What the weakness in Outpost Pro 2.5?

[c0ltran3]

What's the weakness in Outpost Pro 2.5? I'm a beginners with this help.

Thank in advance for your answers.

[hojtsy]

I think the biggest weakness is the complexity of rule evaluation order and rule priority. It is so hard to understand fully, that you have to invest lots of time to come up with a secure configuration for your system.
It would be easier to compare it to an other firewall. What are you using now?
-hojtsy-

[c0ltran3]

I'm using Kerio 2.15.

[Paranoid2000]

What do you mean by weaknesses? If you are talking about security issues then Secunia is a good place to check for details of specific products (including Outpost 2.x).

If you are talking about usability, stablility or conflicts with other software, then checking the Outpost Forums should give a good idea of the current state of play (and the Outpost 2.5 - what to expect thread does summarise issues with the latest version).

As with every other product, there are bugs in Outpost, conflicts with some other software/hardware and some Windows features may not work well for some people (e.g. Fast User Switching support is rudimentary at best in my view). Whether these are significant or not depends on your system setup and usage preferences (e.g. if you don't use FUS, then Outpost's problems with it should be a non-issue).

However if you are starting with Outpost, you may find introductory guides like the Web-Hiker's Guide to Outpost Firewall (written for version 1 but most of it applies to version 2 also) and the PDF manuals on Agnitum's Outpost Download Page a more useful place to start. Also check Agnitum's Outpost FAQ and the Outpost v2 FAQ Forum for answers to common questions.

[Kerodo]

I think probably the biggest weakness in Outpost 2.5 is that the default rules are fairly loose. In an attempt to make sure as many things work as possible out of the box, they have made quite a few system and app rules, many of which may not even be necessary for you or may require modification. Most people will want to tighten things up quite a bit when they configure Outpost.

See Paranoid's links for help with this...

[gkweb]

Hi,

it's all depend about what you mean by "weakness".
If you mean something not convenient, then it depends again of what you expect from you firewall.
For instance what I would see as a little drawback is the filtering rule edition, which is not as much powerfull as I would want (to create rules defining IP and TCP options such the ttl or DF flag, TCP flags ,etc...).
This very point will be seen at the contrary like a very good thing for other people, seeing in Outpost a good application based firewall (with simple rules creation).

So the question really is : which features are you looking at precisely ?

Then anyone here will be able to help you

regards,

gkweb.

[Paranoid2000]

Quote:

Originally Posted by gkweb

...what I would see as a little drawback is the filtering rule edition, which is not as much powerfull as I would want (to create rules defining IP and TCP options such the ttl or DF flag, TCP flags ,etc...).

Hurray! I'm not the only one asking for these features! Personally, I'm pushing for filtering on IP options, Source Routing especially since this is so heavily used in IP address spoofing...