Which firewall has the lowest CPU and memory usage?

Discussion in 'other firewalls' started by TeknO, May 26, 2005.

Thread Status:
Not open for further replies.
  1. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    Which firewall has the lowest CPU and memory usage for optimum security?
    Thanks and regards.
     
  2. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,008
    From the new ones: Netveda and Look 'n Stop.

    From the ancient ones: Kerio 2.x :)

    I use Outpost now.. Open it, close the GUI and see that it uses 2MB... While Firefox is now at 90. Why only look at Firewalls and AV's?
     
  3. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    A hardware firewall will use zero memory and zero cpu. If you have multiple connections open, like with bittorrent downolads, the performance difference between a hardware firewall and some software firewalls can be dramatic.

    The best software firewall that I have tested so far as resources are concerned is CHX-1. Runs with a single kernel driver, nothing in the task manager unless the mmc console is open to check the log or edit rules.
     
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    CHX-I is easily the lowest in ram and cpu usage. Regarding Outpost, sure, it will jump down to 2mb when you open and close the GUI, however, when I tested it, it ran consistently between 10-13 mb under normal usage. The GUI trick just drops it to 2mb temporarily. That's not where it stays at all.

    LnS while low also, has a memory leak, and the usage will creep up to 15mb and higher after a day or two of use. Kerio 2 hangs at around 5mb consistently. I have been told that CHX uses about 3.5 mb ram, however I have not been able to confirm this.
     
  5. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Outpost users are very fond of the memory management that allows it to show only 2mb of main memory. However, this is not a real measure of what is going on. If you boot a system with and without Outpost, the difference in total commit charge under xp will be about 40mb.
     
  6. Arup

    Arup Guest

    CHX-I followed by Kerio 2.15 and then NetVeda.
     
  7. hayc59

    hayc59 Guest

    Besides what some folks keep re-peating;) and re-repeating;)
    and re-peating...........yada yada yada:p
    Outpost works very well and for myself and awhole lotta folks:D
    You may want to take for a spin you may be very surprised and happy!!
     
  8. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    Could you compare kerio 2.15 with kerio PF 4.1.3 (advantages and disadvantages) ? and netveda safety.net with netveda safety.net pro?
    Thanks.
     
  9. Arup

    Arup Guest

    The NetVeda Pro is same as NetVeda regular except that it is aimed at corporates and therefore, paid, about KPF 2x and 4x, there is absolutely no comparison, both are entirely different products alltogether, KPF 4 has very good packet filtering but sadly, the add on packages make it a nightmare.
     
  10. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    does Kerio company continue to support for KPF 2x version?
     
  11. Arup

    Arup Guest

  12. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    Of all of them I've tried, Visnetic has the least hit on my resources. It doesn't offer outgoing protection, but I'd think with some backup like Process Guard or WinPatrol, you ought to be okay.

    I'm playing with the new ZA right now and definitely notice the difference, and will probably be going back to Visnetic within a couple of weeks.
     
  13. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    ZoneAlarm runs nice and light here, around 14mb RAM usage, but CPU usage remains 0%...
     
  14. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    I think that privacy or browser security must be important for firewalls. for example, kerio 2.15, ZA, Sygate, netveda and KFP 4 free versions haven't these security options. but KFP4 and outpost full versions have privacy and browser security options (like as blocking referrers & activex & java applets & cookies etc) these type security options must be ımportant for selecting a firewall. isn't it? Thanks for suggestion.
     
  15. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,537
    NetVeda :)
     
  16. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Opera can do all that without a firewall. Firefox probably can too.
    These are good security measures, but I wouldn't let them be your deciding factor. First and foremost, a firewall should prevent unsolicited incoming traffic and filter traffic by rules. Optionally, it can help you control application behavior. The free firewalls you mentioned should do that very well. There are other (lower cost) ways to achieve browser security.
     
  17. patermann

    patermann Registered Member

    Joined:
    Apr 4, 2005
    Posts:
    49
    Location:
    UK
    Personally, I prefer my firewall not to have these extra security options but just to be a firewall. This is for the following reasons:

    1. The authors are able to concentrate on making a good firewall rather than trying to make it a good firewall/anti-virus/anti-trojan etc.

    2. Although the firewall itself may be secure, there is always a chance that one of the extras may bypass the security in some way, thus making it less secure than the firewall on its own!

    3. All the extra functionality may turn the firewall into bloatware so that performance suffers on lower spec machines.

    4. With single-function software I am able to pick the best of breed for each function: firewall, anti-virus, anti-trojan, etc. It is quite rare for all functions in a multi-function package to be equally good (see 1).

    Note that this is just my opinion - many people are happy with the extras and some even buy whole suites... ;)

    patermann
     
  18. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    By the way, more and different security software mean more memory and CPU (more resource) and compatibility ıssues. it must be optimum and a few software must be enough.
     
  19. NetVeda has HTML code protection....It has many many features that you may
    want...It's free and out of the box very good protection.
     
  20. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    Which one? safety.net or safety.net pro. and how about with firewall leaktests? It will be fine if you write down some firewall test links.
     
  21. They are the same.....it will pass most leak tests.
    There is a NetVeda thread where Clansman and I have basic setup rules
     
  22. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    I have tested netveda with using www.pcflank.com site tests. but it didn't block referrers. KPF4 and Outpost Pro 2.6 were have these privacy and browser security options.
     
  23. Security......content security....check all boxes.
    I pass pcflank browser test that way.
     
  24. TeknO

    TeknO Registered Member

    Joined:
    Feb 18, 2005
    Posts:
    147
    Location:
    Istanbul, TURKEY
    OK. I'll test it.
     
  25. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,565
    I am not convinced by PCFlank tests. The stealth tests shows all safe. The quick test shows 135 visible. With GRC or Sygate it shows this port as stealthed. They have my correct address. Maybe they are looking at the ISP in error.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.