How is Sygate Pro when it comes to Performance and Security.

Discussion in 'other firewalls' started by tempnexus, Feb 14, 2004.

Thread Status:
Not open for further replies.
  1. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280
    How is sygates Pro impact on system resources? If it's a large footprint then what other firewall can I get that's very solid and yet small system footprint. So I don't even feel it working.

    How good is the sygate Pro 5.5 security?
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi tempnexus

    Sygate offers good security, as do most personal firewalls these days. The only ongoing issue involves the lack of filtering of localhost (loopback) traffic. This is only a concern for anyone who also uses a proxy server for filtering web content.

    I will let users speak to the performance questions.

    Regards,

    CrazyM
     
  3. "Sygate offers good security"

    Agreed. In theory. But in practice the rule editor really sucks. It will take you hours to create a tight rule set for all your internet applications. You have to click through many windows before you can even start to create your "advanced" rules. Then you have to configure 5 different tabs/windows. Moreover, it is impossible to get a quick overview over your personal ruleset.

    see here http://home.arcor.de/testbed/sygatesucks.jpg

    In conclusion, the flawed GUI makes Sygate a firewall for lamers who use insecure pseudo rules. And that IS a security issue.

    In addition, Sygate has always been a memory hog which will bring you into trouble if with you engage in extensive file sharing with hundreds of open ports.

    Therefore, I do not use Sygate (though I have it).
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi shapechanger7

    It is not unusual for it to take time to create a tight rule set, especially the first time. Once done, it is not something that needs doing every day.

    Well Sygate is not alone in this regard. Personal software firewalls today are designed for a wide user base and usually focus on novice users. Experienced users can find this frustrating, as the sections they may prefer to work with are a few layers deep in the interface.

    While you may not like the GUI, it hardly makes it flawed. “pseudo rules”? The option of basic permit rules or the ability to define custom/advanced rules is common to a number of firewalls. Different options available to different types of users, with different abilities, needs and requirements.

    Perhaps you could be a little more specific about any performance issues you experienced. Global comments like that are not very constructive.

    Regards,

    CrazyM
     
  5. Hi CrazyM:

    "It is not unusual for it to take time to create a tight rule set, especially the first time. Once done, it is not something that needs doing every day."

    This is correct for a company with a permanent setup. However, as a homeuser you will frequently install new applications etc. Therefore, you will have to create new rules frequently.

    "Personal software firewalls today are designed for a wide user base and usually focus on novice users."

    Yes. But many people (e.g., Wizard?) say that such kind of firewalls are not only useless but actually harmful since they create illusionary security. I would say that even permit/deny all rules for novice users will give you a little bit of security. But you should be aware of the fact that you are not 100% (maybe not even 50%) safe with a permit/deny all ruleset.

    "Well Sygate is not alone in this regard."

    Unfortunately not. But there are still a few firewalls with a better GUI, e.g. Kerio and Outpost.

    "While you may not like the GUI, it hardly makes it flawed."

    I disagree. I actually believe that the GUI is the major weakness of this firewall. The GUI makes it insecure.

    "Perhaps you could be a little more specific about any performance issues you experienced. Global comments like that are not very constructive."

    I have experienced a mem usage of more than 30 megs. Others user have made the same experience. Moreover, I experienced disconnections from IRC servers because Sygate was unable to handle the traffic generated by edonkey. I do not have any screenshots right now. Sorry. I recommend to google the words "Sygate memory hog" ... ;-)
     
  6. TAG97

    TAG97 Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    616
    Location:
    Connecticut USA
    I use Windows ME and trust me it cannot afford a firewall that is a " memory hog". After startup with Sygate as my firewall resource meter reads 80%. I'm currently playing with VisNetic firewall which has the smallest footprint of any firewall that I've played with and I've tried them all :). After startup with VisNetic as my firewall resource meter reads 83%.
    As for security Sygate with a little help from user is a top four firewall along with Zone Alarm. Look& Stop, and Out Post with Kero and Tiny requrring more input from user.
    I find that users who experienced problems with Sygate usually do not properally uninstall the previous firewall and run into all kinds of weird problems and then trash Sygate. I've been using Sygate for Four Years and only experienced minor problems with about ten-fifteen different versions they have put out in that time.
    Best Regards
    Tim
     
  7. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280
    Ok then which firewall is the tightest and yet light on resources?
     
  8. TAG97

    TAG97 Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    616
    Location:
    Connecticut USA
    Probably a tossup between Look&Stop and Out Post Pro.
     
  9. richter

    richter Registered Member

    Joined:
    Jan 3, 2004
    Posts:
    51
    LnS is awesome. Smallest one I've found and it's light on resources and yet powerful and configurable. I personally use it and don't have any problems with it.

    Tiny PF 5.5 is another great firewall. It has a small footprint and probably most advanced thing I've seen. It's not easy to use though. You will have to spend some time configuring it. It's worth it IMO.

    Regards,

    richter
     
  10. LnS is interesting indeed.

    However, it does not support FULL application filtering yet (i.e., it is impossible to create a safe ruleset; with Sygate it's at least possible...just inconvenient).

    I know ... all the LnS guys will now scream and say that I am totally wrong. But try to create the following sample rule for an internet application:

    Allowed protocoll: TCP only
    Allowed connections: Outgoing only
    Allowed local ports: 1024-5000
    Allowed remote address: 192.168.13.14
    Allowed remote port: 80
     
Loading...
Thread Status:
Not open for further replies.