Most that complain about one or both being resource hogs haven't a clue
that they can install those products without including every component
within (i.e., just say no to all the fluff). Most refer to the suite of
tools rather than focus on one particular component, like the anti-virus
component of which you ask (and even then you can reduce overhead, like
not bothering with e-mail scanning). There are leaner products but most
don't have the same level of coverage (although KAV beats them alas I
haven't info on how many processes it runs and how much memory they
consume).
It's been a year, or more, since I used Norton AntiVirus (and JUST that
product separate of their suite). Even if you install their suite,
consider if you need, for example, their Parental Control component which
loads a large table into memory (so it bloats) and will slow IE a bit to
interrogate the table on every access, including those within a page. A
file server or other enterprise node probably should not be running an AV
program at all, or use an enterprise solution and not some personal
desktop product.
I have found McAfee, in the past, to be too intrusive in that it will do
background scans of updated files despite that I am using the host (i.e.,
it won't shutup when I'm busy) plus their enterprise product pushes
updates while I am busy. Their desktop product isn't any worse than
Norton and no worse than the freebies that I've tried (AVG, EzAntivirus,
AntiVir, etc.). However, there are 2 problems which I consider major that
made me abandon the product:
- Their locally executed web applications (that they use for their
interface) are ran under the Internet security zone. ActiveX control upon
which they rely may not run if you have configured the Internet security
zone to Prompt for running and scripting of AX controls and plug-ins.
Their window is not a full-blown browser so you don't get a prompt. Since
you cannot answer a prompt that doesn't appear, their AX control won't run
and you get a bitch message from them saying to lower the security level
of your Internet security zone. In other words, you have to reduce
security to use their security product. It is amazing that no one at
McAfee knows how to code HTAs (HTML Applications) which provide for
executing local web applications but under the My Computer security zone,
including any objects called within the HTA, like AX controls. There is a
registry hack where you can define the "mcp://" protocol that appears
unique for use by McAfee which is a workaround but I only tested it for
about a week.
- Automatic updates won't work unless you login once to their web site AND
you save their cookie. I don't save cookies except for whitelisted
domains, and I don't whitelist McAfee's domain. Any product that updates
itself shouldn't need a cookie because it is not a secure method of
authenticating a user (i.e., to validate that they have an account) and it
is suspectible to deletion due to cleanup on the user's host. There is no
point in securing the updates, anyway, since they are of no value except
to users of their products.
So unless you want to degrade your Internet security zone (to its Medium
setting) and unless you keep their cookie, their windows to their
interface won't work and you won't get automatic updates. The workarounds
would be to define the mcp:// protocol that McAfee uses to run their local
web applications and to keep their cookie around. I like their core
product but their UI implementation sucks (well, for me, I refuse to lower
security to use their product). Symantec had problems running local web
apps, too, but I believe those disappeared about version 2002.
Just be sure how much bloat you want to install. Use the custom install
to select just the AV product if that is all you want, and then configure
NAV to only enable what features you want. You'll probably want to
disable e-mail scanning, but that is not just a problem with NAV but with
all AV products (NAV, at least, for inbound mails, has an option to send a
bogus X-header to the e-mail client to try to keep it from timing out).
You only mention Norton Antivirus and McAfee VirusScan but often users are
actually asking about the entire suite, much of which is fluff. I wasn't
impressed with, for example, Norton Anti-Spam, and instead use SpamPal
which is free but, hey, something is better than nothing unless you are
one of the lucky few that never get spammed.
You never mentioned WHICH component of each suite for which you wanted
information. As for their firewalls, I found Norton's firewall to give me
better control and information. However, Sygate's Personal Firewall Pro
is better than Norton. Alas, Symantec bought Sygate and then promptly
discarded the firewall to deliberately eliminate a competitor. Although I
use the Pro version, the non-Pro version (which doesn't require a product
key) can still be found for download, and I like it better than Norton's
firewall (which I like better than McAfee's which is mostly a fluff
interface and you can't even watch the traffic as it occurs to see the
connections). Sygate provides IDS (intrusion detection system) even in
the non-Pro free version but since Symantec killed the product means those
signatures don't get updated. To supplant that loss of IDS in the Sygate
firewall (Pro or non-Pro), I use Prevx1 R ("research" version is free).
You could even use Prevx1 by itself as it detects viruses, spyware,
trojans, and other malware but it cooperates with anti-virus and firewall
products. I don't like the minimal firewall-like application rules in
Prevx1 (which only apply against unknown apps) so I still use a 3rd party
firewall. Prevx is planning to add a firewall later. However, Prevx
isn't for the boob because it will popup prompts asking you what to allow,
so you'll have to understand the prompt (and answering Yes or Allow to
every prompt defeats the security so you might as not bother with that
product).
Few anti-virus and firewall products actually protect themselves from
getting killed or suspended by malware (if it manages to get under your
radar and still run on your host). Sygate's firewall (Pro and freebie)
tries some to protect itself but isn't kill-proof. Prevx should help to
discover any malware that runs and pend any action it attempts awaiting
your response to Allow or Block (so it comes back to you to understand the
prompt). ProcessGuard regulates what can load into memory and what
actions it can commit on other processes. The freebie version should be
good enough but it doesn't block every possible method of killing a
process, especially if there is a UI for the process. However, like
Prevx, you will be innundated with prompts at first asking if you want to
allow a program to run (but it does have a Learn mode but which should be
used after you have thoroughly confirmed your host is clean). I still use
Prevx1 but ProcessGuard was becoming just too much hassle for me, and I
consider having a firewall, IDS, and anti-virus programs as sufficient and
ProcessGuard a bit overkill.
So while you are considering a choice between McAfee and Norton, you might
want to look into freebie alternatives of which I'd recommend finding a
download of Sygate's personal firewall
(
http://www.simtel.com/product.download.mirrors.php?id=53687) and CA's
EzAntivirus (
http://www.my-etrust.com/microsoft). Then consider if you
want to add Prevx1 and/or ProcessGuard to the mix. And the cost? Zero!
