Matousec RETEST !! COMODO & Online Armor DO NOT pass 100% !!

I'm not marketing guru, but it seems quite obviouse for me that a big vendor with a big income and brand name can afford itself much more independent marketing strategy. Small vendor without brand-name is very dependent on everything public. Otherwise it risks to end up with a very good, but known to nobody product that will never cover expences. BTW, I do not think that Kaspersky lab is too dependent on their KIS. I think their main income is KAV, well know and still well rated antivirus.

 

Hi all,

I fully understand the ironic comments of the wilders members.

For classical HIPS and FireWall's it makes sense to combine their functionality. The most user intrusive part of both: is application control. This application centric control (including whitelists) is the rational behind this trend. To differentiate FireWalla with these features, testing had to be pushed further. It is just a pity it has taken a ridiculeous direction.

The test pictures FireWall concentrating on their core task as inferior quality products. PC users may have other approaches in obtaining those goals.

For instance
- On Vista, use VistaFireWall control for outbound control and ThreatFire to deal with intrusions
- on XP, use Sunbelt Kerio FW (with a nice NIDS and easy image execution control when checking behavior control, but automaticcally allowing startup) and ThreatFire

Above setups are 10 times easier than the 10+ numbero uno ranked Comodo, but I bet you loose only little security with this immense gain of user friendliness and simplicity.

Regards Kees

 

Firewall vendors should get together and agree a single course of action with regards to online tests where they're required to pay for retests.

The business model of Matousec is plainly obvious, scare the pants off vendors by pitting one against the other and releasing a bright and shiny league table every few weeks which results in vendors rushing out their latest 'fix'.

The biggest beneficiary here is matousec imo.

If vendors agreed to stop dancing to his tune and instead develop their product in a mature fashion I don't believe anyone's security will be compromised.

 

Hopefully Online Armor and others will read your post a few times over. These 'hypothetical' one-in-a-million chance of infection tests are getting out of hand.

The only thing leaking is the firewall vendors' pockets.

 

Optimistic question :
Why not adding better keylogger detection in free version?

It is confusing now, some keyloggers can be detected and some not, someone will thinking OA free have poor keylog detection implementation.
Half solutions are always bad...

 

Mike's working hard, he's gotta put 'food on your family'.

You can't get all the features for free.

 

Matousec should (or more like MUST) add new simple test to Level 1:

When firewall supports SNORT/advanced SNORT rules it PASSED and if NOT it FAILED ...

deadly serious about this...
no mercy with vendors ignoring it

 

I just noticed that for outpost 2008, perfudp and perftcp are listed as N/A, as they are for some other firewalls. Anyone wanna shed any light on this one? Is it just not possible to test the performance level of some firewalls?

 

The products with score /62 were not retested yet.

 

Matousec already tested imaginary build, Agnitum needs time to send him another imaginary version of Outpost which will pass all those keylogg tests, WE DON'T KNOW YET HOW GOOD OR BAD IS OUTPOST (according to Matousec testing)

 

Yes, you can get but not from him, anyway that is not my point at all, my point is give us free keylogg protection or remove all keylogg protection from free version, half protection is good for nothing...

 

No test here, but i will take my crystal ball and say that Outpost will score over 90% at least in the PerfTCP test. I am trying the firewall now and i feel the connections quick. Everything seems very responsive. If i am proven to be correct by Matousec, i will think of opening the "Fuzzfas feel-the-network test".

 

I can see why people dislike the leaktest concept...

BUT... without leaktests any discussion about firewall performance will be extremely boring, bland and too technical.

Since inbound protection is usually carried out by a SPI NAT router (yes I know there are exceptions)

Outbound protection is a much more relevent aspect to test. If malware manages to sneak into your pc, you would still want to stop it from connecting to net and send private info.

IMHO, firewalls were the earliest form of HIPS / 0-day protect software in the respect that they would detect outbound connections by unknown software - a very suspicious action most malware does.

~~~

On another note:

Comodo 3 (in matousecs latest testing) still fails SSS? I thought that was fixed a while ago.

Cheers,
Denis.