New version of Sunbelt Personal Firewall now in public beta

Discussion in 'other firewalls' started by MikewSunbelt, Apr 30, 2008.

Thread Status:
Not open for further replies.
  1. MikewSunbelt

    MikewSunbelt Registered Member

    Joined:
    Apr 30, 2008
    Posts:
    7
    Sunbelt Personal Firewall 4.6.1751 (known previously as the Kerio Personal Firewall) is now available for download. This version supports Vista and also has a number of under-the-hood improvements.
    The download and more information is available from our beta forum here: http://beta.sunbelt-software.com
     
  2. Xenophobe

    Xenophobe Registered Member

    Joined:
    May 26, 2007
    Posts:
    174
    Good to hear. :)
    I'll give it a try later.
     
  3. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Hello,

    I tried it briefly, and i still can't delete the built in rules. Already rolled back VirtualBox.

    If i want packet filter rules only, SPF is not the one.
    I can understand the evolution into something more than 2.1.5, with execution control, NIPS..
    But i can't understand the inflexible UI. There should just be an option between advanced and simple UI. Advanced mode would simply trade application rules and predefined rules for packet filter, either on 1 table like 2.1.5, or a separation between "global" and application specific rules.

    The button "packet filter" is annoying (like hiding the firewall), and the fact that i can't delete rules is a no no for me.

    2 cents :)
     
  4. Dwarden

    Dwarden Registered Member

    Joined:
    Apr 11, 2003
    Posts:
    176
    Location:
    Czech Republic
    too late i already removed S(K)PF from all my machines ...
    last previous weekend


    until some miracle happens with product stability, functionality and overal quality i'm not going back ...
     
  5. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    @ Pedro

    You can edit the rules out, just not via the GUI. If you look in the directory called \Config\IDSRules, you will see several files with the .rlk extension. Using any text editor, you can append a # sign in front of the rule, restart SPF, and the rule will be disabled.

    While it isn't the best option for disabling a rule, we are in the midst of making the UI more "user friendly" so that rules can be enabled or disabled with a check/uncheck method.

    Also, we are looking at adding in the ability to switch between advanced and simple modes.

    Could you please elaborate on the annoyance of the Packet Filter button?

    Thanks,
    Dodi
    Sunbelt Software
     
  6. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    dodig, it's purely a subjective and personal opinion. It seems hidden, or secondary to whatever predefined / built in rules Sunbelt put in there.
    I realize the importance of simple terms for other people, and i admit i don't really know how to balance this. It's not a simple task i give you that.

    In SPF, there is "Predefined Rules", which is similar to Comodo's Global rules (in 2.4 Network Monitor) or LnS's "Internet Filtering", only not properly editable, and simplistic.

    One alternative would be calling Predefined rules something else like "Global"/"Internet Filtering" (find a good name like these). The predefined rules would still be there, only fully editable.
    Then, in "advanced mode", instead of the simplistic terms, use the 2.1.5 / packet filter table. You know, column Protocol,local port, remote port... Of course, it would apply to the application rules table as well. (like above, put the rules you think are important there, but the user should be able to control them).

    Another is just use one table in advanced mode, like in 2.1.5, for all rules. It has it's own advantages, and i really don't know which i prefer. I do know i prefer Kerio's local and remote.
    It's probably the best route, since you just have to put the packet filter table in the main GUI, removing the other tabs (application and predefined).
    I have a feeling it's what really lies under the hood. No?

    Also, if you feel important, issue a warning in simple mode, when the user tries to edit an important rule. Which was probably your original concern for making them not easily disabled.

    Another alternative is: just update 2.1.5 :p . IPv6 support and whatever protocols missing, pseudo SPI for UDP/.. (i'm not a network wiz so i'll shut up now).
    It's just that 2.1.5 is so logical on it's own. And allows us to choose whatever malware protection we want. LUA, HIPS, or nothing at all. Beautiful :)
     
  7. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Pedro,
    Thanks for the comments and suggestions. I will be more than happy to take those with me for the next product strat meeting.

    All the best,
    Dodi
    Sunbelt Software
     
  8. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    As Pedro said, the logical structure of Kerio 2.1.5 can't be beaten, at least for us "firewalls veterans"
     
  9. joter

    joter Registered Member

    Joined:
    Jan 8, 2005
    Posts:
    163
    Location:
    Greece
    By the way, do you think that the long waiting of a new -Vista compatible - SPF and the many fake new version schedules do not affect on the product future?

    Regards
    joter
     
  10. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    I'm not sure I understand the question, joter. Could you please clarify?

    Thanks,
    Dodi
    Sunbelt Software
     
  11. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    (I use Windows XP Home Edition, IE 7)

    I understand Sunbelt acquired the Kerio firewall, developed it on their own, renamed it, not necessarily in that order.

