I was doin some research and found this:

http://www.matousec.com/projects/firewall-challenge/results.php

Seems like most of the security suites have really lame firewalls, but I was astonished at Kaspersky's score. I don't know when this was last updated. I know others have seen this before, but its just amazing how these companies throw in a supposedly good firewall in their security program but has such a low score.

Matousek´s test is a crap. It´s called Firewall Challange but among tested programs are programs that aren´t firewalls. Like Mamutu.

Matousec tests are basically HIPS tests. Its Kaspersky's Application Filtering and Pro-active Defense that are generating the score, not the firewall,

Suites without HIPS therefore always score low on these tests. It's not really a comment on their firewall.

Also these tests were on XP SP3 I think. Kaspersky HIPS is not as strong on Vista as they regard Microsoft Vista accreditation more important than delivering the security level you get with XP.

Anyway I happen to think the KIS firewall is quite good despite the lack of success on stealth and ping tests.

Cheers

Oh, I see, so this is mainly just a HIPS testing, not the actual testing of the firewall itself so to speak? If so, thats kind of misleading but I wasn't even reading half the text on the website so that could be my fault as to misreading the information on the test scores.

Some might suggest it's designed to be misleading but .....

You can see the list of tests here http://www.matousec.com/projects/firewall-challenge/level.php?num=1. This page is for level 1 but you can select the other levels up to 10 at the bottom of the page.

As you will see there are firewall related tests but products without HIPS capabilities have no chance of a score that will look respectable.

Cheers

-{ Quote: "Some might suggest it's designed to be misleading but .....

You can see the list of tests here http://www.matousec.com/projects/firewall-challenge/level.php?num=1. This page is for level 1 but you can select the other levels up to 10 at the bottom of the page.

As you will see there are firewall related tests but products without HIPS capabilities have no chance of a score that will look respectable.

Cheers" }-

Thanks for both of your guys' help :D

-{ Quote: "Some might suggest it's designed to be misleading but ....." }-
There is another misleading thing with KIS 2009.
Matousec tests KIS with the highest security settings, this means with the interactive mode enabled.
Many users who use the automatic mode may look at the results and think - wow, what a great protection.
In fact KIS with automatic mode would never ever score higher than 50%, even if there are a lot of self protection tests.
But most bypass- and leaktest will just browse through in automatic mode.

One for the money and one for the show - that's my opinion about these modes.

Cheers

-{ Quote: "There is another misleading thing with KIS 2009.
Matousec tests KIS with the highest security settings, this means with the interactive mode enabled.
" }-
Other products are also tested with highest settings... I don't see what's the problem. :)
-{ Quote: "Many users who use the automatic mode may look at the results and think - wow, what a great protection.
In fact KIS with automatic mode would never ever score higher than 50%, even if there are a lot of self protection tests.
But most bypass- and leaktest will just browse through in automatic mode.

One for the money and one for the show - that's my opinion about these modes.

Cheers" }-
Many users who enable automatic mode don't even know such a test exists. They are average home users, aka "housewife's", who only want a suite that doesn't bother them with popups, because they wouldn't know what to answer. Comodo has a similar mode (configuration), OP as well... so it's not misleading. "One for the money and one for the show" isn't valid, it's simply providing the needed usability for average home users. On the other hand, those who enable automatic mode and want to pass some leaktests... well they expect way too much as no application has the intelligence to allow legitimate actions and block those potentially malicious. :)

Anyway in this text KIS has not such a great performance.

-{ Quote: "Other products are also tested with highest settings... I don't see what's the problem. :)" }-
Highest settings was related to a comparison of interactive mode and automatic mode, not to a comparison of other products.
-{ Quote: "
Many users who enable automatic mode don't even know such a test exists.
" }-
How do you know?
-{ Quote: "
"One for the money and one for the show" isn't valid, it's simply providing the needed usability for average home users.
" }-
Good point. No security would provide even more usability - but less money. :lurking:

Cheers

-{ Quote: "How do you know?" }-
I could also ask you the same... ;) I'll let the market speak for itself.
Why do you think Trend, Symantec, McAffee are called the "big three"? They are widespread and most commonly used AV solutions currently. And that's simply because they are not intrusive for the majority of users (average Joe), simple to use and provide sufficient protection, pared up by good marketing ground. Specific issues with those products aside, their ideology (=a big "Fix it" button) works in the real world, for the majority of users. They don't know about AVC, Matousec, AV-test and other organizations dedicated to testing security solutions, or to put it another way, they don't want to know... They simply go to the shop and pick up an AV which has the most "shelf-space" or was recommended by a neighbor, friend, colleague, or it has caught them by a good advert... People here and on other security-related forums are just a particle of sand on a beach compared to them.
Again, if you and anyone reading Matousec tests really think that automatic mode should proactively pass leaktests (which, alone, aren't a benchmark for real-world performance), without blocking legitimate applications, well... expectations are too high :P That mode is solely created for average users who don't know how to answer "Application klionky.exe wants to access protected COM interfaces. Allow/Deny/Self-destruct" types of prompts. :)

(P.S everything is about the money, in fact :P)

-{ Quote: "Some might suggest it's designed to be misleading but .....

You can see the list of tests here http://www.matousec.com/projects/firewall-challenge/level.php?num=1. This page is for level 1 but you can select the other levels up to 10 at the bottom of the page.

As you will see there are firewall related tests but products without HIPS capabilities have no chance of a score that will look respectable.

Cheers" }-

I have to agree with you, and these test are misleading in a way. The fact that matousec is stated as "firewall" challenge, but really is a mix of firewalls+HIPS vs firewalls without. I find this testing to be a flaw in a way that it you can't tell the strength of some of these firewalls when it comes to outbound leaks because some of the firewalls have HIPS combined. I personally think he should of did the test separately--testing the firewall separately and testing HIPS separate. Just think if any of the firewalls that didn't have HIPS combined, they obviously would do much better. For example, comodo 2.4 firewall combined with only comodo 3's "defense +" it might be up there with comodo 3 firewall(w/defense). Separate tests would be better because people mix match different firewalls and HIPS programs, that way we can know which is really the best combination.

One more thought, these are two separate security techniques(firewall and HIPS). Its almost like testing an Antivirus+spyware detection vs an Antivirus and see which one can detect more malware...

-{ Quote: "I have to agree with you, and these test are misleading in a way. The fact that matousec is stated as "firewall" challenge, but really is a mix of firewalls+HIPS vs firewalls without. I find this testing to be a flaw in a way that it you can't tell the strength of some of these firewalls when it comes to outbound leaks because some of the firewalls have HIPS combined. I personally think he should of did the test separately--testing the firewall separately and testing HIPS separate. Just think if any of the firewalls that didn't have HIPS combined, they obviously would do much better. For example, comodo 2.4 firewall combined with only comodo 3's "defense +" it might be up there with comodo 3 firewall(w/defense). Separate tests would be better because people mix match different firewalls and HIPS programs, that way we can know which is really the best combination.

One more thought, these are two separate security techniques(firewall and HIPS). Its almost like testing an Antivirus+spyware detection vs an Antivirus and see which one can detect more malware..." }-

"Personal" firewall is not only packet filter, it filters and should distinguish applications from each other, with HIPS or something else he does not care