Is Jetico pretty much ready to go out of the box

Evem though I'm happy with Netveda....and I should know better to leave
well enough alone...I'm tempted to give Jetico a spin before I make my final
decision....Also please keep in mind...FW rules and I don't get along well.

Thanks

 

Jetico is a rule based firewall. Unlike Kerio 2.15 where accepting the recommended rule from the program will work, Jetico rules must be edited. If you do not like rules, try something else.

The answer to your question is no, it is not ready to go out of the box. However, for a person who is not afraid of rules, the Jetico firewall shows a lot of promise, and will likely be one of the top picks by the time it goes commercial.

 

well...every 3rd thread here is "Jetico problem". Guess what my opinion is... go on. Guess!

 

Well Jetico is sandbox unlike NetVeda so offers far more outbound protection, for instance, NetVeda will pass Leaktest and Toolleaky but fail Wallbreaker, Jetico wont', however being that, configuring Jetico with its myriads of pop ups can be a real pain just like it is in Tiny. It does offer true SPI if not in ICS mode.

 

I don't have too many problems with JPF. I am guessing that a lot of people just don't understand its limitations and how it works--which isn't entirely their fault, since it does take a lot of getting used to. If I remember correctly, JPF doesn't support FUS yet, which is really lame. It also doesn't run as a service, which also sucks. But this is all beside the point.

To make a long story short: If you don't absolutely love rules-based firewalls, stay away from Jetico Personal Firewall. Ignore this advice at your peril. You will detest your every moment with JPF to the utmost.

JPF often prompts multiple times for outbound connection attempts, for reasons I am too tired to go into. And in one of its most aggravating shortcomings, it doesn't automatically detect changed applications--which means that when you update an application that has rules, you will either have to edit each one manually, or create all-new rules, then remove the old ones. It's a pretty significant pain in the ass.

 

JW - Best pass on Jetico then. The default rules need some tweaking for best results and if you don't like rules, you won't like Jetico.

 

I agree. JPF is rules firewall hell, as it is, the process attack table rules means you need to setup more rules than usual, the problem you mention of not automatically removing and replacing old apps, means your firewall rules gets even more messy.

Add a unusual firewall rules layout and only people who love the whole process control whizbang and ability to beat leaktests would want to use it.

And even then, Netveda is starting to look superior , as according to some, it causes less prompts than jetico, handles leak tests and as dll fingerprinting to boot.

I say forget features like FUS, passwording the settings and focus on the standard feature of replacing applications that have changed md5 hashes. Without that, nobody is going to pay a cent for it.

In fact even in the best possible scenario, I doubt if Jetico is going to sell well , even if it has all the shortcomings (all listed in this thread) fixed.

At best it will appeal to a very small segment of the market, probably the Looknstop niche.

 

Thank you all for the very good replies.

I guess if sometime I am bored silly....or feel like torturing myself I'll try

Jetico....I've also looked at the ruleset for CHX... Yipes....that makes

even Tiny simpler to me.

 

jetico is not an easy firewall by any means i am running it now for a few days and no its not as bad as tiny was but this is definatley not for a new user. i have not used netveda yet so i dont know how netveda is in this area. but if you dont like rules .... jetico is all about rules!!

 

I don't want anyone thinking that I don't like JPF. On the contrary; I like it quite a bit. I've found that it provides surprisingly good protection, and (for me at least) doesn't screw anything up. My list of suggestions for JPF is quite long, but it is pretty solid already, overall.

But I did hate it at first. In fact, I installed it, then uninstalled it, several times, before finally deciding to stick with it. And even then, the initial configuration was a real inconvenience.

Now, I only have to screw around with a few rules here and there, when I install a new application, or update an existing one.

 

i might try it again at some point just way to many alerts for me right now. it just goes nuts with all these alerts i like a more calm and collected firewall. and just like tiny which i know offers great protection i just prfer kerio or outpost. i dont like za at all though