Looking for a light FW that has an integral HIPS

Bellgamin,

I heard in another forum that the "latest update level" to KIS 2010 (at least level "KIS 2010 9.0.0.736 (A,B)" - OR - Later), is suppose to be less resource intensive. I have *not* tried it myself, but from what I read the KIS 2010 (Firewall, AV, HIPS) is suppose to have a full featured HIPS with folder/file protection, application hips control feature, as well as behavior blocker features.

You might want to trial it. However, I do think you have use its AV component, but it rates good on various av tests.

 

bellgamin, lol we came up with the same conclusion.
just now, I also chose to settle on Outpost Firewall FREE.

I'll be setting up Firewall Policy as Block Most after a few hours of learning mode.
and customized few settings on HIPS.

 

@bellgamin
thanks for the heads up about OP ... I might give OP a try

edit:
did not find OP as lite as expected ... will settle for windows 7 firewall w/ advanced settings for now. Waiting for the final release of DW v3.

 

Me neither

 

Win7's FW has no HIPS. Outpost does. Therefore, OP offers a broader spectrum of protection.

However, there is a cpu-price to be paid when using a FW + HIPS combo. A HIPS looks at a much more detailed list of behaviors than is true for a FW alone. Moreover, until the HIPS component of OP has tracked all of your computer's apps, & configured itself accordingly, it has to -- simply HAS to -- be much busier than is the case for a pure FW.

The approach I used was to put OP in learning mode for the first few days I used it. During that period I did notice a slow-down at times. After the 2-day learning period, however, the zippiness returned to my web surfing -- except in those instances when I undertook some activity that was significantly different from the patterns I followed during OP's learning period.

In sum -- I do not question the fact that a pure FW will run lighter than a FW+HIPS. I have found a well-trained OP to be a light app within its own category of FW+HIPS.

Compared to other FW+HIPS combos I have tried, OP is a hair lighter than Online Armor, & a hair heavier than Comodo CIS.

Of course OP is also a bit heavier than PCTools FW, but PCT's FW has a less complete HIPS component. In fact -- as far as I can tell -- the PCT HIPS component is mainly designed to pass Matousec's silly little tests (which it does quite well) rather than seeking to constitute itself as a full-spectrum HIPS.

IMO, the HIPS components of OP, CIS, & Online Armor are far broader in scope than the HIPS component of PCTools FW. Any of these -- OP, CIS, OA -- will give you superb FW+HIPS broad-spectrum protection. Me & my computer like OP the best of these 3. Your mileage may differ.

 

the only possible solution i read was DefenseWall HIPS.
any other has no hips or ist just big.

on the other hand i need to ask why you need a hips - you dont trust yourself
or you familiy/other users? in that case you should go another way!

a) you dont trust yourself you should NOT work as admin. you should have
secure software, like a more secure browser than IE or MS office.

b) you dont trust others - install them their own profile - or put them into a
virtual machine - so there ist nothing to destroy - imaging will do.
(or returnil, shadow defender, deep freeze...)

well i use malware defender too - but sometimes its a pain and i dont need
it really. i did my homework some steps earlier so it has to pass 3 or 4 security
borders till it reaches my system.

for me one of the next steps is to try out the newest outpost firewall (still beta)
or to keep it simple like zemana in conjuction windows 7 firewall control.

btw - any hips will slow down the system - some more - some less - but they do.

 

How does it compare to your prior combo of MD and Kerio? I would guess that it is more than a hair heavier?

 

yesterday, I removed OP from my winxp pro...
I'm back to Online Armor free with HIPS features disabled.. not light but worth it.

HIPS should be optional for me because... I'm running under LUA with Sandboxie and Deepfreeze.

 

I don't know that I'll ever run without HIPS. It's an easy way to get a peek behind the scenes on my systems and has been a valuable learning experience.

 

The singularly BEST 2-app real-time combo I ever used was Prevx-free & Kerio 2.1.5. Faster than greased lightning.

To paraphrase a line spoken by K.H.: "My, she was yar! ...It means, easy to handle, quick to the helm, fast, right. Everything a firewall should be."

(I bet you don't know the name of the movie I based that comment on. No fair using google.)

 

Bellgamin.. have you tried CIS 4?
It blocks alot of intrusion in my activities without affecting my programs.
lol.. but I don't know what its blocking though

___________________________________
WinXP Pro SP3 - LUA, Sandboxie, Comodo Firewall Pro 4 with Optimum D+, Avast (File System Shield only)

 

Yes. It's excellent, but I find that its D+ component is unnecessarily convoluted to configure.

 

You're right, I have no idea! I also still don't know if MD/Kerio was lighter than OP!

 

Oh, I now see what you were asking. OP=FW + HIPS; therefore you want to compare it with Kerio (FW) + MD (HIPS). Ergo- compare apples with apples.

I never ran Kerio & MD together (see note below). In my opinion, that combo would be lighter than OP. But that's just a guess.

NOTE 1: I am behind an SPI/NAT-capable router. Thus, I only need outbound protection. I only use a FW when I have no other source of outbound protection. MD includes outbound protection plus all of its other HIPS abilities. That's why I never ran Kerio with MD.

NOTE 2: I want to have very good control over outbound because, IMO, that is a very solid way to protect against keyloggers. If a keylogger cannot call home, it is powerless to do harm.

 

Hi bellgamin,

what you're using now, the Free or Pro version of Outpost?

 

I used the free for several days but then I bought a license for the PRO. I just couldn't resist the price-reduced/lifetime-license deal. The deal expires end-April (I think) but they have had that same deal in the past, so they might do it again in the future.

When I installed PRO, I opted NOT to install (1) the spyware monitor & (2) the web watcher thingee. Prevx covers those bases just fine -- don't need OP to do it.

Also, after PRO was up & running, I configured it to NOT do any logging. Logs are handy if I plan to get infected, but infection isn't in my plans. Besides, logging does cost a teeny bit of speed, so... off with its head!

 

you still haven't made clear why hips is such important for you as its meaning seems riddles to you!

 

Yeah it's sad Malware Defender have stopped developing, such an awesome product

(I know they might continue supporting it but it will not be the same as before)

 

Thanks for the thoughts on MD/Kerio combo. Your first post indicates that you ran them together, but maybe I misread that.

So is the quote from The Philadelphia Story? If it is, is it recommended watching? The Road was the last good movie I've watched and I've got The Vanishing on deck (the original Dutch version).

P.S. - I took advantage of the lifetime deal on Outpost's website back in January. Seemed too good to pass on at the time.

 

I suggest Defensewall HIPS or Malware Defender

 

I cast another vote in Online Armor's direction...

 

You didn't misread. I miswrote. I have edited accordingly. The old combo was Prevx+MD

You are correct. It is an excellent situation comedy with grrrreat casting! Remade years later as "High Society" - a musical but still a great story.

I missed that one. I am so glad that they repeated that fantastic offer in April 2010. Prevx+OP is a great combo on my aging computer. Excellent 3-way protection provided by only 2 real-time security apps.

 

10 5 Days and 38 useless postings later:
https://www.wilderssecurity.com/showpost.php?p=1654995&postcount=9

sorry - WHY do you ask if you already had the answer?

 

Never went shopping with your wife/girlfriend?

Happens to me all the time. In the second shop she really liked the shoes, in the third she found some clothes (say this at 10.43). On 16.12 you are rushing from shop number 38 to shop two and three to close the sales.

When it is a passion/hobby you never want to miss out on the best option, plus talking about is fun.

 

Good summary Kees