Hi. I am new to the forums, so please excuse any gross errors.
I have been using Sygate Personal Firewall Pro for quite a while now and I really like it, but I hate the fact that since it was bought by Symantec it no longer updates and might not be sufficiently up to date to counter the most recent threats, so I want to find a replacement for it but I can´t make up my mind with so many options available. Here is what I am looking for in a firewall:
Low on system resources (and that allows me to turn it on and off when I want to, not when it does. By this I mean that unless I manually start the firewall -which I do when I connect to the internet only- there are no processes or services running associated to the firewall)
Fairly easy to configure but that allows you to create advanced rules (block or allow specific ports, protocols and/or programs)
Good inbound and outbound protection
Unobtrusive (I´m OK with warnings at first when it´s "learning", I have not created program specific rules or when a program has changed since the last time it was used -due to an update, etc-, but if it constantly bugs you with pop ups then I don´t want it)
Free or paid for doesn´t matter
No Beta versions
I have already tried (and want nothing to do with): Comodo (caused BSODs), ZoneAlarm Free or Pro (not P2P friendly) and Lavasoft Personal Firewall (completely messed up my computer)
I have Windows XP Home SP3, NOD32 v3 and SpySweeper as on-demand scanners only, not resident

Id recommend pctools firewall plus. Like you, i finally decided to give up on the discontinued sygate and kerio 2 and started using pctools. First impressions: very easy to use, pretty light, and it has an advanced mode for expert users.

Id also recommend online armour free or paid - its also light and easy to use, and the paid version allows you to set up advanced rules.

I had been looking at PC Tools Firewall Plus too, but then I saw the results of Matusec´s tests (it got a 6%) and I tought better of it. I had also been looking at Webroot´s Desktop Firewall (which is now free) but then I learned that it does not allow you to create advanced rules (and that it is based on Privacyware´s Privatefirewall which got a 65%), so that´s a no go either...

1-So you consider Matousec's tests important for your choice?
2-What do you expect from the firewall?
3-A final note - this forum has many threads on the matter, you should search for similar topics (plenty).

I read elsewhere (not on Matusec´s) that the PC Tools Firewall has poor leak detection. Webroot´s was not included in Matusec´s test, but the lack of advanced rules makes me exclude it.
I do not consider Matusec´s test particularly important, as a matter of fact I had never heard of them before today, I found them while Googling for firewall comparisons and reviews and it appeared to be pretty comprehensive and it included plenty different firewalls.
What I want/expect from the firewall is what I mentioned in my initial post, something equivalent to, or better than, Sygate Pro, with low system resources, unobtrusive and with good inbound and outbound protection. I am not particularly interested in HIPS protection.

Stick with good old Sygate my friend. If you're not concerned about all this outbound, leaktest passing mumbo jumbo then Sygate is perfectly adequate. It's still one of my favourite firewalls for Windows.

Unless the firewall has some form of built in HIPS module like comodo, OA, Outpost etc, it isnt going to do well in leaktests. PC Tools, Sygate, Kerio are all pure firewalls - thats why they do poorly in leaktests and so thats why you shouldnt make a decision on the basis of leaktest results.

What do you mean exactly by "pure firewalls"? Those that do not include HIPS protection? Also, I might be wrong here, but by "leak tests" I understand those that determine a firewall´s ability to control outbound traffic, which Sygate does... :-\

I am trialing Rising Personal Firewal (http://www.rising-global.com/)l. It is a very non intrusive firewall. It makes the outbound rules for known software for you. Very much set and forget.
Of course if it doesnt recognize a outbound attempt it will ask you if you want to allow it (once or always) If you like to tighten up the rules for it later you can do it. It doesnt recognize all the leaktests, but a normal user that doesnt try cracks´n´stuff every day doesnt encounter malware that those leaktests mimik anyway (is there real life malware that does behave like the leaktests anyway?) Been using it for a couple of weeks (on Vista) and it works great. Frequent updates too.

Another one is Look´n´stop (http://www.looknstop.com/En/index2.htm). A pure firewall with in and outbound protection that doesnt care much about the leaktest "hysteria" ;)
(even though it catches some of them with a bit configuring) you can tweak until your eyes bleed - if you want to, you dont have to do that, just choose the enhanced pre configured config file and you have a good protection for the normal malware. You can look in the log and make the network rule with a right click.
I have used it on and off for years, but sometimes it blocks stuff without telling me why (and thats why I try another firewalls now and then)

If you feel you want to have full leaktest protection and a non intrusive firewall part you could try Online Armor (http://www.tallemu.com/). If you feel that the HIPS component is too annoying you can turn it off and it becomes a self configuring normal non intrusive firewall, like Rising.

if you are one of those who care about memory consumption these are light I guess (personally I dont care if they use alot of memory as long as they dont slow down performance: use hard drive constantly or high CPU usage. My take on this is that RAM is there for a reason - to be used)

Hello,

Sygate's IDS signatures are out of that, but the firewall itself is solid and well. You will have a hard time finding something as light, simple and effective as Sygate. Stick with it. It's TEH firewall for gaming, p2p. No overhead practically, no slowdowns. Purrs like James Bond Aston Martin DB6.

