Seeking Firewall recommendations without the use of HIPS?

I'm searching for a firewall that has good outbound protection without the use of HIPS. I'm going to try Look 'N' Stop, but i have no ideal how good it's outbound protection is. What are some other good FW's that will alert me to all outbound request? I'm not worried about inbound request because i'm behind a UTM appliance with DPI /IPS/ GAV. I want something that is still maintained, and preferably light weight. Does anyone have any suggestions?

 

What about just using the built-in one in windows with the free or paid "windows firewall control"

http://www.sphinx-soft.com/Vista/order.html

 

Do you think Windows Firewall with the Firewall controller would offer good leak protection when compared to other firewalls options without a HIPS?

 

Am i right in thinking that Jetico FW uses some sort of HIPS? I used them for a brief period, but I don't remember for sure.

 

I really liked Sygate FW in the past. Seems like someone on this forum said that FortKnox FW was based off Sygate Firewall or they were very similar.

 

LnS is a great firewall if ur comfortable with using rules, u culd try Comodo FW with D+ disabled as well.

 

Two free firewalls will git er done . . .

1- Private FW. Its HIPS is easily disabled. On the GUI, click Process Monitor. A slide will appear. Move the slide to "Off" -- Poof! -- no more HIPS.

2- PC Tools FW is another option. It has a bit of leak protection, but no HIPS per se.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Of course, without HIPS your pants will fall down.

 

I've used Comodo FW, and also have tried Private Firewall. I like Comodo, but Private Firewall felt really forum to me after using Online Armor for so long. I was more looking for a firewall to use with Appguard. OA, and AG don't like one another it seems. I can turn off OA's HIPS, and just use the firewall if it comes down to it. I was looking for a good Firewall that has the best possible leak protection without the use of HIPS. I was looking at Kerio Wind Route, and it sounded more in the lines of what i was looking for. The only problem is I thought there was a desktop version of it, and I only saw server protection listed on their homepage. I have never used it. Anyone know anything about Kerio Wind Route? Is there a desktop version? Does Sunbelt use Kerio Personal Firewall? If that's the desktop version then I am not interested in it either after just finding it.

 

I agree

 

I'm fine with setting firewall rules. It has never been a problem before so maybe LnS will suite my needs to use with Appguard.

 

You can always download the online help file without downloading the entire package to get an good idea of the different features that this Look ‘n’ Stop product has to offer. http://www.soft4ever.com/LooknStop/En/looknstop.chm

 

And don't worry about LNS protection... is one of the best on the FW market.
Additionally with LNS you don't have to worry also about your computer resources - it's a minimum impact, have a look: https://www.wilderssecurity.com/showpost.php?p=1666337&postcount=5

 

Indeed.

It will be hard to find a FW without HIPS and with leak protection.
For some years now the HIPS part of the software will (is) be responsable for part of the outbound traffic.
As bellgamin said PcTools FW has somewhat of a watered down HIPS; but if you're going to have the hassle of pop-ups (you will always have it) why not going for a full-fledged solution?

 

I'm a fan of HIPS myself. I'm beta testing Appguard from Blue Ridge Networks, and a couple of users here criticized me for testing AG & OA together since OA has a HIPS. I set AG's programs folder as an exception in OA's exclusion list, and trusted all AG drivers. I had one BSOD that pointed to AG as the cause, and they said it was my fault for testing them together ( not Blue Ridge Networks; just some member here). I should just keep testing them together anyways because I don't want to give up my firewall to use AG. One of the reasons I decided to beta test for AG is to make sure AG worked well with my other security Apps. You can't expect all security products to be compatible with one another, but I thought i would give it a shot. The funny thing is I have been running an older version of AG with OA for a long time without any problems. I have also been running the latest beta version of AG with OA on another machine (W7 x 64), and have had not problems between the two. Almost all firewall are adopting some sort of HIPS now days, and in 5 years I believe almost all of them will have their own flavor of HIPS. If I want I can turn OA's HIPS feature off, and test AG that way if that is the conflict. Right now i'm using windows firewall with AG, and I'm going to test LnS & a few other firewalls this week. I really liked Comodo 5.0. I used it for the past 3 months on one of my machines. I was surprised I was not annoyed with a ton of pop ups.

 

another vote for look and stop.

 

Yes and to tell the truth this is sad... In fact when you are looking for a lightweight firewall you get I guess as a 'bonus' HIPS module which you don't need at the moment. I understand that there will be probably in 99% cases additional option which will allow you to disable it but why I have to download and install full package including FW/HIPS and maybe AV or AS/AM module if I need only one thing - rock solid, pure and light for my resources FW?
I guess it's because all kind of market trends created years ago by Matousec and others where it's very fashionable testing mainly HIPS module implemented in FW and where your product get a low score if you offers only FW

I really hope that Frederic (LNS author) in future won't add to his FW unnecessary add-ons like HIPS, etc.

 

after testing all firewalls out there i come to conclusion that the best firewall (like u asked for) to protect from any unknown outbound traffic is WINDOWS FIREWALL + WINDOWS FIREWALL CONTROL (freeware) .

this combo is the lightest in this filed, also u are using already BUILD IN firewall that came with windows and that is wonderful

cheers

 

Excelent choices.

Btw... Firewall without HIPS, it's useless. User Windows Firewall in that case.

Cheers.

 

You are perfectly allowed to own your opinion here but, actually, a firewall without HIPS is, ...well, a firewall. Or isn't it?
And I thought this forum section was dedicated to firewalls. For me, i consider that a firewall + HIPS is simply a beginning of a security suite.

 

I also use AG and have the beta on one computer. I don't like to use more than 2 third-party dedicated security apps (no real reason just a personal preference). If you have the some old hardware build your own FW gateway appliance (m0n0wall perhaps + no HIPS) so there is zero impact on your resources. You can write your own outbound rules with this also. Windows FW with AG would more than suffice to protect your computer. To me the benefits of the protection that AG offers outweighs the benefits that even a good software firewall would offer (again simply opinion of mine and not a proven fact).

 

a quote from fuzzfas about WFC:

from this thread:
-http://www.wilderssecurity.com/showthread.php?t=287798&highlight=windows+firewall+control-

it does not really bother me because Windows 7 own firewall does not protect from this with the default settings.

beside i don't use WFC for security, just to keep some programs from "phoning home".

 

Well, i am a fan of HIPS. It just depends on what other security Apps I want to run on that machine, and what i'm using that machine for in making my decision on wither to use a firewall with or without HIPS. One setup that would eliminate the use of a HIPS or AV would be using Appguard with a Firewall like LnS or Windows FW with Shadow Defender. That would be very light, and also very effective. The type of malware that has been known to bypass some light virtualization apps should be stopped by Appguard. If you have a Firewall that has good outbound traffic control then you have a well rounded, and light security setup. I'm behind a Gateway firewall with IPS, DPI, and GAV. I don't really have to run an AV on my workstation. I can, and that would be added protection, but many would call it over kill.

 

private firewall - easily turn off HIPS
look n stop - awesome firewall