Any Difference Between Application-based and Rule-based Firewall?

Discussion in 'other firewalls' started by Perman, Oct 29, 2006.

Thread Status:
Not open for further replies.
  1. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: I used OutPost Pro 3.5 before and use ZA Pro(part of ZASS 6.5). Both give me adequate protection and are considered reliable. I believe these two operate under completely different principles. Can folks with in-depth knowledge share some of your knowhow with viewers here? in the area of technology and pro/con of their uses, and also illustrate the catagory of current available F.W. in the market? such as comodo, ZA, KIS, etc. Thanks.
     
  2. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I'm not that knowledgeable but heres my 2 cents.

    As the names imply one controls an apps access to the internet where the other one does controls data based on certain rules you have set.

    For example Look'n'Stop has both application control and network rules control, a user can control what apps may access the net as well as control where that data may go.
     
  3. Tommy

    Tommy Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    1,169
    Location:
    Buenos Aires - Munic
  4. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    As a person new to rules based firewalls, I'd like to follow this thread to see if I can learn anything. I'll be quiet.:)
     
  5. dah145

    dah145 Registered Member

    Joined:
    Jul 3, 2006
    Posts:
    262
    Location:
    n/a
    Sorry to hijack this thread but which one offers better protection?
     
  6. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I wouldn't know which one is better but i do know that used together they offer great protection, which is one reason why i use look'n'stop.
     
  7. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    For me, the most logical method is that followed by AtGuard and Kerio 2.1.5.
    This involves having all the rules on one page with the opportunity to move each rule up and down according to priority and the possibility of associating any of these rules with/without an application.

    Unfortunately, firewall designers today seem more concerned with spreading the rules around several panels...I guess to create the ILLUSION that you are getting more value for the money.

    My current firewall of choice, NPF2004, uses 3 rule priority levels (called General, Application, Trojan Horse). Therefore, it's not quite as logical as AtGuard or Kerio 2.1.5 but it provides some other advantages (at the expense of 24 MB RAM!) over these two.
     
  8. herbalist

    herbalist Guest

    All else being equal and limiting this comparison to the internet firewall component, rule based firewalls can offer greater security. This is primarily because of their greater configurability. Rule based firewalls do give the user more control over what traffic is and is not allowed on a per application basis. That additional control can translate into better security if the user can write good, specific rules. A rule based firewall with poorly written rules is only slightly better than no firewall at all. Many of the firewalls available are more accurately described as hybrids of both types, having both basic application settings and the ability to enforce more specific rules.
    This doesn't take into account any additional features that may be combined with a given firewall, such as HIPS. At the risk of causing confusion, HIPS is also referred to as application firewalling, referring to the actual control of applications. Application based firewalls usually refer to internet traffic firewalls. Some vendors are getting a bit loose with the terms which although similar, refer to entirely different things.
    Rick
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I switched from ZoneAlarm Free to Look 'n' Stop.
    Both offer Application filtering, but Look 'n' Stop also offers Internet filtering, which I don't understand yet. So Look 'n' Stop will keep me busy until I understand that part and hopefully I will be able to work with rule-based firewalls in the future.
     
Loading...
Thread Status:
Not open for further replies.