Good firewall (packet filter) with tight application control and low res /no limiting

Hi,

I'm again looking for a new firewall software to control mainly outbound access.

Now, I could just try them all, but I'm sure some of you have already tried many of them and could help me to weed out the obvious non-candidates.

I need the software to:

- be low cpu usage (pref low mem too). Outpost Pro 2 does not cut this test

- allow a HIGH number of simultaneous connects (and half-opens). LnS does not allow this

- allow true application specific access control (i.e. an app X can only access IP XX.XXX.XXX.XXX at port/protocol YY/TCP). LnS does not allow this.

- Does not limit gigabit ethernet bandwidth. Kerio seriously limits this (down to almost 1/3 on GigE networks on my computer, disabling it brings back the bandwidth)

- modern, still in development, not with lots of bugs / known exploits (all software can have some minor bugs, but no show-stoppers)

- preferably easy to use with a decent gui (i.e. no configuration through CISCO style programming into text files or requiring me to blow dust off TCP/IP illustrated and start reading again)

- fast under a huge number of concurrent connnections

- preferably passess most of the known leak tests (yes, you can argue there's no point, but I woudn't mind this feature as a bonus).

Now, don't be offended if I named your favourite firewall above. I don't mean to say they are bad, but they are just not for me (and I own the licenses for them and have used them myself).

Does anybody know which firewall application could pass the above requirements?

Or which ones don't (I won't even test them then)?

Thanks for all suggestions.

regards,
halcyon

 

Re: Good firewall (packet filter) with tight application control and low res /no limi

I don't know if what you want exists.

Generally, the high performance solutions (router, CHX, 8signs) don't have application control.

 

Those requirements do suggest you'd be bouncing between Outpost and L'n'S (if you haven't checked Outpost 2.7, then it may be worth doing since it is faster than 2.6 to judge from other people's reports at the Outpost forum - also do check that Outpost's log file is not being scanned by AV software, see Resolving High CPU Utilisation Issues with Outpost), but at gigabit speeds, almost any software firewall is going to break a sweat.

If you have an nForce motherboard, then nVidia's ActiveArmor firewall may be worth investigating, but its leaktest performance is absolutely dire.

 

Thanks Paranoid and Diver.

I tried the nVidia ActiveArmor and as a complete solution it was still very much incomplete (not to mention buggy as hell).

I really loathe go back to Outpost after I got burned with Agnitum last time, but it looks like it's the only game in town...

Maybe it's just time to give up software firewalls altogether and just go with application launch limiters <sigh>

If anybody has any other suggestions, please chime in.

BTW, how's Jetico's app filtering? Maybe I should give it another try....

 

Yes. I can do all those things. I pedal my bike very fast and can deliver any message within 1 week.

 

halcyon,

Jetico's app filter is among the best but also the peskiest, too many redundant pop ups, the latest ZAP also is an excellent app filter and passes almost alll the leak tests, it is more resource intensive that Jetico.

 

Re: Good firewall (packet filter) with tight application control and low res /no limi

Jetico might be worth a try, but as Diver mentions, I also am not sure you'll be able to find what you want in one product. Virtually every firewall out there has problems and/or bugs of one kind or another..

Good luck though....

 

Re: Good firewall (packet filter) with tight application control and low res /no limi

I also notice this!

Very good improvement on resources...

 

Re: Good firewall (packet filter) with tight application control and low res /no limi

http://www.portmonster.com/index.php?d=whatitdoes

Anyone checked this out, looks promising.