If you have a Mac (which is probably why you are reading this), the chance you may get infected by a computer virus is very very low (at least compared to our PC friends). However, that doesn't mean you cannot get one. Also, the old Mac OS (anything before OS X) was very difficult to break into because well, as my nephew used to say, "the Mac OS is a programming mess." (My nephew is a big Mac fanatic, so don't worry.) His point was that because the Mac OS was a programming mess, it was difficult to break into.

But now we have OS X, which is UNIX, which is a long known quantity and people have been breaking into UNIX boxes for quite some time. As such, we are more vulnerable now than before OS X.

Not only do we have OS X, but we also have Cable Modems, DSL and T1 lines providing constant access to the web. You do not need to have your browser or your email program up and running to be linked to the web when you have any of these three types of connections. If your computer is on, you are connected. If you have a standard telephone connection, only if you have dialed up your internet provider are you connected. As long as you are connected, you are technically vulnerable to attacks by other computers.

Like Norton SystemWorks, Norton Internet Security is a collection of programs, some by Symantec, and other bundled with the whole package. When you double-click on the Norton Internet Security icon, you are in the "Command Central" for the whole package

Norton AntiVirus is part of the Internet Security "package" as well as part of Norton SystemWorks. As the same version of Norton AntiVirus is in both packages, you can read my review of NAV in my review of Norton SystemWorks 2.

If you already have Norton SystemWorks on your computer and then instal Norton Internet Security, you will not have two copies of Norton Antivirus. Everything is conveniently placed in the already existing Norton Solutions folder and all the installed files will be located therein. The bundled software items must be separately installed and can be placed anywhere you choose.

Norton Personal Firewall (NPF) prevents unauthorized attempts to get into your computer. These attempts are through either TCP/IP (Transmission Control Protocal/Internet Protocol) or UDP (User Datagram Protocol). If you are on OS X, NPF will block ICMP (Internet Control Message Protocol) requests as well.

NPF is not a net-nanny type of program and as such cannot be used to monitor what web sites one is going to. NPF is not an encryption program, so don't expect it to increase your ability to send private messages. Lastly, it has essentially no control on AppleTalk communications. Thus, in OS 8 or 9 for full protection, you should turn off AppleTalk (if you are concerned that AppleTalk access is not safe for your computer such as in an intranet situation). On the other hand, in OS X, AppleTalk uses TCP/IP to connect to File Sharing and program linking, you are therefore automatically blocked (unless you specifically allow access to such requests)

As seen in the screenshot above, in File Sharing, FTP, Program Linking, Secure Remote Login, Web Sharing, and All Other access situations, NPF provides 4 different settings: Deny all access, Allow access only from addresses in list, Deny access only from addresses in list, and Allow all access.

Once installed. NPF is on, and if you want it off you have to turn it off. There are three windows to the program, the one above where you set your preferences, the Norton Access History window which shows attempts to get into your computer, and the Self Test Window which has both a quick check where NPF (itself) tries to barge into your computer and a more complete Security Check where it leads you to a section in Symantec's own site and an attempt is made from there to get into your computer.

The results of probes on your computer can be seen below in the History Window

I guess it's a comfort seeing that I can prevent access into my computer, but the big question is how often am I being attacked by unknown forces when I'm not self-testing my own computer. Also, can a computer be attacked when it's asleep.

Well, the answer to the latter question is no. I left my computer in sleep mode for about 22 hours and nothing seemed to have happened. But, as far as to whether I'm being investigated by outside forces, in the above screen shot, the top Denied access was NPF testing itself. That's OK. However, the other two attempts were from Seoul Korea. Yeah, I had the program on my computer for about two hours and it worked. More on how I learned where the attack came from a bit later. Subsequent to the Korean attempt, I've since received a probe from Johannesburg South Africa and a file sharing attempt from Pennsylvania.

You can set NPF for logging accepted and/or denied entries as well as for notifications (do you want to be interrupted while you work to know that no one got it?). You can also set NPF for Stealth mode (OS X.1 only) which, instead of simply bouncing back refusals, it bounces back nothing--it makes you invisible on the net. While this sounds rather cool, ICMP requests are stopped (there are three exceptions) but as these have legitimate uses on networks and file sharing, you might not want to use Stealth unless you really know what you are doing.

One sad reality is that many people's eyes start glazing over when one starts to hear about the alphabet soup that is the net and setting configurations. Thus, some may feel it's easier to get attacked by every hacker out there than to try and configure a Firewall program. Fear not. For the most part, you instal the program and that's about it. There can be some specific settings that may need to be set (especially if you have a network, even a home Airport network) the process isn't too horrible and the manual is mostly pretty good. Its weakness is explaining how to use the programs as it tends to breakdown how to do things but little on why. On the other hand, it has wonderful explanations of what virus', attacks, and other aspects that the program is for.

Also from Symantec, as part of their package, is Norton Privacy Control (NPC). The Privacy Control package has two functions: blocking internet adds on web pages, and protecting confidential data.

Blocking adds is sort of like zapping commercials on your VCR.. Its primary function is to speed up internet access. Unfortunately, as opposed to selecting the fast forward button on my VCR which is very successful, the default settings for this don't seem to do much. There is an option to custom "add an ad" to be blocked, but all too often I was told that Norton couldn't see the ad that I was trying to manually include for exclusion.

NPC also can help protect your private information. It does this by having you identify what you want it to protect and when NPC detects that that information is leaving the computer a screen comes up asking you to verify if that is OK. You must have access to the administrators password for OS X to have access to enable confidential blocking and if you leave the program for more than 15 minutes with no activity, you must re-enter your password to re-gain access to the program.

Also bundled with NIS is Alladin iClean, a program that helps delete cookies, history, and web cache files as well as empties the trash and fixes aliases. iClean was also bundled with Norton SystemWorks and was reviewed in the Norton SystemWorks 2 review.

The last program bundled with NIS is a jewel called Who's There from "Open Door Networks." Who's There works in direct conjunction with Norton Personal Firewall and helps interpret what NPF stops.

If you remember, earlier in the review I commented that I had an attempted access from Korea, Pennsylvania, and Johannesburg. I knew this because one part of Who's There looks very much like NIS's History Window. But if you double-click the Host Name, a new window comes up with four tabs. The first tab is the WHOIS Database Search. This provides a plethora of information which can include all the personal information from the owner of the computer that tried to gain access to yours. This would include their name, address, and phone number. Since all this information is available, the 2nd tab has a drafted e-mail letter ready for you to send to the owner of the computer and/or the network connected to that computer complaining about the attempt. The 3rd tab is a Map of all the countries showing you where the attack came from (in case you are not sure where Korea is I guess). The 4th tab, Service Info, provides an analysis of the attack if any. In regards to my Korean attack, it had no information. Since the Pennsylvania probe was a File Sharing probe, there is advice to check the Sharing System Preferences and to reconsider what's in my "Sites" and "Webservers" folders.

In short, what a way to have a Firewall Protection program show off it's stuff. Imagine, warding off a probe from Korea, Johannesburg, and a File Sharing attempt from Pennsylvania while I'm reviewing the product. The full package is a bit disappointing because if you already have SystemWorks, you already have one of the two main programs (AntiVirus), and one of the minor program (iClean). It would be good if the discount provided for upgrading from Norton Internet Security v.1 were applied to those who already own SystemWorks (1 or 2). All that notwithstanding, the value of Personal Firewall for those on an "always on" connection cannot be ignored.

.