Leaktests are overrated. Furthermore, Sygate has excellent outbound protection. The IDS signatures are more for fun than actual use.

Mrk

Totally agree, stick with Sygate. No probs with games, P2P and the lot whatsoever. I tried Comodo, OA, PcTools, Webroot. But I decided to stick with Sygate, because each of them gave some problem of their own kind.

I "back it up" with Threatfire and Sandboxie.

Sygate is so simple to use, used it for years.

I used to have a licence for the pro version. Is the link on majorgeeks for the old pro or personal version? If personal, what's it have, a nag screen on startup?

Here's a nice link for all kinds of versions

http://www.savefile.com/projects/1045215

Thanks Yoda. I noticed pro version 5.5 2710 is the final build, whereas the others are a beta and a debug build.

Not sure of the difference so I've downloaded all three. :thumb:

Using 5.6 3408 debug pro with nonting problems on windows xp home.

What is the difference between the Pro n Personal version?

There is no nag screen. There are some settings greyed out in the free version, but they are not needed.

What's important in the PRO version that there is a termination protection.

I mean, when the firewall is somehow terminated (malware and such) one looses all internet connection.

So it passes the third test of sss (System Shutdown Simulator)

200027

Have you tried Sunbelt Kerio Personal free?

-{ Quote: "There is no nag screen. There are some settings greyed out in the free version, but they are not needed." }-

The features that you are talking about are needed by some people, you shouldn't draw a conclusion only from your personal experience.

-{ Quote: "The features that you are talking about are needed by some people, you shouldn't draw a conclusion only from your personal experience." }-

OK, How about I draw an opinion from my personal experience. :)

-{ Quote: "What's important in the PRO version that there is a termination protection.

I mean, when the firewall is somehow terminated (malware and such) one looses all internet connection.

So it passes the third test of sss (System Shutdown Simulator)

200027" }-

I think that feature is available in the free version? That or it is selected but greyed out, so that it cannot be changed. Someone with the free version please correct me if I am wrong.

-{ Quote: "I think that feature is available in the free version? That or it is selected but greyed out, so that it cannot be changed. Someone with the free version please correct me if I am wrong." }-

Looks like it is not available....:)

Hi, I believe the free version is limited to 20 advanced rules whereas the pro is unlimited.

-{ Quote: "Looks like it is not available....:)" }-

Thanks, that is definitely the most useful of the features left out of the free version (imo). There are other ways to protect it though if you feel it is needed.

Is kerio 2 similar to sygate in terms of low resource usage and ease of use but without sygate's notorious loopback problem?

-{ Quote: "Is kerio 2 similar to sygate in terms of low resource usage and ease of use but without sygate's notorious loopback problem?" }-

No. It's lighter both in RAM and CPU. ;D But you must have a basic knowledge of ports and protocols to make good rules. On the other hand, Kerio is great for learning this stuff.

The major annoyance with Kerio 2, is that it can happen to have a forced reboot of the PC (power cut, hard reboot caused by freezing or BSOD), which will result to Kerio "forgetting" the rule set. In that case you must reload it, assuming you have saved it before.

Hi I am using Sunbelt Kerio, see http://www.wilderssecurity.com/showpost.php?p=1245110&postcount=13

Could some of you old Kerio users explain why Sunbelt's Kerio is not embraced by Kerio fan's?

When you look at the life cycle of this product it seems that Sunbelt has the latest, so why don't use the latest version. What did Sunbelt change for the worse to keep using old Kerio?

Would appreciate some backgorund info on this

-{ Quote: "Hi I am using Sunbelt Kerio, see http://www.wilderssecurity.com/showpost.php?p=1245110&postcount=13

Could some of you old Kerio users explain why Sunbelt's Kerio is not embraced by Kerio fan's?

When you look at the life cycle of this product it seems that Sunbelt has the latest, so why don't use the latest version. What did Sunbelt change for the worse to keep using old Kerio?

Would appreciate some backgorund info on this" }-

I can only speak for myself. I have been so tired of having BSODs with Kerio 4, that i can't even look at its GUI anymore. To understand this, you should visit the old Kerio forum, where you could see tons of bugs. The forum has been closed since Sunbelt took over.

My main interest in a firewall, is for it to be light, with no network slowdowns and p2p-resistant. Meaning, that any firewall is "light" when dealing with 1 connection. The real "test of fire" for me, is with p2p, when the firewall must handle 150 connections at once without spiking to 10% of the CPU.

Kerio 2 is capable of doing all this with 0%CPU and 4-6MB RAM. Because unlike modern firewalls, they were actually bugfixing the packet handling, not the HIPS part of the firewall.

I may try again the next STABLE release of Sunbelt (Kerio 4) , since the representative here said that they finally decided to fix the minor issue of having the connections window freeze when showing many connections. This bug exists since the first Kerio 4 betas and the fact that is still present, doesn't encourage me to use it again.

