What do you think about Sunbelt Kerio Personal Firewall 4.3.268.0 ?
Runs very well with Nod32 2.7.
Even with failing the leak test ,I think it's pretty good.
Cheers, Jacko :thumb:

-{ Quote: "What do you think about Sunbelt Kerio Personal Firewall 4.3.268.0 ?
Runs very well with Nod32 2.7.
Even with failing the leak test ,I think it's pretty good.
Cheers, Jacko :thumb:" }-


I've used this off and on twice now in the past month. I like it for its stability, but it's using up to 115 megs (!!) of RAM when I'm in normal operational mode -- T-bird email browser open, Firefox open with about 20 tabs, Skpye turned on.

I'm not sure whether the high RAM usage is from all these internet connected apps, but it seems most probable.

As for the little 4.3 suite, I like it better than Zone Alarm.

Sam


//

-{ Quote: "I've used this off and on twice now in the past month. I like it for its stability, but it's using up to 115 megs (!!) of RAM when I'm in normal operational mode -- T-bird email browser open, Firefox open with about 20 tabs, Skpye turned on.

I'm not sure whether the high RAM usage is from all these internet connected apps, but it seems most probable.

As for the little 4.3 suite, I like it better than Zone Alarm.

Sam


//" }-

Hi. Yes. Now at the moment I'm using ZA Pro. I used KPFW for two or three months. Nice Gui (better than ZA one). Very stable. Some bugs (alert windows). But the great problem is: memory usage: over than 100mb.
KPFW is very simple in setting packet filter and program setting. Very nice.
But according to various test it isn't very strong in security.

Best regards.
Mike

-{ Quote: "Hi. Yes. Now at the moment I'm using ZA Pro. I used KPFW for two or three months. Nice Gui (better than ZA one). Very stable. Some bugs (alert windows). But the great problem is: memory usage: over than 100mb.
KPFW is very simple in setting packet filter and program setting. Very nice.
But according to various test it isn't very strong in security.

Best regards.
Mike" }-


Thanks. So which firewalls have the best security?? I've seen SunbeltKerio 4.3 advertised as "voted best buy by IT pros" (lots of room for interpretation there!), but now I'm hearing about how "insecure" it is, failing leak tests, and the like.

What I want is: a truly secure firewall that is not too complicated to set up. All the HIPS, NIPS, and other bells I can get somewhere else. I want a *secure* firewall!!

Where should I look??

Sam


//

Hi.
In my opinion you can try ZA Pro or Outpost 4.0.
The first one is Fw that i use at the moment. The second one I tried in beta version. This last is a good FW, but I like more ZA Pro Gui.
Here ( http://www.matousec.com) you can find some tests about firewall.
Do not take these results as gold. ZA Pro and Outpost (someone add Comodo Free FW) are all very goods. But is better you try them by yourself to find the better for you PC.
And for sure you can find HIPS and NIPS somewhere else.
Finally I hope in future Kerio upgrade as in my opinion KPFW Gui is the best.

Best Regards.
Mike

-{ Quote: "Hi.
In my opinion you can try ZA Pro or Outpost 4.0.
The first one is Fw that i use at the moment. The second one I tried in beta version. This last is a good FW, but I like more ZA Pro Gui.
Here ( http://www.matousec.com) you can find some tests about firewall.
Do not take these results as gold. ZA Pro and Outpost (someone add Comodo Free FW) are all very goods. But is better you try them by yourself to find the better for you PC.
And for sure you can find HIPS and NIPS somewhere else.
Finally I hope in future Kerio upgrade as in my opinion KPFW Gui is the best.

Best Regards.
Mike" }-

Thanks for the suggestions. I'm trying Comodo for the second time in three weeks. Sunbelt Kerio 4.3 was bothering me with its extremely high RAM usage, then I did the PCFlank leak test, and it bombed. Got me to thinking... I know, I know, there are those who say leak tests are meaningless. But then again, Comodo passed whereas SKPF did not.

