Please read before voting. Will I benefit from HIPS? So far I have happily settled on NOD32 for my AV. My internet is ADSL via a router / modem which the user manual assures me that I'm "in-bound secure". I feel a firewall is necessary primarily to control naughty outbounds. I tried Jetico which annoyed me because I'm not into endless authorize/block Pop-Ups. I tried a few others as well in short periods to see what they were like. These were Sunbelt Kerio and Commodo. At present I'm running LnS which appeals because its simple and not constantly "in my face". It seems many people like HIPS. so I booted System safety Monitor up to see what all the fuss is about. It is a little busy for my liking. But is showing signs of "settling down". By trialing several comprehensive programs I realise that monitoring of my programs / processes is important as well as just outbound traffic. So I want something/s without "too much" constant hands-on that will give me a reasonable degree of protection against suspicious internal processes and outbound internet. 1. Do I run with a basic firewall and HIPs? 2. Or go with a more comprehensive Firewall alone? 3. Do away with the firewall and just take a HIPS. 4. Other - please specify. Keep in mind I like "less" hands-on (note I didn't say "no" hands-on) and inbound internet is not an issue. For myself, I'm willing to pay. But as lots of readers are in a similar quandary perhaps the members can offer both a paid and free solution. (Don't forget to vote).
I run both and prefer to keep them separate. Using separate apps will allow you to change or upgrade one without changing the other. Yes, SSM will settle down once you have a basic ruleset made. Until then, it's definitely not "less hands on". The free version isn't as comprehensive as the pay version, but it's by no means weak. A firewall will quiet down once you get the basic ruleset done. In that respect, they're quite similar to HIPS. If you're installing both a firewall and HIPS, there's no way around lots of prompts. You may find it easier to work with them separately. Rick
id try Comodo Firewall. its plenty powerful in outbound protection and it can easily be customized to show less alerts.
I have voted nr. 1 *try SafeNSec (has also an integrated application firewall) or *AbuseShield (this in combi with Nod 32 and LnS)
Given the past clever designs of malware to happily invade your system's turf and coupled with the abuse of microsoft's poor choice of coding for the combo of internet web sites & Windows core systems, that leaves me with no other alternative than at the very least a trio of BASIC protection, accent on Basic. There is many more additionals to help apply a LAYERED defense shield to wall up some real security so as to be able to enjoy that monthly service fee spent for access to the internet. I go ShadowSurfer #1, then System Safety Monitor #2, and with or without either of those 2, KERIO 2.15 or (Any Dependable) Firewall (ruleset) protection IS AN ABSOLUTE MUST HAVE SCENARIO.
If I had a router, I would not use a firewall nor HIPS, but you ask for yourself, so I voted first. 1-st + 2-nd: firewall + HIPS or firewall with HIPS abilities, it gives almost the same protection. Since you are a skilled user, you will benefit from having a HIPS, so you if you like it, keep it.
Thanks for the replies so far. With regards to the HIPS my limited hands-on is with System Safety Monitor. I'm impressed. For those of us who wish to tread the freeware track... Is the SSM-free version plus a general firewall effective as well? What's the main drawback to the freebie SSM compared to the shareware one??
Hello, Other: use a firewall that you like and works well with your programs and no HIPS. If you ask if you need one, you probably do, but you will not be able to use it properly, in which case you don't need it. That's Catch 554. BTW, HIPS functionality can be relatively easily replaced by using simple education - learning how things work. That way, you will be able to understand fully what the OS is about and what it does and what all those little processes do. When a crucial moment comes and you are asked to allow scvhost.exe, will you do it? It comes down to your decisions - and if you don't know the right answer, you might as well throw the entire setup away. Security is a strong as its weakest link and it is always the user. You will be better off burying your head in books and learning the magic beyond the desktop. Mrk
@ tisatashar If I were you I'd choose firewall and HIPS but it is all up to you ! Up to your personality , your wishes and your habits . I run Windows Firewall , NOD32 and Ewido micro only and I feel pretty safe but some people will be like malware busters jumping from one sneaky site to another and my setup may not be appropriate for them ... If you want program control , I think that Zone Alarm free is enough for that P.S. And don't become paranoid user with tons of security things . Microsoft campaign recommended Firewall+Update Windows+Antivirus+Antispyware for enough , I have seen users with 16 and 18 different security applications . Having more (and more complicated) doesn't make you more security , that is for sure
HIPS is the most over-rated 'gimmick' on the market at the moment, its not needed at all and although its a little different, its not even that great of a product. 3/10 a comprehensive firewall is all you need, or not even that.. if you have a router with built in NAT firewall.
The reason I've brought this issue up is the fact that Internet Security Suites e.g. Kaspersky have included in their package detection / alerts to goings-on within the computer. E.G. something legal / illegal is trying to launch / install itself. Where as AV-onlys' like NOD 32 and Dr Web etc are oblivious to these internal activities. Are you saying that this area is unlikely to be where a disaster will occur??
I use KIS which has Firewall and HIPS. Also have a few on-demand spyware scanners (SuperAntiSpyware + AVG antispyware) which only detect cookies... nothing has infiltrated KIS... yet
If you trust your router and are sure it works well, then another firewall is useless except for protecting from LAN based attacks. If you close all of your ports manually, then a firewall is really of no use. So, I would use either SSM Paid, SSM Free or Ghostsecurity. Cheers, Alphalutra1