    I clearly remember that there was a clash between the Spy Sweeper (older version, without antivirus) and the Kerio firewall. The Kerio firewall slowed the on-demand scan of the Spy Sweeper to a crawl.

    Has anyone tried the recent versions of both products together ?
     
  12. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Fly,
    Unfortunately, this bug still exists. I ran Spy Sweeper 5.5 with SPF and noticed a lag in the on demand scan (full scan).
    Once I uninstalled SPF and restarted a scan, the time was noticeably improved.
    This being said, I will take a look into why this is happening. Off the top, I couldn't begin to tell you where the conflict is at.

    Thanks for pointing this out.

    Dodi
    Sunbelt Software
     
  13. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    As a matter of fact, i just upgraded to Kerio 2. And you 're right, it's so logical, so perfect alerts and rule making on the fly... The best firewall abbandoned.

    Why do companies make such blunders with their projects? :oops:


    P.S.: A question for Kerio 4 users. Does Kerio 4 still hang if you open the connections window when using p2p? (Kerio 2 doesn't, go figure...).
     
  14. Zom17

    Zom17 Registered Member

    Joined:
    May 15, 2006
    Posts:
    68
    QFT. I ran 5 different upgradable versions of this firewall and inevitably I would BSOD. I have a boatload of minidump reports and tech emails trying to get this to work. Stability only came about when it reverted to the free version without HIPS, which really isn't an answer. Plus the GUI would never initiate unless my firewall was connected at bootup -- free or paid version, it didn't matter. A shame, too, because I found it easy to configure but it had to go.
     
  15. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    I want to mention that the drivers in the 4.6 tree are totally different than what the previous builds were using. To those that have seen bluescreens or locks in previous builds, I suggest trying the 4.6 build of SPF.

    @Fuzzfas, we have change a bit of code in the 4.6 version to allow the connections window to be displayed while P2P traffic is occuring. Give it a try and see.

    Dodi
    Sunbelt Software
     
  16. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thank you Dodi. Glad do hear it, since this "freezing" problem was there since the first betas of Kerio 4. It's comforting to know that finally under the new direction someone decided to fix it (instead of using "disable dns resolving", which still wasn't enough for many connections).

    I think i will give it a try.
     
  17. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Please do. And if you encounter any issues, feel free to email me at
    beta [at] sunbelt-software [dot] com

    Thanks.
    Dodi
    Sunbelt Software
     
  18. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Thanks. One thing I can tell you, the Spy Sweeper's (without antivirus version) on demand scan is the fastest I've ever seen. I know of no other security product that scans that fast. And according to Webroot, each file is scanned. But in the past the Spy Sweeper's on-demand scan (aside from a few cookies) was not that good, the old, good (NOT 5 !) version of the Spyware Doctor could find spyware and adware when the the on-demand scan of the Spy Sweeper wouldn't find a thing.
     
  19. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Fly,

    I know what component is causing the issue (our HIPS driver)...fixing it though is another issue :)

    Using SPF 4.6, if you stop the HIPS service prior to running a scan on Spy Sweeper, the scan will complete in a timely manner.

    Contact me offline if you want this information. beta [at] sunbelt-software [dot] com

    Dodi
    Sunbelt Software
     
  20. blackimp

    blackimp Registered Member

    Joined:
    Feb 27, 2004
    Posts:
    5
    Absolutely love Sunbelt Personal Firewall!
     
  21. jobeard

    jobeard Registered Member

    Joined:
    Jan 31, 2008
    Posts:
    15
    Location:
    So. Cailf
    Re: Sunbelt Personal Firewall v4

    I've been running SPF for some time now, as the latest COMODO crashes on my
    XP/Pro SP2 system. The Packet filter rules work perfectly fine, and I've disabled the HIPS as it's an annoyance imo.

    I've even got separate rules for x.1--x.10 (known) vs x.11--x.254 (guests)
    :thumb:
     
  22. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Re: Sunbelt Personal Firewall v4

    Jobeard, out of curiousity what version are you running?
    Thanks!
    Dodi
    Sunbelt Software
     
  23. jobeard

    jobeard Registered Member

    Joined:
    Jan 31, 2008
    Posts:
    15
    Location:
    So. Cailf
    about says V4.5.916
     
  24. Lundholm

    Lundholm Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    108
    Location:
    Copenhagen, Old Zealand
    @dodig

    I'm curious too. What is the current status of NIPS SNORT rules? Which version of SNORT rules do you support now?
     
  25. dodig

    dodig Registered Member

    Joined:
    May 1, 2008
    Posts:
    21
    Currently, we are supporting version 2.4. However, we are looking at changing this in the near future so that we can support Snort rules, written in "regular expression" form.

    Dodi
    Sunbelt Software
     
Loading...
Thread Status:
Not open for further replies.