Replacement for Sygate Personal Firewall Pro

Is kerio 2 similar to sygate in terms of low resource usage and ease of use but without sygate's notorious loopback problem?

 

No. It's lighter both in RAM and CPU. But you must have a basic knowledge of ports and protocols to make good rules. On the other hand, Kerio is great for learning this stuff.

The major annoyance with Kerio 2, is that it can happen to have a forced reboot of the PC (power cut, hard reboot caused by freezing or BSOD), which will result to Kerio "forgetting" the rule set. In that case you must reload it, assuming you have saved it before.

 

Hi I am using Sunbelt Kerio, see https://www.wilderssecurity.com/showpost.php?p=1245110&postcount=13

Could some of you old Kerio users explain why Sunbelt's Kerio is not embraced by Kerio fan's?

When you look at the life cycle of this product it seems that Sunbelt has the latest, so why don't use the latest version. What did Sunbelt change for the worse to keep using old Kerio?

Would appreciate some backgorund info on this

 

I can only speak for myself. I have been so tired of having BSODs with Kerio 4, that i can't even look at its GUI anymore. To understand this, you should visit the old Kerio forum, where you could see tons of bugs. The forum has been closed since Sunbelt took over.

My main interest in a firewall, is for it to be light, with no network slowdowns and p2p-resistant. Meaning, that any firewall is "light" when dealing with 1 connection. The real "test of fire" for me, is with p2p, when the firewall must handle 150 connections at once without spiking to 10% of the CPU.

Kerio 2 is capable of doing all this with 0%CPU and 4-6MB RAM. Because unlike modern firewalls, they were actually bugfixing the packet handling, not the HIPS part of the firewall.

I may try again the next STABLE release of Sunbelt (Kerio 4) , since the representative here said that they finally decided to fix the minor issue of having the connections window freeze when showing many connections. This bug exists since the first Kerio 4 betas and the fact that is still present, doesn't encourage me to use it again.

All in all, i have sent enough dumps to the good old Kerio and have had so many BSODs before, that i just can't look at the now Sunbelt firewall without prejudice. I also took a look at the latest changelog, which showed as usual tons of bugfixes, hence i will spare myself yet another BSOD.

Basically, Kerio 2 was a perfect firewall, with superb pop up windows allowing on the fly advanced rules in a very simple and intuitive way, all with minimal resources and instead of improving it, they made from scratch an aborted version 3, that was cancelled and went to version 4, which was a mastodontic firewall compared to the lightness and easyness of Kerio 2, full of bugs, that disappointed probably every old Kerio 2 user ( even Blitzen Zeus who was famous for his Kerio 2 ruleset) until they arrived to a dead end and bit the bullet, selling it to Sunbelt.

As i said, when the next STABLE release comes out, maybe i will try it. But in my mind, as soon as i look at that GUI, that mastodontic, bug-rich, weird logging (do they still use cryptic log descriptions for the presumed attacks? I say "presumed" because when it was still "Kerio 4" it was seeing all kinds of non existing attacks), resource hungry firewall that would freeze in its connections window with any p2p application (there was a "workaround" by disabling resolving dns, but was still causing some freezing and CPU eating). Also, on my PC, it was always feeling slow and heavy.

So, given the fact that there are so many firewalls around, i find it hard to go back to Sunbelt , specially since i use p2p (and the current stable still has the freezing issue as i understand). Maybe they did miracles in its CPU requirements in the meantime (under stress) , but i will only see into that when the next stable comes out.

Sorry if the reply isn't all that technical, but i am tired of security applications that all they do is making the PC heavy, clumsy, slowing down network, when there are plenty of alternative security apps, that can be used to secure a PC without impacting performance. My opinion of Sunbelt is certainly psychologically conditioned from the bad track record that i had with using that firewall and the comparison with its predecessor. They put all that new "features" and at the end for what? To pass leak tests? It's isn't that good at that either!

People often get used to such slow system response and don't care. I would suggest to people to uninstall all their firewalls and web filtering AVs and install Ghostwall or Kerio 2 for an hour and then try to see if their PC will be faster or not. Mine certainly is.

 

Hello,

That's why I love Sygate. 500 connections with p2p and not a hitch. Works like magic, sometimes for 3-4 weeks without reboot, memory steady at 8-10MB, RAM hardly spikes at all.

No slowdowns, no nagging, nothing. Just beautiful, perfect.

Mrk

 

@ Kees1958.

the official Kerio 4 forum doesn't exist anymore, but for more "objective" opinions, you can read here and see for yourself the Kerio 4 "history".

http://www.dslreports.com/forum/kerio

 

Ive been testing pc tools firewall plus for the last few days and i must say im very impressed. Its very easy to use, highly configurable for advanced users, isnt bloated and has no p2p problems. IMO it would be the perfect replacement for sygate. Custom rulesets can also be imported to enhance security.

My only gripe with it is the resource usage which is much higher than that of sygate. However, i dont notice any slowdon with it at all so i think ill be sticking with it and would recommend it to everyone.

 

To understand the blunder with Kerio 4. Now, version 4, exists since 2003.

http://www.dslreports.com/forum/remark,8286348

We are now in 2008. But BSODs still rule!

http://beta.sunbelt-software.com/viewforum.php?f=89

One would think that after 5 years working on the same version, at least BSODs would have been eliminated. I mean, other companies in 5 years have released 5 new new versions, most of which by the end of the year are quite BSOD free. Some vendors even completely rewrote their firewalls in the meantime. And still, after 5 years, Kerio is still version 4, and still struggling with BSODs? I think this is the best indicator that shows that this firewall was born with something very wrong.

Kerio 2 was ditched in order to make Kerio 4 a "leak proof" firewall, with HIPS module and extra network security with snort-like abilities. 5 years later, Kerio 4 is still version 4, with the only difference being that by now is not a leak champion at all and still struggling for stability.

So, why would one prefer Kerio 4 over Comodo, OA for example, if leaks are his concern?

Or why would prefer it over Kerio 2, ZAF, Sygate , Ashampoo free if lightness is his concern?

Or if you wanna pay for the full version, why should you prefer it over other paid firewalls? If i did want a good leak-proof firewall to pay for, i would certainly wouldn't pay for Kerio 4! I don't have leak tests as priority, but i can understand the benefits that one could have with a "leak proof" firewall. For example, you could live without resident AV.

I think that Sunbelt should drop Kerio 4 alltogether and work on a new, completely rewritten version that will have nothing to share with Kerio 4 and the bad memories that this name brings to many old Kerio users. Why would a company want to remind the users that their product is directly related to a 5 year old struggle that ended to a failure, causing it to be sold?

Sunbelt should ditch Kerio's technology and start from scratch on a new firewall. I think it's on her interest to do so.

 

@Fuzzfas

Thanks for the info. It was running very stable, also P2P (limewire) is no problem. You made your point with the links of the forum.

Yes it a lot of RAM , but does not uses much CPU cycles.

I will have a look at Kerio

Regards Kees