Also, Comodo is running well this time around. I don't have it "screwed down" as tight as I ran it last time -- not monitoring NDIS protocols anymore, for one thing. So far so good.

RAM usage for the two processes total 25 mb, vs ~70 to 90 mb under SKPF. What's not to like??!

Sam


//

Hi.
I tried comodo (may be for too short time :-[ )
I like its GUI. But, if I correctly remember it isn't possible to set trusted / untrusted zones (like in ZA).
May be there is another way to do this setting (?).

Regards.
Mike

-{ Quote: "I like its GUI. But, if I correctly remember it isn't possible to set trusted / untrusted zones (like in ZA).
May be there is another way to do this setting (?)." }-Trusted zone, see pic,.. for "untrusted" you can add a packet filter "group" to deny access.

Hi Jacko2,
-{ Quote: "What do you think about Sunbelt Kerio Personal Firewall 4.3.268.0 ?
Runs very well with Nod32 2.7." }-I have not performed much testing on this firewall,... I installed last time due to a post with a problem with SKPF and AOL AV.
If the firewall is running o.k. on your setup, and you like it, then use it.
(I have seen posts with problems of "how stable the firewall driver" are,... but then again, I see posts like that for many firewalls),
Leaktests,.. yes, it will fail some leaktests, as other firewalls do,.. and there are other firewalls if leaktest prevention is high on your "needed" list,...

I do like the fact that while you are using this firewall, you will have a chance to learn to create "packet filter" rules per application (you can make a ruleset for your programs), as the firewall can be used as a "application firewall"(allow apps internet access or not),.. or go more advanced with creating the rulesets(and just delete them if you lock yourself out)

-{ Quote: "I do like the fact that while you are using this firewall, you will have a chance to learn to create "packet filter" rules per application (you can make a ruleset for your programs), as the firewall can be used as a "application firewall"(allow apps internet access or not),.. or go more advanced with creating the rulesets(and just delete them if you lock yourself out)" }-
Jetico is quite the opposite ;D
Kerio is easy to setup knowing the ports that need to be open for each application

-{ Quote: "Jetico is quite the opposite ;D " }-Jetico is less forgiving in user input error (make a mistake and internet connection can be lost (easily at times))
-{ Quote: "Kerio is easy to setup knowing the ports that need to be open for each application" }-Kerio (from sunbelt), does not need the user to know anything about port/protocol use, as the defaults are to allow outbound or inbound,... the user can then advance on to creating rulesets to restrict comms for an application in the "Packet filter" rules
(Maybe you are thinking of Kerio 2?)

-{ Quote: "(Maybe you are thinking of Kerio 2?)" }-
My mistake, you are right :)
So SKPF is an "application-based" firewall at first and if you wish you can transform it in a "rule-based" firewall, right?
Jetico 1 is hard to address. I don´t wanna think in the complexity of the new and improved version so I´ve avoided testing it. My networking knowledge is limited

-{ Quote: "So SKPF is an "application-based" firewall at first and if you wish you can transform it in a "rule-based" firewall, right?" }-Yes,... application rules can be added later.
-{ Quote: "Jetico 1 is hard to address. I don´t wanna think in the complexity of the new and improved version so I´ve avoided testing it. My networking knowledge is limited" }-Maybe your knowledge on TCP/IP is limited now,.. stay around,... have a willingness to learn,.. and you will,...... there are many knowledgeable members here who can/will help with this.

Thanks Stem :thumb:

Hi Stem.

Thank's for your advice,regarding trimming Kerio a little bit.
But with nod32 2.7 A V ,I'm pretty safe.

Cheers, Jacko :thumb:

-{ Quote: "Trusted zone, see pic,.. for "untrusted" you can add a packet filter "group" to deny access." }-

Hi Stem.
May be I was not so clear.

I wrote:
"I like its GUI. But, if I correctly remember it isn't possible to set trusted / untrusted zones (like in ZA).
May be there is another way to do this setting (?)."
refering to Comodo.

Hi.
Mike