Microsoft's free Security Essentials anti-virus tool goes live
Free anti-virus protection for Windows, in one form or another, has been available for quite some time. In fact, these days it's been used as the virtual equivalent of the retail "doorbuster," enabling security companies to plant their brands on users' systems. It's a strategy pioneered by Ad-Aware and ZoneAlarm (now part of Check Point Systems).
But Microsoft -- at least ostensibly -- is not a security company, and becoming recognized as a security provider at this stage of its history would actually be more difficult than for most other software producers. Still the company has gone forward just hours ago with the live distribution of Security Essentials, its free and basic anti-virus system for Windows.
Although Microsoft does produce an enterprise-class security package, Security Essentials -- while incorporating part of Forefront's detection engine -- is not a stepped-down version of Forefront, or a "good" or "better" option to Forefront's "best." So Microsoft's intentions with Security Essentials are clearly not to make room for itself as a consumer security provider.
Instead, Security Essentials could change the market in two ways: First, it could moderate the impact of security software companies that draw attention to Windows vulnerabilities by scrimmaging over every major and not-so-major threat that comes along. Second, SE could improve Microsoft's reputation for being responsible for the seaworthiness of its own principal product.
Both of these effects on the market could contribute toward one very important end goal: avoiding the characterization among consumers of Windows Vista -- technically a much more secure operating system than Windows XP -- as relatively insecure. Other than its fortress icon, Security Essentials stays very much in the background. And in Betanews' experiences with the SE beta over the past two months, its impact on our everyday work in Windows 7 RTM was not noticeable, and quite possibly not even measurable.
"Not noticeable" appears to be Microsoft's goal with Security Essentials; while other free packages are designed to be in-your-face to some extent (case in point, using system tray icons to report from time to time, "Your system is being protected!") it seems Microsoft would be happy if SE's users actually forget it's there. In paragraph 2 of the company's statement on SE this morning, consumer security general manager Amy Barzdukas summed up SE's key virtue with the following few words: "It won't get in their way."
As an experiment, we ran several batteries of Web browser performance tests in Windows 7, once with Security Essentials turned on, and once with it disengaged and removed from memory. Performance times for major Web browsers, including Internet Explorer 8 and Mozilla Firefox, were sometimes equal; and in the SunSpider test, browsers were slightly faster with SE turned on.
The reason, we suspect, may have to do with the quad-core processor of our physical test system (Intel Core 2 Quad Q6600). SE does appear to use parallelism quite well; on our CPU usage meters, while ordinary processes tend to favor Core 1, during system scans, SE tends to start with Core 1 and then shift over to Cores 3 and 4. Third-party antivirus packages we've seen are not nearly as adept with parallelism; even Sophos (one of my personal favorites) generates a measurable, if negligible, performance hit on Windows 7.
Microsoft has begun playing down, however, what it had touted as SE's key feature early in the beta process: a system called Dynamic Signature Service (DSS) of detecting and sharing threat assessments in real-time with a network of other security providers. DSS is still being portrayed as central to its Forefront commercial product; but Microsoft may have decided that, in the best interests of its goal to not get in anybody's way, it may be better to turn down the volume on the message that 20 or more partners are looking into all the anomalies your system may be reporting.
Security Essentials can co-exist on some Windows users' systems with Microsoft Defender, which is being re-cast as an anti-spyware program in the vein of Ad-Aware. Some users will, no doubt, be confused by the fact that SE frequently needs definition updates for itself (and can update itself), while Defender still alerts Vista and Win7 users in the background through Windows Update (when it's set to explicitly notify prior to updating). That, ironically, may be the most frequent occurrence of SE getting in users' faces. Until then, Microsoft is hoping that customers who've had enough about being reminded of potential insecurities, may be willing to spend a few moments of their time to invest in a new flavor of security tool: fire-and-forget.