Best Firewall For outbound Protection?.

excuse my ignorance but what Linus Torvalds got to do with this?

haha... very funny... but true...

 

"Software is like sex: it's better when it's free." is a quote of Linus Torvalds, thats all.

 

thanks... thats what im thinking, but too lazy to search google... hehe...

 

But if its job is to control network traffic, and a hidden malware could shut it down, thus preventing it from doing its job, then could you not say that behavior blocking is a legitimate function for a firewall?


-HandsOff

 

Comodo Personal Firewall.

 

I have no objection for any extra features of a firewall( except if they are crap). I like this function and esp the OS firewall function in ZAP.

 

Sunbelt Kerio seems to be working like a champ, including with respect to outbound traffic. What still annoys me, however is the user interface. While it does seem to perform behavior blocking, Nips, and Hips, there is a grand total of 1 entry between the three of them

This makes me a little bit nervous about will I be able to rescind decisions. On the other hand, under Network Security one does seem to have the effect of the decision, if not an actual log of the event. I think all the rules that effect connectivity are easily changed...so as far as monitoring out bound:

1-you get the popup when event takes place and can block
2-a rule is created that is easy to change

3-logging seems to be an issue, but i guess it is not as vital as control.

I'm starting to like it for control of outbound connection. Hopefully, others can confirm this.


-HandsOff

 

Kerio 2.1.5 provides excellent control over both inbound and outbound traffic. On more than one occasion, I installed it on a PC is was servicing and it immediately alerted me to an undetected trojan, trying to connect out. This version of Kerio doesn't have any form of application control, except for verifying the signature of the application requesting internet access. It caught and blocked the trojans connection attempts.
While many of the newer firewall suites come with some form of application/hook control, I prefer to use a separate program for this purpose, specifically System Safety Monitor. Both are very light and easy on resources. I've used Kerio 2.1.5 for several years now and it has never crashed or otherwise failed.

While Kerio 2.1.5 does give good protection in both directions, it is rule based, meaning that the user has to configure it properly. The user does need to have a basic knowlege of internet protocols, the IP address system, ports, etc. When used with separate HIPS software like SSM, they will outperform most security suites, use less hard drive space and system resources, and costs less than most security suites that are nowhere near as strong.
Consider trying them only if you're willing to learn how and why they work. Like Kerio 2.1.5, SSM is also rule based and requires that the user understands what they're doing.
Rick