Trend Smart Surfing for Mac 1.0
Company: Trend Micro
Price: $49 for 12-month subscription
Working with Trend Micro’s Trend Smart Surfing for Mac security suite brought to mind my all-time favorite food prep appliance – the Showtime Grill from legendary inventor/huckster Ron Popeil. Like the Showtime, TSSM is pretty much a “set it and forget it” proposition that just works, a welcome entry into a field where security software is often difficult to configure, overly intrusive and CPU-intensive.
Trend Micro’s reviewer’s guide to TSSM asserts that it was built for Mac from the ground up, as opposed to simply porting a Windows app to the Mac. If you’ve read any of my other reviews, you’d know that approach scores big points with me, and based on my experience throughout the installation and setup process, I can confirm that TSSM is an upstanding Mac citizen from top to toe. But what most impressed me about this app is that, as previously noted, it truly does operate on a “set it and forget it” principle. As long as you’ve got a G4 or newer Mac, and you’re using OS X 10.4.11 or 10.5.5 or higher, you can just run the installer, then go about your business while TSSM watches out for malware, phishing scams, viruses, and malicious Web sites.
If you can operate a light switch, you can configure the basic protection settings for Trend Smart Surfing for Mac. The settings are password-protected using your Mac’s administrator account, saving you the trouble of having to memorize yet another password.
Then again, maybe you’re one of those people who just loves to immerse yourself in all the gory details of a program’s inner workings. If so, rest assured that TSSM will let you tinker with its settings to your heart’s content. If you’re not satisfied to simply accept the basic Web threat detection settings, or if you want to block specific sites from being accessed by other users of your Mac, a trip to the Web settings area will allow you to adjust precisely how aggressive you’d like TSSM to be when detecting Web threats. The Website Filter enables further customization by enabling you to block entire categories of sites from a broad spectrum of content areas including Adult (nudity, gambling, illegal drugs, violence), Social (personals, dating, occult, activist groups), Computers/Bandwidth (ringtones, software downloads) and many more. And if all that’s not enough, you can use the “Approved Websites…” and “Blocked Websites…” to configure access at the individual site level.
Using TSSM’s Website Filter, I’ve just blocked access to all online trading from my computer. Or, as TSSM puts it, in its breathlessly hyper-technical vernacular, I’ve prohibited viewing of “Sites that promote/provide information/means to trading of securities/investment of assets/insurance (online/offline)”.
I know what you’re thinking…Is TSSM really going to block me from visiting eTrade.com? How will it know how to do that? How will I know it’s working? Here’s the answer, in the form of a very polite, descriptive and helpful browser-based message that tells you what’s been blocked, why it’s been blocked, how to un-block it, and also how to request that the nice folks at Trend Micro confirm that the site truly should have been blocked in the first place.
Further customization of TSSM is available via the “Scans” settings area, which controls what gets scanned during the automatic, on-demand and scheduled scanning sessions that check for viruses and other assorted malware. The default “Smart Scan” setting “quickly checks for malicious software in the places where it tends to hide,” while the Custom Scan allows you to specify what gets scanned. The Full Scan checks your entire drive, the most thorough but most time-consuming option. The Scan Preferences button allows you to determine whether scanning will occur automatically whenever files are opened, when a scan is initiated manually by you, and/or according to a preset schedule. You can also decide how you want TSSM to deal with any infected files it discovers, specifying that they be deleted immediately, cleaned, quarantined or passed over, and you can even set first and second actions independently, meaning that you can have the program attempt to clean infected files first, then dispose of them if they can’t be rehabilitated.
In my testing, I set TSSM’s Automatic Scanning to first attempt to clean any infected files it found, then quarantine them if they couldn’t be cleaned. As I’m quite vigilant about viruses and malware, I didn’t expect any files to be flagged by the program, but sure enough, within a few moments TSSM located two Microsoft Word files from 2006 attached to a couple of old email messages, both of them still infected with the infamous W97M/Melissa.A virus. Unfortunately TSSM was unable to clean the files and I was forced to delete them, although they had long since outlived their usefulness to me anyway.
If at first you don’t succeed…TSSM lets you configure both a first and second action to take when scanning discovers a problematic file. In this case, I’ve set the On-Demand Scans to first attempt to “clean” the file, and if that’s unsuccessful, quarantine it so it can’t do any further damage.
At the risk of getting overly technical while reviewing a Mac security suite designed specifically for novices, I want to highlight two unique aspects of the approach that Trend Micro has taken with TSSM, because I think they represents a positive step forward in the battle to keep ahead of the miscreants that create this malware in the first place. First off, TSSM emphasizes protection from Web-based attacks like “phishing” scams which are far more apt to affect Mac users than viruses or spyware, and provides this protection regardless of which programs you happen to be using. TSSM accomplishes this feat by operating in the space between your applications and the Internet, at the system/network level. What that means to you is that no matter which programs you might be using at a particular time, TSSM is actively protecting you from Web-based threats, even from Web links embedded in instant messages or emails – with no need to install individual plug-ins or add-ons into programs like Safari, Apple Mail, FireFox or iChat.
The second aspect of TSSM’s protection mechanism that’s worth noting is that TSSM (along with all its Windows counterparts) uses a “next-generation cloud-based infrastructure for gathering and analyzing threat data” (a.k.a. the Trend Micro Smart Protection Network). In humanspeak, this simply means that Trend Micro stores up-to-the-minute data about Web-based security threats in an online “cloud,” and each time a Mac user running TSSM attempts to access a Web site via browser, the URL is checked – within the space of a few milliseconds – against the threat data in the cloud, and access is blocked if warranted. This means that you’re effectively protected against new threats the moment Trend Micro detects them; no need to wait for daily or weekly updates to be downloaded to your Mac, which can often come too late to prevent exposure to a brand-new exploit.
So, does TSSM really live up to my initial “set it and forget it” hype? Pretty much so, yes. I encountered a few minor problems with the automatic scanning putting the kibosh on my nightly backup routine; some detective work determined that the issue is actually related to the mounting of disk images followed by TSSM’s immediate attempt to scan them, since it interrupted another automated task that also involves the automated mounting of disk images. Although you can add specific directories and/or individual files to a scan exceptions list, you can’t exclude an entire drive from being scanned, something that would be useful in preventing these kinds of issues when entire volumes are mounted for automated backups or other purposes.
As you might expect, the scanning process impacts the Mac’s performance to some extent while running, but once the scan is completed performance immediately returns to normal. I could find no evidence of TSSM’s “Web Threat Protection” causing even the slightest impact on performance when visiting dozens of sites in rapid succession, even though every URL I visited was indeed checked at the Trend Micro cloud first (said activity confirmed by the ever-useful Little Snitch).
I was also a bit disappointed that TSSM was unable to “clean” the two infected Word files it found, given that most anti-virus utilities (Norton AntiVirus for Mac and Intego VirusBarrier, among others) are capable of repairing files containing infections like the Melissa virus and other macro viruses common to Microsoft products. As this is only a version 1.0 product, I’m hopeful that these issues can be rectified in a future release.
There’s no question that at this point in time, Mac users are far more susceptible to email and Web-based “phishing” threats then they are to spyware and viruses. Given that, I think TSSM just might be the most well-designed and complete protection suite currently available to Mac users, as its approach emphasizes up-to-the-second protection against social-engineering style dangers, while still providing solid virus and spyware protection in a package that has very minimal impact on the Mac’s performance.
Now if you’ll excuse me, I’ve got a 12-lb. turkey roasting in my Showtime Grill…