I currently have Sygate Professional as my firewall but recently downloaded the free Comodo firewall. I am satisfied with Sygate but concerned with there being no support or upgrades. Thinking maybe that I would be better off with Comodo. Would appreciate opinions and suggestions as to which one to use.
I use Sunbelt Kerio v4.5.918 and am extremely happy with it. As a free firewall I would think Comodo would be the best option. I found it a pain personally as it blocked Windows Updates, so i paid for a Kerio 2 year licence (very cheap ).
I have been using Comodo since I uninstalled ZoneAlarm last year, and have never looked back. Absolutely no problems.
If sygate is working for you don't change. Its harder to configure than Comodo & might be a little more leaky but it has one of the best log files I have ever seen. When properly set up it offers outstanding protection. On the other hand Comodo is a better firewall in that it has much better leak protection. I use Comodo but if Sygate is setup right I feel it would offer just as good protection. The lack of updates is immaterial Sygate works well with Windows XP & there is no support but Comodo only offers support via its forum. Its up to you but I would not change unless I had a concrete reason for doing so.
Hi, If I had to buy a firewall, I would buy a cheap router instead. I'm using a D-link 604 wired NAT router ($27) with Comodo 2.4 as a side dish. As for Comodo, do yourself a favor and wait about a month. Their new version 3 is suppose to beta today. The new version will have optional HIPS, and I would expect it to be better, easier and have better logging. Check this forum or Comodo's for the new features and all the wonderful opinions. Cheers, innerpeace
You always have high regard for this firewall, Any specific reasons? I found it OK but not that great. I found that it can crash when one tries to see the log, when logging is not configured. Please correct me if i am wrong.
Hello, Never ever did I see Sygate so much as cough let alone crash. It uses no CPU or memory even when downloading the CTRL + A of porn. It's solid, robust, simple, effective. What more is there to it? No unnecessary bloat. Excellent logging. Show me another firewall that can handle 800+ connections at 8MB memory. Kerio 2.1.5 users are pretty much like Sygate users - connoisseurs. It was also the first free firewall to support ICS/NAT. Mrk
Hello, We still have a few good years ahead of us, but ... nothing unfortunately. Use Linux?? Sounds like a great idea to me. XP will be obsolete around 2015, when the full cycle support ends and such. Most games will be made for new machines / new OSs. But I'm not discouraged. I'm still able to play the F-16 simulator from 1989. So, almost 20 years later, things still work well. The same goes for all DOS era games and programs. Running like milk under both Windows and Linux. Install Ubuntu, install XP in it. Install Kerio. You'll have a forever lasting firewall. With even more advanced processors, running currently available thingies will be even easier using emulations. What more, the compatibility will only increase. That is, the quantum leap that occurred between 1989 and now will not be so huge. I predict another 15-20 years of solid fun before we ever need to start considering alternatives... save Linux, which is not really an alternative but the correct moral and professional choice. Cheers, Mrk
I don't understand: you still have Kerio out in front, and w/o monkeying around with Protocol="Other" (and that won't always work) it won't function in IPv6 environment. regards, -rich
Hello, Ubuntu > VMware Server / VirtualBox / other virtualization product > Windows > Kerio. Host communicates with the web. Guest OS communicates with host via the virtual driver (which can translate protocols if needed). Problem solved. Bob's your uncle. Mrk
I'll have to see the technical write-up on that... Meanwhile, when things get to that point, I think I'll just put a router out in front and leave Kerio to monitor outbound. When I stop testing malware, I won't even need Kerio. regards, -rich
Hello, In case of VMware Server, I'm sure about this. It even installs its own network adapters. And this software progresses and updates periodically, leaving the grace and antiquity of guess OSs to their own magic. I would not part with Kerio - even if you stop testing malware. It has too much of a sentimental value ... In my case it's Sygate, that is. Mrk
Hello John, I will suggest u continue use Sygate. I’m using Sygate and Tiny firewall before I make a switch to CHX-I. Sygate is light and robust, can handle many concurrent connections and good if you use p2p.
It makes me feel good to have so many good comments on SPF. I was one that posted on the forum that is now sadly gone. I have been using Sygate a very long time and has always liked it, except the 'Act as server' new rule default. And somethings for not being able to save my firewall rules to a file. Great logging. And as Mrk told, it is light too. Biggest problem is with local proxy software and so loosing outbound control if running them. Kerio 2.1.5, I have almost nothing but good things to say for it as a basic packet filter. Again good logging in a sense that one can set every rule desired to log. Nothing as deluxe as SPF's but something more also in some system loggings. Only I found out a few faults as one is bound to find in a rulebased firewall when really observing everything tight. Nothing serious, only BlitzenZeus's reluctance to answer a few posts where i found something made me at least a while otherwhere It is a dream firewall in many ways. Kerio 4 before or after Sunbelt is not. Now I have been running Comodo for 4 months. No great logging. It is easier for other firewall users to try it to understand it that the network rules are handling SPI but the Application rules (monitor) are not understanding them. It is quite light, but nowhere near to kpf 2.1.5 or SPF even too. I don't have much bittorrent use so I cannot comment as some say it is not so good with a lots of connections, but has worked for me just fine also with that use. I am almost sure that the new Comodo 3 will be a problem zone for many users. As i have a hips already, only thing i wanted for the comodo to fix is logging and importing and exporting rules and some other things. It is an ok firewall for newbies who have no concept in packet filtering. I think though that the default rules offer no protection to netbios outgoing, but that can and should be disabled in windows network connections.
Product support isn't that important when the app is fully developed. The packet filtering components of firewalls rarely need updating unless there's a bug or defect in the original design. It's the additional components that are part of many firewall suites that need the updating, components like HIPS, cookie controls, e-mail scanners, privacy controls, spam control, or whatever else they include. I prefer a firewall that controls internet traffic, period, and let other applications handle the other tasks. There's tradeoffs either way. But until IPv6 is fully implemented, I'll be using Kerio 2.1.5. For reliable and configurable control over internet traffic, it's hard to beat. Rick
Could this virtual driver be used or modified as a separate IPv4-IPv6 converter for use on the older versions of Windows? Got a link to some info on this? Definitely agree. I'm running Smoothwall out front now but still keep Kerio for outbound control. It does much at controlling loopback connections than many firewalls can. Rick
Hello, VMware Server has two network adapters vmnet1 and vmnet8, one for external and one for internal communication. Traffic is picked from external network and then distributed to guess machines. As simple as that. Guess OS does not need to know or care how the external network works, whether it's another LAN, direct connection, ethernet etc. So yes, as long as VMware supports older Windows, you can use it as a converter, but only for virtual machines. Links? I'll try to find some. Or even run my own experiment. Mrk
If the router has its own firewall than yes it can replace a software firewall for inbound protection, but you may still want outbound protection.
A hardware router/firewall essentially makes your computer invisible to the world by placing you on a private network and providing inbound protection. But like WSFuser said, you may still want a software firewall in addition to a router/firewall if you are interested in controlling, or at least knowing about, outbound connections from your computer. I have never experienced any slowdown using a hardware firewall/router.
