Norton Internet Security 2010 has a comprehensive set of features, top-notch malware detection, and reasonable speed. Updated, 9 April 2010.

Norton Internet Security 2010 has been investing in technology that detects malware by its behaviour, and it shows in this release, further bolstering this historically strong performer.

The Norton Internet Security 2010 interface is nicely laid out, but its peculiar use of colour (a black main window with orange accents) makes it tough to read. The left panel displays a CPU performance gauge, which may or may not be useful to you. The middle column has three sections: Computer (for desktop operations), Network (for connections to the Internet or other PCs), and web (for browser protection settings).

The right column shows configuration options for each of the three subsections. The problem is that the notifications, in green and red text, were sometimes hard to see against the black background. Norton was one of the top performers in detecting and cleaning up active malware infections on a PC. It found all the bad software, disabled 93 percent of it and removed all traces of two-thirds of the software - the best scores of any product we tested.

Norton Internet Security 2010 detected 93 percent of inactive rootkits, but detected and removed all active rootkits. This is a very solid score for this test, but rivals McAfee and Kaspersky both achieved perfect scores across the board here.

On the other hand, Norton Internet Security 2010 was the only suite we tested that achieved a perfect score in detecting, disabling, and removing malware using behavioral scanning (detecting new and unknown malware based solely on how it acts on a PC). This is a good test for judging how well a product can detect and disable brand new, unknown malware.

Norton Internet Security 2010 did well in our tests for old-style signature-based malware detection, finding 98.4 percent of samples. By comparison, however, McAfee Internet Security, the top performer on this test, detected 99.9 percent of samples. Signature-based detection is useful for detecting older malware, but it's less important than it once was given the huge number of new malware outbreaks.

Despite improvements over the years in performance, Norton Internet Security 2010 did slow our test PC at boot, taking 3.9 seconds longer than the average startup time. But we experienced minimal drag in day-to-day desktop operations. Norton's scan speeds were decent, but not outstanding; it took 4 minutes, 14 seconds to scan 4.5GB of data in our on-access scanner test that judges how quickly the scanners work when you're opening or saving a file.

One annoyance with Norton Internet Security 2010 is its use of proprietary names like Quorum, Sonar, Insight for security technologies that it doesn't explain very well. For example, on the Symantec knowledge base search page we received this message: "Our search engine was unable to find any pages related to quorum." For the record: Quorum is Symantec's cloud-based detection engine that assigns a reputation to programs based on several factors; Sonar is Symantec's behavioral-detection technology; and Insight provides up-to-the-minute data on malware collected from other Symantec users.

NEXT: our review of Norton Internet Security 2010 from September 2009 >>