Here is the official response from Jetico regarding ICS with it. Quote In general disabling Stateful Packet Inspection makes JP Firewall allowing almost all network traffic on low-level (i.e. almost all incoming network packets will reach Windows TCPIP driver). And only after that they are filtered by upper JP Firewall level where it checks that some program is going to receive the packets. I write "almost all packets", because low-level JP Firewall filter will continue dropping "bad" packets sometimes used to attack computers. End Quote. Now my question is, how does Kerio 2.15 and Zone Alarm Pro handle ICS, do they also disable Stateful Packet Inspection when ICS is selected?
Why not just get a cheap router, or turn an obsolete PC into a gateway? I realize that is not the specific answer to your question, but is seems that ICS is a PITA. My feeling is that ICS is one of those things that only made sense when hardware was expensive.
Diver, As soon as I get the broadband in the mountains here, I will get the D-Lonk router which has hardware firewall, however now I have a measly 4kbps GPRS mobile phone connection right now and two PCs at home, so ICS looks to be a good option for this type of connection. I was just wondering how Kerio and Zone Alarm as well as Tiny configure themselves to protect a ICS client compared to Jetico.
There is an optional rule in the BlitzenZeus default Kerio 2.15 rules for ICS. All it looks like is to allow DHCP in from remote address 0.0.0.0. Kind of cryptic. Might as well try it, as Kerio 2.15 and the BZ rules are free. Kerio does not have any option to disable SPI that I know of. Sorry about the mobile connection. I keep taking cheap broadband for granted.
Diver, Been a long time Kerio 2.15 user with BZ rules, only decided to try out these new ones due to their outbound protection features, between NetVeda and Jetico, I would rate the former better even though it may not have the finer control aspects of Jetico, it does have a ICS/Router/Proxy mode.
Arup- I know that ICS is top on your list for the time being for a feature, but I noticed (or didn't notice) that NetVida, doesn't use SPI or even being 'Stateful like'. No mention of it, on their web site in the list of features. Can anyone confirm that it does/doesn't use SPI or a form of it? CU Jazzie
http://forums.netveda.com//index.php?showtopic=24 Jazzie, please check out the above link. NetVeda features on the fly Stateful Inspections of protocols.
Thanks Arup, would like to know what 'on the fly' is in refference to! Most likely, stateful like! But could be wrong!!! CU Jazzie
Arup, no need, it seems like a good, 'stateful like' alternative that is FREE and worth a go for some. For me, it lacks certaint features/abilities. None the less, an alternative to true SPI fw's... For me, it is either fully statefull or nothing, but that is my preference. That is why I either switch between 8signs and CHX-I---- CU Jazzie
I was also wondering what the "on the fly stateful inspection" meant too.. SPI doesn't seem like something that should be done "on the fly"... Don't know though.. maybe it's always done "on the fly"...
