New version of Sunbelt Personal Firewall now in public beta

Sunbelt Personal Firewall 4.6.1751 (known previously as the Kerio Personal Firewall) is now available for download. This version supports Vista and also has a number of under-the-hood improvements.
The download and more information is available from our beta forum here: http://beta.sunbelt-software.com

 

Good to hear.
I'll give it a try later.

 

Hello,

I tried it briefly, and i still can't delete the built in rules. Already rolled back VirtualBox.

If i want packet filter rules only, SPF is not the one.
I can understand the evolution into something more than 2.1.5, with execution control, NIPS..
But i can't understand the inflexible UI. There should just be an option between advanced and simple UI. Advanced mode would simply trade application rules and predefined rules for packet filter, either on 1 table like 2.1.5, or a separation between "global" and application specific rules.

The button "packet filter" is annoying (like hiding the firewall), and the fact that i can't delete rules is a no no for me.

2 cents

 

too late i already removed S(K)PF from all my machines ...
last previous weekend


until some miracle happens with product stability, functionality and overal quality i'm not going back ...

 

@ Pedro

You can edit the rules out, just not via the GUI. If you look in the directory called \Config\IDSRules, you will see several files with the .rlk extension. Using any text editor, you can append a # sign in front of the rule, restart SPF, and the rule will be disabled.

While it isn't the best option for disabling a rule, we are in the midst of making the UI more "user friendly" so that rules can be enabled or disabled with a check/uncheck method.

Also, we are looking at adding in the ability to switch between advanced and simple modes.

Could you please elaborate on the annoyance of the Packet Filter button?

Thanks,
Dodi
Sunbelt Software

 

dodig, it's purely a subjective and personal opinion. It seems hidden, or secondary to whatever predefined / built in rules Sunbelt put in there.
I realize the importance of simple terms for other people, and i admit i don't really know how to balance this. It's not a simple task i give you that.

In SPF, there is "Predefined Rules", which is similar to Comodo's Global rules (in 2.4 Network Monitor) or LnS's "Internet Filtering", only not properly editable, and simplistic.

One alternative would be calling Predefined rules something else like "Global"/"Internet Filtering" (find a good name like these). The predefined rules would still be there, only fully editable.
Then, in "advanced mode", instead of the simplistic terms, use the 2.1.5 / packet filter table. You know, column Protocol,local port, remote port... Of course, it would apply to the application rules table as well. (like above, put the rules you think are important there, but the user should be able to control them).

Another is just use one table in advanced mode, like in 2.1.5, for all rules. It has it's own advantages, and i really don't know which i prefer. I do know i prefer Kerio's local and remote.
It's probably the best route, since you just have to put the packet filter table in the main GUI, removing the other tabs (application and predefined).
I have a feeling it's what really lies under the hood. No?

Also, if you feel important, issue a warning in simple mode, when the user tries to edit an important rule. Which was probably your original concern for making them not easily disabled.

Another alternative is: just update 2.1.5 . IPv6 support and whatever protocols missing, pseudo SPI for UDP/.. (i'm not a network wiz so i'll shut up now).
It's just that 2.1.5 is so logical on it's own. And allows us to choose whatever malware protection we want. LUA, HIPS, or nothing at all. Beautiful

 

Pedro,
Thanks for the comments and suggestions. I will be more than happy to take those with me for the next product strat meeting.

All the best,
Dodi
Sunbelt Software

 

As Pedro said, the logical structure of Kerio 2.1.5 can't be beaten, at least for us "firewalls veterans"

 

By the way, do you think that the long waiting of a new -Vista compatible - SPF and the many fake new version schedules do not affect on the product future?

Regards
joter

 

I'm not sure I understand the question, joter. Could you please clarify?

Thanks,
Dodi
Sunbelt Software

 

(I use Windows XP Home Edition, IE 7)

I understand Sunbelt acquired the Kerio firewall, developed it on their own, renamed it, not necessarily in that order.

I clearly remember that there was a clash between the Spy Sweeper (older version, without antivirus) and the Kerio firewall. The Kerio firewall slowed the on-demand scan of the Spy Sweeper to a crawl.

Has anyone tried the recent versions of both products together ?

 

Fly,
Unfortunately, this bug still exists. I ran Spy Sweeper 5.5 with SPF and noticed a lag in the on demand scan (full scan).
Once I uninstalled SPF and restarted a scan, the time was noticeably improved.
This being said, I will take a look into why this is happening. Off the top, I couldn't begin to tell you where the conflict is at.

Thanks for pointing this out.

Dodi
Sunbelt Software

 

As a matter of fact, i just upgraded to Kerio 2. And you 're right, it's so logical, so perfect alerts and rule making on the fly... The best firewall abbandoned.

Why do companies make such blunders with their projects?


P.S.: A question for Kerio 4 users. Does Kerio 4 still hang if you open the connections window when using p2p? (Kerio 2 doesn't, go figure...).

 

QFT. I ran 5 different upgradable versions of this firewall and inevitably I would BSOD. I have a boatload of minidump reports and tech emails trying to get this to work. Stability only came about when it reverted to the free version without HIPS, which really isn't an answer. Plus the GUI would never initiate unless my firewall was connected at bootup -- free or paid version, it didn't matter. A shame, too, because I found it easy to configure but it had to go.

 

I want to mention that the drivers in the 4.6 tree are totally different than what the previous builds were using. To those that have seen bluescreens or locks in previous builds, I suggest trying the 4.6 build of SPF.

@Fuzzfas, we have change a bit of code in the 4.6 version to allow the connections window to be displayed while P2P traffic is occuring. Give it a try and see.

Dodi
Sunbelt Software

 

Thank you Dodi. Glad do hear it, since this "freezing" problem was there since the first betas of Kerio 4. It's comforting to know that finally under the new direction someone decided to fix it (instead of using "disable dns resolving", which still wasn't enough for many connections).

I think i will give it a try.

 

Please do. And if you encounter any issues, feel free to email me at
beta [at] sunbelt-software [dot] com

Thanks.
Dodi
Sunbelt Software

 

Thanks. One thing I can tell you, the Spy Sweeper's (without antivirus version) on demand scan is the fastest I've ever seen. I know of no other security product that scans that fast. And according to Webroot, each file is scanned. But in the past the Spy Sweeper's on-demand scan (aside from a few cookies) was not that good, the old, good (NOT 5 !) version of the Spyware Doctor could find spyware and adware when the the on-demand scan of the Spy Sweeper wouldn't find a thing.

 

Fly,

I know what component is causing the issue (our HIPS driver)...fixing it though is another issue

Using SPF 4.6, if you stop the HIPS service prior to running a scan on Spy Sweeper, the scan will complete in a timely manner.

Contact me offline if you want this information. beta [at] sunbelt-software [dot] com

Dodi
Sunbelt Software

 

Absolutely love Sunbelt Personal Firewall!

 

Re: Sunbelt Personal Firewall v4

I've been running SPF for some time now, as the latest COMODO crashes on my
XP/Pro SP2 system. The Packet filter rules work perfectly fine, and I've disabled the HIPS as it's an annoyance imo.

I've even got separate rules for x.1--x.10 (known) vs x.11--x.254 (guests)

 

Re: Sunbelt Personal Firewall v4

Jobeard, out of curiousity what version are you running?
Thanks!
Dodi
Sunbelt Software

 

about says V4.5.916

 

@dodig

I'm curious too. What is the current status of NIPS SNORT rules? Which version of SNORT rules do you support now?

 

Currently, we are supporting version 2.4. However, we are looking at changing this in the near future so that we can support Snort rules, written in "regular expression" form.

Dodi
Sunbelt Software