All in all, i have sent enough dumps to the good old Kerio and have had so many BSODs before, that i just can't look at the now Sunbelt firewall without prejudice. I also took a look at the latest changelog, which showed as usual tons of bugfixes, hence i will spare myself yet another BSOD.

Basically, Kerio 2 was a perfect firewall, with superb pop up windows allowing on the fly advanced rules in a very simple and intuitive way, all with minimal resources and instead of improving it, they made from scratch an aborted version 3, that was cancelled and went to version 4, which was a mastodontic firewall compared to the lightness and easyness of Kerio 2, full of bugs, that disappointed probably every old Kerio 2 user ( even Blitzen Zeus who was famous for his Kerio 2 ruleset) until they arrived to a dead end and bit the bullet, selling it to Sunbelt.

As i said, when the next STABLE release comes out, maybe i will try it. But in my mind, as soon as i look at that GUI, that mastodontic, bug-rich, weird logging (do they still use cryptic log descriptions for the presumed attacks? I say "presumed" because when it was still "Kerio 4" it was seeing all kinds of non existing attacks), resource hungry firewall that would freeze in its connections window with any p2p application (there was a "workaround" by disabling resolving dns, but was still causing some freezing and CPU eating). Also, on my PC, it was always feeling slow and heavy.

So, given the fact that there are so many firewalls around, i find it hard to go back to Sunbelt , specially since i use p2p (and the current stable still has the freezing issue as i understand). Maybe they did miracles in its CPU requirements in the meantime (under stress) , but i will only see into that when the next stable comes out.

Sorry if the reply isn't all that technical, but i am tired of security applications that all they do is making the PC heavy, clumsy, slowing down network, when there are plenty of alternative security apps, that can be used to secure a PC without impacting performance. My opinion of Sunbelt is certainly psychologically conditioned from the bad track record that i had with using that firewall and the comparison with its predecessor. They put all that new "features" and at the end for what? To pass leak tests? It's isn't that good at that either!

People often get used to such slow system response and don't care. I would suggest to people to uninstall all their firewalls and web filtering AVs and install Ghostwall or Kerio 2 for an hour and then try to see if their PC will be faster or not. Mine certainly is.

Hello,

That's why I love Sygate. 500 connections with p2p and not a hitch. Works like magic, sometimes for 3-4 weeks without reboot, memory steady at 8-10MB, RAM hardly spikes at all.

No slowdowns, no nagging, nothing. Just beautiful, perfect.

Mrk

@ Kees1958.

the official Kerio 4 forum doesn't exist anymore, but for more "objective" opinions, you can read here and see for yourself the Kerio 4 "history".

http://www.dslreports.com/forum/kerio

Ive been testing pc tools firewall plus for the last few days and i must say im very impressed. Its very easy to use, highly configurable for advanced users, isnt bloated and has no p2p problems. IMO it would be the perfect replacement for sygate. Custom rulesets can also be imported to enhance security.

My only gripe with it is the resource usage which is much higher than that of sygate. However, i dont notice any slowdon with it at all so i think ill be sticking with it and would recommend it to everyone.

To understand the blunder with Kerio 4. Now, version 4, exists since 2003.

http://www.dslreports.com/forum/remark,8286348

We are now in 2008. But BSODs still rule!

http://beta.sunbelt-software.com/viewforum.php?f=89

One would think that after 5 years working on the same version, at least BSODs would have been eliminated. I mean, other companies in 5 years have released 5 new new versions, most of which by the end of the year are quite BSOD free. Some vendors even completely rewrote their firewalls in the meantime. And still, after 5 years, Kerio is still version 4, and still struggling with BSODs? I think this is the best indicator that shows that this firewall was born with something very wrong.

Kerio 2 was ditched in order to make Kerio 4 a "leak proof" firewall, with HIPS module and extra network security with snort-like abilities. 5 years later, Kerio 4 is still version 4, with the only difference being that by now is not a leak champion at all and still struggling for stability.

So, why would one prefer Kerio 4 over Comodo, OA for example, if leaks are his concern?

Or why would prefer it over Kerio 2, ZAF, Sygate , Ashampoo free if lightness is his concern?

Or if you wanna pay for the full version, why should you prefer it over other paid firewalls? If i did want a good leak-proof firewall to pay for, i would certainly wouldn't pay for Kerio 4! I don't have leak tests as priority, but i can understand the benefits that one could have with a "leak proof" firewall. For example, you could live without resident AV.

I think that Sunbelt should drop Kerio 4 alltogether and work on a new, completely rewritten version that will have nothing to share with Kerio 4 and the bad memories that this name brings to many old Kerio users. Why would a company want to remind the users that their product is directly related to a 5 year old struggle that ended to a failure, causing it to be sold?

Sunbelt should ditch Kerio's technology and start from scratch on a new firewall. I think it's on her interest to do so.

@Fuzzfas

Thanks for the info. It was running very stable, also P2P (limewire) is no problem. You made your point with the links of the forum.

Yes it a lot of RAM , but does not uses much CPU cycles.

I will have a look at Kerio

Regards Kees