation, a wizard guides the user through the configuration process. (Users can exit the wizard by clicking “Finish,” however the result will be that the wizard grants internet access to every application that it locates and assigns default settings.) The configuration wizard prompts for experience level. Selection of “Inexperienced” gives permission to the firewall to make several decisions on behalf of the user and maintains a minimal level of user interaction with the firewall. Selection of “Experienced” offers the user more advanced options for setting up and using the firewall. Selection of “Inexperienced” leads to a choice between “Basic Mode” and “Normal Mode.”
The basic configuration mode protects against incoming attacks only and allows all traffic (unless the traffic type has a rule associated with it that requires it to be blocked). The normal mode prompts for unknown traffic with a popup to display the application name and details. The user can create rules that apply to the specific session, or rules that apply permanently. The normal mode can be allowed to follow default rules, or the user can opt to perform further configuration such as selecting the allowed web browser(s) and email client(s). The wizard prompts for network resource options to allow Windows file sharing and network printers and then asks which other applications should be allowed. When the user clicks “Finish,” the wizard creates the rules and readies them for use.
Firewalls regulate computer access to the network by denying or allowing server privileges and outgoing applications. Whether the rules are established manually or by default or as a result of responding to connection alerts, it is possible to edit the rules. The Norman Personal Firewall’s rule wizard permits creation of new rules and modification or deletion of existing rules. The product is simple when it needs to be but provides advanced capabilities for users who can utilize the complexity.
Help & Support
The Norman web site contains remarkably high-quality tutorial videos and an online knowledge base. Users can follow Norman on Facebook and Twitter. Email support is free. Telephone support is available in the United States from 8:30am to 5:30pm (Eastern) for $20 per incident. It is easy to reach a knowledgeable and helpful professional at Norman Data Defense Systems in Fairfax, Virginia (Norman ASA’s United States subsidiary).
Note that the online-order process forces acceptance of automatic renewal, which can be canceled after order completion. If the automatic renewal is canceled, the user is required to manually renew the subscription prior to its one-year expiration date. It is difficult to find fault with the automatic renewal default because leaving such an important renewal up to human memory is bound to produce security lapses.
The product successfully incorporates a dual personality in order to accommodate the requirements of security novices as well as security gurus. The vendors provisioning of a safe place to test suspected malware in the online Norman SandBox is a valuable service. When hackers unleash new threats, it often takes firewall vendors a day to release the signature into the product database of known threats. Because of the Norman SandBox service, users can get ahead of the curve and receive protection in advance of the vendor’s official identification and release of the signature file.
When we tested the firewall in a general way using the Nmap port-scanner utility, we confirmed that it is able to block and filter ports and go into stealth mode. Unfortunately the creativity and expertise of hackers increases with each passing day and tests appropriate even a few years ago are no longer useful. When the Norman SecuritySuite is tested with current-generation hacking tools, it displays some weaknesses.