Emsisoft Internet Security 220.127.116.1165 short review and some observations I have always been a HIPS fan and experience/used the HIPS of Comodo, Online Armor Premium, Eset Smart Security and Outpost Firewall Pro. But as I started migrating (late migration) to Windows 8.1 Pro (from Win 7 Ultimate) I encountered issues with my then CIS firewall. That made me switch to using a complete suite. I chose Emsisoft Internet Security - EIS. I find it to be light and effective security suite almost as if it seems to be an install and forget application. Almost. Well the devs are aiming for that and if I remember correctly they are geared towards less user interaction (as much as possible) and let the application decide what's best for them. Seems a bit odd for those of us who have been accustomed to setting his security application piece by piece but the rationality about this (from the devs) is the more the user is asked for inputs by the application he (the user) is more inclined to set "allow" because he doesn't want to be bothered as he works. Take the scenario of a user working on something important and then his security applications throws a pop-up on a program that his security application thinks needs further clarification (from him). Then it hit's him, he does not know what to do....to "allow" or "block" it. And then after blocking it a couple of more pop-ups are thrown again and again and again...making the user click "Allow" so he will not be bothered again. Maybe one of us have gone through the same scenario, well maybe even once or twice. Sometimes the pop-ups are too much that they hinder what we do and test our temper. Annoyance to the max! That annoyance (especially when working or doing something very important) will force any user to "allow" that particular event and there lies the problem thus the reasoning of the devs. Emsisoft aims to be that way for the normal user. A sort of "Trust me I will protect you!". Well if you don't trust your security application to do it's job then your in trouble or better yet not use it altogether :) Anyway, in line with our soon to start giveaway here sponsored by Emsisoft, here are some info on Emsisoft Internet Security 11 as I see and use it. The main gui shows 4 quick access panels: Protection - which has the Surf Protection, File Guard, Behavioral Blocker and the firewall. Scan - which shows what you can do with scanning your pc whether it be quick scan, malware scan or custom scan. Quarantine - shows you the number of items that are quarantined from the last scans that you did. Logs - which shows you the EIS's data from protecting you. Along with it you can see the "Updates" which shows the status of your EIS update. The license which shows you the countdown left till your license expires. Support where you can get in touch with Emsisoft if you need any assistance. In the top most portion of the gui are 6 main tabs namely: Overview, Protection, Scan, Quarantine, Logs and Settings. Overview Tab The main gui itself with all the quick access panels and everything you need to click to set EIS up. Protection Tab Has 5 tabs to protect you. Application Rules, Surf Protection, File Guard, Behavioral Blocker and Firewall. Application Rules This is where you can set the individual application rules for each application program installed in your pc. Setting up an application rule is pretty straight forward here. Just right-click>edit and the application rules window will appear. There you can set a program/application to not run with the "Always block this application(impossible to run)" or "Monitor this application, but allow/block specific activities". That particular specific activities can be set up with the Behavioral Blocker and Firewall rules (incoming/outgoing). Take the case of Google Chrome browser. Well you can't block that as you need it because it's a browser you use (but if you want it blocked --you can via the "Always block this application(impossible to run)". Custom rules are pretty straight forward too. You can set "Allow" or "Block" on specific activities in the Behavioral Blocker tab. In the Firewall rules you can set it to "All Allowed", "Custom rules" or "All Blocked". In the case of Google Chrome the custom rules has a preset "Web Server Rule" which is appropriate enough for incoming rules and "Web Browser Rule" for outgoing. Setting that is quite alright and anything else called out by chrome.exe to elicit an incoming/outgoing connection will merit a pop-up. Here I'd like an additional rule (I see in Avast Firewall) "all other connections" --Block. Surf Protection Surf Protection protects your internet activity, block websites which are known malware magnets or malware haven. Here you can import host files and set action for those sites either Block silently, Don't block, Alert, and Block and notify. You can also set rules for individual websites. Just enter a hostname or IP address and and set action for those sites either Block silently, Don't block, Alert, and Block and notify. File Guard As the word implies "File Guard" guards every inch or your files inside your computer. Sort of a "to protect and defend". Set scan level for scanning your files whether it be Fast(scans when the files is started), Balanced (scans when they are modified) or Thorough (scans when they are read). Filetype scanning can also be set to further EIS's protection. You can either add (include) or remove (exclude) a specific file type from File Guard's scanning. For any detection (which is either of a "Malware" kind or a potentially unwanted program (PUP) you can set the appropriate action to be done by EIS, whether it be Alert, Quarantine or Quarantine silently. I choose to be alerted as I always want to be informed of any detection. You can also set a whitelist for your trusted files like your other layer security application or any file for that matter. Just place it there in the whitelist and it will not be scanned and guarded as you set it via your preferences. Email notifications are also there if malware is detected though I seldom use it. Behavioral Blocker Monitors all the running processes in your computer. For every process running you are given options to either, "Create rule"(if rules have not been created or edit a particular rule), "Lookup online" check the process online to see if it is malicious or not, "Quarantine program", "End/terminate the particular process", "Open file location" and see it's "File properties". For programs or processes that are showing suspicious behavior but at the moment cannot be verified you can set how EIS will inform you. Depending on your preference you can either "Display alert window", "Always allow the program", Use recommended option or Always quarantine the program. Firewall Most importantly the comprehensive firewall allows you to setup/manage all your networks, incoming/outgoing connections as well as protocols and ports used. Firewall rules are pretty straight forward for any beginner too. For any given program you can set a name for your rule, say, office applications where in the Action - you can either "Allow" the connection, "Block" the connection or let the firewall decide "According to the application rules" you created. The advanced firewall settings are divided between Trustworthy programs and Unknown programs. there you can set it either to "Allow" the connection, "Block" the connection or "Ask" your input if you will either allow/deny a connection. Network management the same with other firewall you can set your connections to either Public or Private Network.