Leaving aside the hips part, what are the differences between WFC and the firewall of Spyshelter? do they both use windows firewall or Windows Filtering Platform in the same way? which one is more secure or more advanced?
WFC has many more options than SpSFW. There is IP address lookup, WhoIs lookup, extensive logging, easier rules creation and editing, can create very specific rules, different filtering modes, etc, etc, Creating all sorts of crazy rules adds nothing to security - either you trust and application and will Allow it, or you do not and will Block network access. You can create all the rules you need for good security in SpSFW but it just doesn't offer all the features as WFC. It is just that WFC offers a lot more "bells and whistles." Properly used, SpSFW is one of those programs that offers high system security.
WFC uses Windows Firewall which uses Windows Filtering Platform (WFP) only so not Packet Filtering. WFC is a front-end with steroids for Windows Firewall. SpyShelter's firewall can use either TDI driver or/and WFP driver. https://www.wilderssecurity.com/threads/windows-firewall-control-4.347370/page-16#post-2299399 https://www.wilderssecurity.com/threads/spyshelter-firewall-question.358347/#post-2332760
I believe we already discussed part of this. Basically, SSFW is a standalone firewall which can work alongside the Win Firewall. So you can control outbound and inbound traffic, independently of the Win Firewall. WFC is simply a front-end of the Win Firewall, it makes it easier to manage it, and adds a couple of handy feature which have been already mentioned. SS will also let you block access to certain domain names and IP addresses. SS uses the Windows Filtering Platform, and WFC does not because it's only a front-end.
Yes, but not a very advanced one. I don't believe it has all of the options of advanced firewalls, and it's not possible to make complex rules, but I don't really have the expertise so I can't give you details. It's probably best to keep Win Firewall enabled and to use SS only for outbound alerts, unless you pay the 10 bucks for WFC.
I think using a front-end for windows firewall is better while booting your OS as I read somewhere that standalone firewall drivers delayed. Abdullah
Yes. Typical user does not need to add all kinds of crazy, restrictive, overly-complicated rules. Ability to create complex rules was included in WFC for those that have complicated network setups. Allow or Block is all that is needed for security = awareness of what is running on your system. This is exactly what the developer of WFC recommends - and not the crazy setups you see displayed by some WFC users on the WFC sub-forum. WFC has more extensive logging, rules writing, etc. It is feature rich. Whether those features actually add anything to overall security is highly debatable. SpSFW is minimalist by intent and design. It comes down to personal preference; both use WFP so protection is essentially equivalent.
BTW, seems like the new version of Windows Firewall Notifier looks very promising. Just like WFC and TinyWall, it's a Windows Firewall management tool with extra features. I didn't really like v1, but v2 seems cool. http://www.ghacks.net/2015/06/15/a-first-look-at-windows-firewall-notifier-2/ https://wfn.codeplex.com/releases/view/620063
I've used version 1 of WFN, I think for years, up until I updated to Windows 10, and then it seemed to stop working, didn't seem to block or notify on unknown connections even though it was set up to block all unknown the same as it had always been. So I tried v2, also with no luck. Ended up switching to TinyWall which seems to be working fine for me on Windows 10. I guess WFN is working for others on 10, but if you've recently updated your OS you may want to test WFN to be sure, especially if you haven't noticed any notifications in a while.
I quickly checked out WFN v2 via Sandboxie, the GUI looks good, but I don't know about the other stuff. But I'm quite happy with WFC, I don't see myself switching.
Sottises ! https://msdn.microsoft.com/en-us/library/windows/desktop/aa366510(v=vs.85).aspx " The firewall application that is built into Windows Vista, Windows Server 2008, and later operating systems – Windows Firewall with Advanced Security (WFAS) – is implemented using WFP " " Starting in Windows Server 2008 and Windows Vista, the firewall hook and the filter hook drivers are not available; applications that were using these drivers should use WFP instead " No hooks in kernel... ok ? bye bye " HIPS " ! Since Vista, Comodo, Privatefirewall, Outpost, Look n’ stop, WFC, W10FC, etc... are GUIs.
Alright. Maybe your conclusions are right (we need others opinion on this) based on that M$ article. But also is common knowledge, right or wrong, that any firewall other than WF is considered as a standalone firewall. Hence you are not entitled and is not polite to say Foolishness! even in French lang. when you quote my post. Ignorance is not foolishness, moreover on complex matters like IT.
Perhaps a definition of what WFP is would help. Note the underlined portion. Taken from the same above link reference: Windows Filtering Platform is a development platform and not a firewall itself. The firewall application that is built into Windows Vista, Windows Server 2008, and later operating systems – Windows Firewall with Advanced Security (WFAS) – is implemented using WFP. Therefore, applications developed with the WFP API or the WFAS API use the common filtering arbitration logic that is built into WFP. The WFP API consists of a user-mode API and a kernel-mode API. A couple of comments. First, you should never disable the Win firewall service since doing so disables WFP. When a security vendor interfaces with WFP, he disables internally the Win firewall and replaces it with his own firewall which uses the Win firewall service. When done properly, the Win firewall GUI paged accessed via Control Panel -> Windows Firewall should display "These settings are being managed by vendor application xxxxxxxxxxxxxxx."
Yes, i couldn't agree anymore, but the message supposed "These settings are being managed by vendor application" is not there. WIndows firewall service is set to automatic. Using W7_x64 SP1 and SSFW. Rules.
Not all vendors get the integration 100% right. I wouldn't worry about it as long the SpyShelter firewall is working properly. As long as the Win firewall service is started, WFP is functional.
Ok, thanks itman, right now i just remember that's SSFW is not recognized in the Control Security Center, had to untick for avoid message. Rules.
yes I have a other computer with KIS and the message is correctly displayed in Windows Fw Gui. Rules.