How is sygates Pro impact on system resources? If it's a large footprint then what other firewall can I get that's very solid and yet small system footprint. So I don't even feel it working.

How good is the sygate Pro 5.5 security?

Hi tempnexus

-{ Quote: " quoting: tempnexus link=board=23;threadid=21862;start=0#msg131012 date=1076737588]
How good is the sygate Pro 5.5 security?" }-

Sygate offers good security, as do most personal firewalls these days. The only ongoing issue involves the lack of filtering of localhost (loopback) traffic. This is only a concern for anyone who also uses a proxy server for filtering web content.

I will let users speak to the performance questions.

Regards,

CrazyM

"Sygate offers good security"

Agreed. In theory. But in practice the rule editor really sucks. It will take you hours to create a tight rule set for all your internet applications. You have to click through many windows before you can even start to create your "advanced" rules. Then you have to configure 5 different tabs/windows. Moreover, it is impossible to get a quick overview over your personal ruleset.

see here http://home.arcor.de/testbed/sygatesucks.jpg

In conclusion, the flawed GUI makes Sygate a firewall for lamers who use insecure pseudo rules. And that IS a security issue.

In addition, Sygate has always been a memory hog which will bring you into trouble if with you engage in extensive file sharing with hundreds of open ports.

Therefore, I do not use Sygate (though I have it).

Hi shapechanger7

-{ Quote: " "Sygate offers good security"

Agreed. In theory. But in practice the rule editor really sucks. It will take you hours to create a tight rule set for all your internet applications." }-

It is not unusual for it to take time to create a tight rule set, especially the first time. Once done, it is not something that needs doing every day.

-{ Quote: "You have to click through many windows before you can even start to create your "advanced" rules. Then you have to configure 5 different tabs/windows. Moreover, it is impossible to get a quick overview over your personal ruleset." }-

Well Sygate is not alone in this regard. Personal software firewalls today are designed for a wide user base and usually focus on novice users. Experienced users can find this frustrating, as the sections they may prefer to work with are a few layers deep in the interface.

-{ Quote: " In conclusion, the flawed GUI makes Sygate a firewall for lamers who use insecure pseudo rules. And that IS a security issue." }-

While you may not like the GUI, it hardly makes it flawed. “pseudo rules”? The option of basic permit rules or the ability to define custom/advanced rules is common to a number of firewalls. Different options available to different types of users, with different abilities, needs and requirements.

-{ Quote: " In addition, Sygate has always been a memory hog which will bring you into trouble if with you engage in extensive file sharing with hundreds of open ports." }-

Perhaps you could be a little more specific about any performance issues you experienced. Global comments like that are not very constructive.

Regards,

CrazyM

Hi CrazyM:

"It is not unusual for it to take time to create a tight rule set, especially the first time. Once done, it is not something that needs doing every day."

This is correct for a company with a permanent setup. However, as a homeuser you will frequently install new applications etc. Therefore, you will have to create new rules frequently.

"Personal software firewalls today are designed for a wide user base and usually focus on novice users."

Yes. But many people (e.g., Wizard?) say that such kind of firewalls are not only useless but actually harmful since they create illusionary security. I would say that even permit/deny all rules for novice users will give you a little bit of security. But you should be aware of the fact that you are not 100% (maybe not even 50%) safe with a permit/deny all ruleset.

"Well Sygate is not alone in this regard."

Unfortunately not. But there are still a few firewalls with a better GUI, e.g. Kerio and Outpost.

"While you may not like the GUI, it hardly makes it flawed."

I disagree. I actually believe that the GUI is the major weakness of this firewall. The GUI makes it insecure.

"Perhaps you could be a little more specific about any performance issues you experienced. Global comments like that are not very constructive."

I have experienced a mem usage of more than 30 megs. Others user have made the same experience. Moreover, I experienced disconnections from IRC servers because Sygate was unable to handle the traffic generated by edonkey. I do not have any screenshots right now. Sorry. I recommend to google the words "Sygate memory hog" ... ;-)

I use Windows ME and trust me it cannot afford a firewall that is a " memory hog". After startup with Sygate as my firewall resource meter reads 80%. I'm currently playing with VisNetic firewall which has the smallest footprint of any firewall that I've played with and I've tried them all :). After startup with VisNetic as my firewall resource meter reads 83%.
As for security Sygate with a little help from user is a top four firewall along with Zone Alarm. Look& Stop, and Out Post with Kero and Tiny requrring more input from user.
I find that users who experienced problems with Sygate usually do not properally uninstall the previous firewall and run into all kinds of weird problems and then trash Sygate. I've been using Sygate for Four Years and only experienced minor problems with about ten-fifteen different versions they have put out in that time.
Best Regards
Tim

Ok then which firewall is the tightest and yet light on resources?

Probably a tossup between Look&Stop and Out Post Pro.

LnS is awesome. Smallest one I've found and it's light on resources and yet powerful and configurable. I personally use it and don't have any problems with it.

Tiny PF 5.5 is another great firewall. It has a small footprint and probably most advanced thing I've seen. It's not easy to use though. You will have to spend some time configuring it. It's worth it IMO.

Regards,

richter

LnS is interesting indeed.

However, it does not support FULL application filtering yet (i.e., it is impossible to create a safe ruleset; with Sygate it's at least possible...just inconvenient).

I know ... all the LnS guys will now scream and say that I am totally wrong. But try to create the following sample rule for an internet application:

Allowed protocoll: TCP only
Allowed connections: Outgoing only
Allowed local ports: 1024-5000
Allowed remote address: 192.168.13.14
Allowed remote port: 80