I was playing around with the Norton 2002 firewall this evening, and noticed it slows cable connection speeds down somewhat. Has anyone else noticed this? I saw many moons ago someone asking about this trait on Dslreports.com. I thought I saw a reply indicating it was due to the firewall connecting through a Proxy Server. The 2001 does not do this, and is therefore faster. Thoughts anyone?........... ???

-{ Quote: " quoting: swisscoms link=board=23;threadid=2018;start=0#14520 date=1024984867]
I was playing around with the Norton 2002 firewall this evening, and noticed it slows cable connection speeds down somewhat.
The 2001 does not do this, and is therefore faster. Thoughts anyone?........... ???
" }-Yes, there are reports that the proxy server used in NIS 2002 does impact the throughput. Some say it's nearly negligible, others says it's quite noticeable. (I think the difference is more likely to be related to exactly what build of symproxysvc.exe is being discussed and on just how fast the machine is -- neither of which is typically mentioned in those responses.)
With regard to the second part of your question, I can see how NIS 2001 might be somewhat faster than 2002 under these circumstances, but there's some specific functionality in that proxy server that is also simply not present in NIS 2001. Unfortunately, Symantec has been a bit vague on exactly what that is! ::) (I think Brendon Woirhaye provided a short description of it in one of his responses on the DSLR Security Forum, so you might want to do a quick search for Brendon's postings over there.)

Thank you for your quick reply Joseph, greatly appreciated. What gave away the problem is that I have a TCP optizizer from Speedgiude.net on my machine. The Norton and this Application do not get along very well, as pages do not load up very well. Switching to the Windows default setting enables the pages to load fully again. I also realize the firewall is checking all the script too though, as if one enables all script to be blocked in the options, connections speed up. For example, loading www.swisstart.ch takes 13 seconds on my cable on Windows default setting. With TCP optimizer "ON" it speeds upto 5.3 seconds average. With the Norton Firewall the best I have managed is 15.5 seconds.
The price for extra safety?..................regards, Peter.

I have not tried the 20002 version but the older version DID block script with the enabling the addon for Office. WOuld not run script without your permission.
Some here believe you should have one app for each funtion but I sure don't. That leaves it wide open for app compatabilities.
Norton has the cookie, ADS blocking, script @guards stuff all integrated.
But then there is some here that will just never say a good ting about Norton too.

-{ Quote: " quoting: swisscoms link=board=23;threadid=2018;start=0#14558 date=1025011204]
Thank you for your quick reply Joseph, greatly appreciated. . . . . The price for extra safety?..................regards, Peter." }-
Peter, I found a very short response by Brendon (actually in regards to another issue) at http://www.dslreports.com/forum/remark,3364170~root=security,1~mode=flat, where he notes: -{ Quote: "To clarify some of the information above, the Symantec Redirector (SymReDir / SymReDrv) was technology introduced in NIS/NPF 4.0, NAV 2002, NAV Pro 2002, and NIS Pro 4.5. This component is used to intercept data communications to redirect it to a user mode proxy (for html filtering (security, parental controls, ad blocking, privacy, etc.) and email filtering (AV scanning of mail)). In older versions, this filtering was done in the drivers themselves (httpfilt, for example).

A couple of weeks ago, version 4.51 of the Symantec Redirector was released to address a port scanning issue reported on a bugtraq advisory, and was applied to all 4.x versions of NIS, NPF, and NIS Pro.
" }-

I think there's a much better description somewhere, but I haven't run across it yet. The above rather suggests that the primary consideration had more to do with protecting the integrity of the software firewall than it did with enhancing the functionality of the http filters (which is what that other, elusive source concentrated on). I'll keep looking and post it here if I find it.

Here's a bit more:
http://service2.symantec.com/SUPPORT/nip.nsf/pfdocs/2001091211355736 .

All of this is apparently part of the Symantec Redirector. You can find a brief description of how this operates at http://service2.symantec.com/SUPPORT/sharedtech.nsf/pfdocs/2002020506493713 .

Again, the actual implementation of this was done differently until fairly recently.

Thank you for the input Joseph and Controller. There seems to be a number of threads on this issue. I wonder why Norotn took the filtering out of the 2001 firewall which did this in the drivers themselves, and send it out to a proxy server on the 2002. The idea of this firewall seems a good one to me as I have children, and hate those ads all the time. Regards, Peter.

I have not noticed any real speed difference when using and not using NIS. As noted the latest versions do things a little differently with the transparent proxy server. A little more on this change:

-{ Quote: "Technical Notes - November 29, 2001

Copyright 1999, 2000, 2001 Symantec Corporation
All rights reserved

Cookie Blocking
~~~~~~~~~~~~~~~
Norton Internet Security Professional 4.5 blocks cookies from being created on your computer by the browser's routine operation, but doesn't block special cookies from being created via scripts, ActiveX controls, or Java applets. The cookie-blocking feature blocks all outbound cookies to provide full protection, but you may occasionally see some cookies appear in your cookie folder.

Earlier versions of Norton Internet Security blocked only the outbound cookies.


Content Filtering
~~~~~~~~~~~~~~~~~
In version 4.0 of Norton Internet Security, Symantec moved http filtering from the device drivers to a service named SymProxySvc. This has resulted in fewer device drivers being loaded and a common architecture for both Web content filtering and email virus scanning.

This service is utilized as a transparent proxy through which http, MSN Messenger, and AOL Instant Messenger traffic is redirected. When this occurs, you will see connections from your web browser and other applications to localhost, which are those applications communicating with the proxy.

A second proxy, NAVAPW32.EXE, is used for filtering POP3 and SMTP traffic to mail servers to scan them for viruses." }-

The pro version also filters NNTP traffic.

CrazyM

Thank you Crazy M for your valuable input. For some reason I am still getting a slow down with my ISP and using a TCP booster from www.speedguide.net It appears that the Proxy gets swamped, and then the rest of the page will not load. I have a copy of 2001 here, and it is quite happy using this speed booster. Using McAffee's Internet Speedometer with NIS 2002 I get DSL speeds, without it, I get T1 and T2 speeds in off peak hours. I wish there was a way of speeding up Norton's proxy?.......regards, Peter. :-\