Firewall support

I have been trying out various firewalls to find a replacement for Kerio 2.1.5. So far LnS seems to be favourite but looking at their support forum there seems to be little input from the developers and appears to down to one volunteer to support it.

Reading around there are faults with it that have not been addressed as yet. On the other hand Jetico seems much more willing to get their program running from others I have spoken to.

What do others think?

Please do not move this to LnS forum for the reasons stated above.

 

Jetico is very good with support but still has issues yet to be resolved, why not check out Sygate as well, if you are not running a proxy, it is an excellent alternative, has good SPI and many other features as well.

 

well... Jetico people haven't replied to me once, and I've mailed them twice over the same problem...
plus the firewall has so many problems and the developers seem to relish creating difficulties for novices... waay too many problems have been noticed... almost every second user has a different roblem, and the solutions are either NOT forthcoming, or related to obscure tricks or weird conflicts.
Kerio 4.1.3 is a possible solution... slightly heavy though.
But undoubtedly, outpost has the best support... www.outpostfirewall.com is a volunteer run service where the developers lurk around.

 

Just exactly what is wrong with Kerio 2.15? The support for it is good over at DSLR. Jetico is not finished yet. The latest version of Outpost has issues, prior versions caused some users BSOD's. Many posters over at DSLR continue to report troubles with Kerio 4.x.

IMO, LnS has reasonably good support. From reading its support forum, a number of important issues are being addressed with beta drivers, which is much to the credit of the developers. I would feel better about it if these improvements made it into a release version. The design is unusual and you may, or may not, like it.

I have seen some favorable comments around here regarding Netveda, a free firewall. The widely used Zone Alarm also works quite well, even if it has a bunch of useless junk thrown in with it. Just turn the extra stuff off and forget about trying to make advanced rules.

Yeah, I'm back, and its a hack....

 

I tried Sygate some time ago and I dumped it because of their loopback rule. From what I have heard it is stiil there.
To clarify - if you use a local proxy then any program using that proxy has carte blanche access - no checks are made.

 

As I said, if not running proxy, only then, Sygate becomes a very good option with no surprises.

 

Just think that Kerio is a bit old now and maybe not so effective against new nasties.

Jetico looks interesting and I think worth watching.

Outpost - expensive and yearly licences

LnS - don't know. Read elsewhere by a poster here that it still had issues to resovle which were not being looked at. Also their support on issues I have have not had any response from support and remain as problems, so I may have to abandon it.

Netvada - don't know

Zone Alarm. Tried early versions of it and got rid of it a long time ago.

 

Give NetVeda a spin.....I've used it for a few weeks now...and no problems
They have a online forum....and from what I've heard quick email responses.
Arub uses it on his wife's machine I believe...also Clansman seemed happy
with it.

It's application control is quite good...and has many many features for a free
FW.

 

Is the Safety Net & Safety Net Pro the same apart from the ' Report distribution to email account' or are there differences in the engine etc?

 

As far as I know....they are the same...except for what you noted.

It is pretty much ready to go out of the box....But take your time exploring
it, and its features...as there is many of them.

I feel the app control is right up there with the big boys.

You get the choice of ...deny always...deny once...or deny always.
that way...if you deny once, you can check online or in forums to allow or not.

 

Just to clarify here, there are no annual licence fees with Outpost. What you get instead are free upgrades for a year after purchase (and if you wish upgrade after this period, you can get a 50% discount for a further year). Outpost will continue working regardless of how old your licence is.

As for expensive, try taking a look at Tiny's prices (though you do get a lot of other functionality thrown in with it). Note that you can get discounts on Outpost if you shop around and a few have been mentioned at the Outpost forum.

 

yes i too second that netveda is very good indeed for a free firewall.right upto the big guys.as jw stated very good app control ,good filters,and out of box protection..
the only glitch that i find is trhe interface needs lil tinkering to gets used to.u can do things in diff ways,and the interface is diff from most of the firewalls..
try it you may like it..for me its a keeper..

 

Yes - apologies - take your point - read too quickly

 

Yes, Outpost will keep working, unless Microsoft manages to break it, and who knows what else, with the next service pack. So, there is a chance you might have to pay for Outpost and any other software with a similar licensing policy, again. Unfortunately, the more restrictive policies are proliferating.

 

Thanks

Just installed it. See what you mean about the interface but you can find your way around it.

Just tried
http://www.diamondcs.com.au/index.php?page=apt
to try and stop it and it survived all those attempts. Tried ShieldsUp then remembered that it all stops at the router firewall.

I can at least now access my other computer without any messing around.

 

Can you elaborate on that? A port is either blocked or not. What new nasties are you referring to?

thanks,

---
Rmus

 

If you want to keep updating to the latest version of Outpost, which is what most firewall owners want to do, then the chances are extremely good that you will be paying for it annually..

 

I have been trying out Netveda and been looking at the tests here at
http://www.firewallleaktester.com/

It passed no 1 and failed nos 2 - 6. Didn't try anymore

Put Kerio back and it passed those but failed no. 7 options 1, 2, 4, 5, 6
http://www.firewallleaktester.com/leaktest7.htm

Which is why I say I think Kerio ver 2 is getting old.

I suppose it all depends how feasable those exploits are.

 

djg05-

If you are worried about leaks, then you should consider that a trojan could install a communications driver that would bypass any firewall. Just my take on how myopic leak testing is.

Several of the guru's around here have said that all outbound application control is good for is preventing known applications from communicating out when you do not want them to. Leak testing is focused on unknown applications masquerading as known applications.

This may be a minority position around here, but it is the accepted practice on the vast majority of all business networks to use firewalls that are not application aware, at lest not in the sense that leak testing is contemplating.

 

It is a point of view and one that I am not able to make a judgement of. As far as trojans are concerned I have BOClean.

I think you have to be aware of the possible threats out there and make your m/c as safe as you can. Of course it will never be totally safe.

 

You are 110% correct.

 

I see your point.

Feasible if they get into your system.

I see that none of the firewalls passed all of those tests. And when one eventually does, someone will find another exploit to thwart it.

I have to agree with Diver: "This may be a minority position around here, but it is the accepted practice on the vast majority of all business networks to use firewalls that are not application aware, at lest not in the sense that leak testing is contemplating."

And his quote from Machiavelli:

--------------------------
Only those defenses are good, certain and durable, which depend on yourself alone and your own ability.
---------------------------

has been my first line of defense for years.

---
Rmus

 

This is because business networks:

1. can counter malware by locking down PC configuration (via group policies) to prevent any new software installation;
2. seek to minimise support and maintenance costs by avoiding programs that may require user feedback (e.g. a "Should this application be allowed access?" prompt) or configuration updates after Windows patches.

This not only applies to application-filtering firewalls but to other security software like registry or process monitors.

For home users the situation is different so other approaches to system security are more suitable.

 

Fellow Creatures,
There is a precentage of us who have the Lifetime license upgrade on OutPost, which solves the got to pay all the time problem. But the point is well made who knows if it will work with LongHorn or not.

I am still contemplating NetVida to replace expiring Norton PFW 2004 myself on other machine.

Diver is making some head way with me, paying for firewalls is really kind of a waste of $$ if you are behind a FW router and just want some application control. Get the free ones. Oh, by the way by all means get a real time trojan killer. BoClean is my choice too. A must imo.

 

Didn't think of that mercurie.. quite true.