ESS Firewall Effectivness?

Discussion in 'ESET Smart Security' started by firzen771, Nov 5, 2007.

Thread Status:
Not open for further replies.
  1. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i haven't really been able to find any tests or reviews on ESS firewall, and since this is the first time they've put in a firewall, id like to see how effective it actually is compared to some other firewalls out there? anybody have any comments about this? any of u done your own personal tests for it maybe?
     
  2. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Well opinions will vary. For me It is a very efective light weight firewall and it has the advantage of being integrated with what I believe is the best antimalware out there.
    You should know that if you are worried about leak tests and all that mambo jambo ESS does not care about them since their policy on that matter differes from the Matousec standard, if you know what I mean. What I can tell you is that they won't let anything bad run in yor machine and from that point of view you shold feel safe with it.
     
  3. PatG

    PatG Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    579
    Location:
    South Alabama
    What MasterTB said...:)
     
  4. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    ive heard people say that having a "layered" protection is better, so having a separate AV, a separate FW and all those things because if its integrated, it all goes down if the program somehow gets terminated?
     
  5. SteveBlanchard

    SteveBlanchard Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    312
    Location:
    ENGLAND

    IMO Intergrated is best, for starters there are not likely to be any conflicts with the firewall, AV etc.
     
  6. Pfipps

    Pfipps Registered Member

    Joined:
    May 15, 2007
    Posts:
    181
    I tend to be skeptical of the school that a firewall must always act like a behavior blocker. What Matousec want is just that. So you can get something like threatfire or those types of HIPS (loose definition) as a layer. I just wish Eset added one in. Also, Vista has User Account control which acts like a very basic HIPS.
     
  7. sjgore

    sjgore Registered Member

    Joined:
    May 22, 2007
    Posts:
    66
    Location:
    UK
    I don't care about leak tests either. It's a bit like building a castle and spending too much effort on preventing an invading enemy from getting out, rather than concentrating on making the walls strong enough to prevent the enemy from getting in in the first place.

    I can see the arguement for that, but I would also argue that an integrated suite is more efficient and, as SteveBlanchard already said, there are less likely to be conflicts between all the various components. Also, only one software house is "in charge", and cannot blame problems on other (ie. their competitor's) security software.

    I suppose it depends, though. Some rival security suites are just lots of individual components cobbled together (the anti-spam component of ZoneAlarm, for example. It even installs separately!). One of the many things I like about ESS is that the firewall has been seamlessly integrated with the other malware components right from the start.

    Steve.
     
  8. toasale

    toasale Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    86
    Location:
    Alabama
    I prefer ZoneAlarm, but I choose to use the suite as I feel its "linkage" to the entire package is better performing, especially during updates.
     
  9. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    I had already often asked for a comparison between Sygate 5,5 and ESS. So far one was afraid from official side to compare itself directly. Amazingly, particularly since it does not give Sygate the company any longer. If competition-technically no problem exists.
     
  10. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Well it is understandable. My bet is that this thread will get closed by mods, but if you need an answer I would keep ESS. Sygate was great but it has been outdated too long now.
     
  11. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    What do you mean with understandable ? Cause of my horrible english, or of the reason i'm asking, or that nobody from ESET respond ?
     
  12. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    It is understandable that you have not been answered because topics about A vs B are usually not wellcome. That is what I meant.
    Sory if my english is not to good it is NOT my birth language and since there is no forum in spanish, well ....
     
  13. Steel

    Steel Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    219
    I was not conscious of Ups, its me. My questions should not be behind cunning also, but only much interests me to improve to want. But not at all to react I find already somewhat strange, particularly since no bad intention puts behind.
     
  14. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Please don't get me wrong. I'm not a mod or anything else. After all I DID answer you because It seems to me that you asked an honest question. I just made the coment about A vs. B so that it did not happen to you againg. Just trying to help.
     
  15. bluesprite

    bluesprite Registered Member

    Joined:
    Apr 11, 2007
    Posts:
    71
    My impression so far is that ESS firewall is effective and comprehensive. It's been a while since I last used Sygate but I wouldn't go back to it, ESS is reasonably sufficient to me.
     
  16. SecMonk

    SecMonk Registered Member

    Joined:
    Sep 21, 2007
    Posts:
    19
    Outbound leak protection is not only against malware, but against any software that may phone home "unexpectedly" or "unusually". Such software may be on the edge of being considered as spyware, yet it isn't (draconian activation policy, "genuine" checks, etc). Rather than for protection against classical malware, outbound anti-leak firewall is primarily for protection of privacy and for tight control of your system, and as such it is very valuable and needed.
     
    Last edited: Nov 7, 2007
  17. galloot

    galloot Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    12
    What program can run in conjunction with ESS then that blocks unwanted outbound signals?
     
  18. GaryRW

    GaryRW Registered Member

    Joined:
    May 14, 2005
    Posts:
    141
    Location:
    OH, USA
    That philosophy is based on selecting best-of-breed "layers" which together gives best overall protection. That evolved because most venders could not provide suites that did best in all categories; they usually had at least one deficient component. They downside is little synergy between areas that can reduce overall system load.

    The holy grail is to be able to provide compehensive protection like a suite without the fragmented overhead. An integrated "single data stream" processing approach provides synergy and reduces load. I believe this was the goal of ESS based on what little has been released by Eset to the public.
     
  19. sjgore

    sjgore Registered Member

    Joined:
    May 22, 2007
    Posts:
    66
    Location:
    UK
    ESS does, see reply below.

    I completely agree, but there's a big difference between a legitimate application wanting to phone home (which would trigger an ESS firewall alert) and 'dodgy' applications that try to sneak round the sides.

    Leak tests use these dodgy methods to try and emulate malware. But since ESS detects malware too, then we're covered.

    ...I hope! :)

    Steve.
     
  20. SecMonk

    SecMonk Registered Member

    Joined:
    Sep 21, 2007
    Posts:
    19
    There's a problem though. What some consider as spyware released by a big established company (such as Adobe and their activation/genuine-check phone-home calls), the AV companies do not consider as spyware and their anti-spyware modules won't block them. But I want to block them because I consider such gray-hat phone home calls to be unacceptable.

    These companies may and often do use sneaky ways to connect to the net (although Adobe does not) exactly because they want to bypass the firewall.

    You know a simple leak is to use the Internet Explorer dll. Your firewall considers IE to be trusted and allows it connect and send data anywhere. A gray-hat spyware program will use the dll to send data to the net without your knowledge.

    I want to control my resources. I want to decide what applications are allowed to send data to the net and when. For that I need a good anti-leak outbound firewall.

    Most importantly, good outbound anti-leak firewall is proactive security. I.e., it protects me from unknown threats that the heuristic and signature-based AV modules missed.
     
    Last edited: Nov 8, 2007
Thread Status:
Not open for further replies.