Suite Firewalls

Is there a current test of the firewalls that are part of the various AV Internet Security suites?

I remember sometime back such a test and there was a pretty wide variation. It would be of help to make a decision as to whether to use the suite or the AV with W7 or third party firewall.
Thanks,
Jerry

 

The firewall of the suites are usually quite limited, if you want something "better" or more configurable the only suites are CIS, Agnitum, and maybe Emsisoft Internet Security Pack although is a join of 2 products.

Anyway I think that the firewall of any suite will be better than W7 firewall.

If you are looking 3rd party firewall in other of preference for me are: Comodo FW, OA, Agnitum, Private FW or any of the light fw integrated with w7 that you can find on this section of the forum.

 

And Kaspersky.

 

and ZoneAlarm Suite/Extreme

 

Well yes, I have missed ZA

I wasn't aware that the kaspersky firewall were complex.

 

By default it makes all decisions for the user, but if you disable that it is as complex as most users could possibly want.

 

kaspersky have a different philosophy to the firewall.The firewall can be stealthed if needed but kaspersky feel stealthing is not neccessary.
Also contains a network blocker.
Kaspersky works fine for me .

 

And Norton, BitDefender, F-Secure, Avast, you name them.

Check out the PC Magazine reviews, Rubenking's reviews are pretty good although not up to the level of the AV test labs:

http://www.pcmag.com/article2/0,2817,2369749,00.asp

 

Perhaps this is the third party testing you were thinking of: http://www.matousec.com/projects/proactive-security-challenge/results.php but this is really about HIPS testing and I doubt that it will help you with deciding if an integrated AV is useful. Otherwise you have the AV testing sites such as Viurs Bulletin: http://www.virusbtn.com/vb100/index which do test AV in suites but not, of course, firewalls.

Personally, I think the suite is a good thing because there are no worries about compatibilities but it's all up to you to decide.

 

Seen some negative reviews of matousec etc.
still no sign of online armor on there either.
I find these "tests" rather immaterial to be honest.And the wording could be improved also.Just because a firewall isnt 100% does not mean it is a "bad" firewall but this is how matousec portray it and i find it odd that a 100% "certificated" firewall like comodo cannot handle web proxies.Avast webshield is proving this....!

 

They didn't pay the bill to matousec (so they say) thats why they are not there. Its all about money unfortunately. Otherwise they were on top in the list and if you search for Matousec you will find many posts about it in here. Questioning the methodology/money and results. So, a test to take with care.

 

Pity as i consider online armor to be the best free firewall but thats just me.
I remember online armour was always in the top three.Mind privatefirewall seems a good offering too.

 

Thanks, Both. Yes, Manny, that was the site I was thinking about. I also think that something is amiss as I cannot believe that some firewalls by reputable AV makers are totally ineffective. I don't discount the tests entirely. I had rather trust a suite with 90% than 20% rating.

I don't really understand the tests, but that is not unusual for me.

Regards,
Jerry

 

Sure it's possible because they are testing a specific thing - HIPS. Some very reputable vendors don't include such functionality. For example, the MS firewall fails miserably in these tests but is still a decent firewall for its simple purpose.

What I was trying to point out is that I doubt you'll find a third party testing site that will help you determine the proper approach here. It used to be that people used the best of the line software from different areas. As security software advance more functionality was built in with the unfortunate side effect of things interfering with each other. So it takes more work now to get top of the line software to work together nicely. It can be done but sometimes it's a hassle. So, the suites take away that problem since it all works together. If you find one you like then it's a great app for you because it rarely gives you problems.

 

http://www.matousec.com/projects/proactive-security-challenge-64/results.php
The matousec test only measure how good are the HIPS components of the firewall, but this is independent of how good or bad the firewall is.
I have never seen a firewall test anyway.

 

A firewall test is something like ShieldsUP which determines how effective your nearest internet appliance [router; firewall etc] at keeping your ports closed. This was the basic test but as firewalls increased in functionality then things like HIPS because of leak tests became more common practice to test since it's pretty much a given that any firewall does the basic work of controlling traffic through the ports well.

 

Btw, a firewall test should measure the packet filtering ability of a firewall confronted with different methods and penetration technics (shileldup is just the tip of the iceberg). This was done partially "once upon a time" by matousec but then they decided to remove it and transform the test in a full HIPS test. Strictly speaking HIPS is not really the core business of a firewall (= filtering inbound data) but it has lost his "commercial" interest and now most development is around outbound filtering and system protection.

 

ive just managed to stealth all of kaspersky,s ports even though apparently they are unstealth by default.is this harmful in any way please?

 

When I was running KIS 2012, all my ports where stealth using default firewall config. Never could understand all the issues people were having with open ports.

 

KIS 2012 default setting simply doesn't stealth all ports. If you got stealthed anyway, something was wrong or you were behind a router or your ISP provided some form of stealthing. KIS doesn't stealth, and it's by design. It doesn't leave ports open, though.

 

Why is that.?
I changed a few settings and stealthed the ports.i find these tests are rather automated.

 

Stealth mode was removed with the 2009 line of Kaspersky, and it has been gone since.

http://forum.kaspersky.com/index.php?showtopic=67972&st=0&p=633287&#entry633287

 

yes ive read on this.there are a couple of settings within kaspersky that can achieve stealth status.ive left mine on default.
Any informafetion on the helkern worm?
the firewall has blocked a couple of these apparent "spoofed" attacks.?

 

The Helkern worm is an old worm that randomly attacks computers looking for vulnerabilities. It can only infect a computer if it runs Microsoft SQL Server 2000. Microsoft has long since patched the vulnerability away, and any kind of firewall would also protect the system.

Kaspersky has a little article about it here http://www.kaspersky.com/news.html?id=970183

 

An interesting results of firewall test on Programmifree.com

http://www.programmifree.com/confronti/confronto-firewall08.htm