Sunbelt

Discussion in 'other firewalls' started by Jacko2, Nov 3, 2006.

Thread Status:
Not open for further replies.
  1. Jacko2

    Jacko2 Registered Member

    Joined:
    Oct 6, 2006
    Posts:
    42
    What do you think about Sunbelt Kerio Personal Firewall 4.3.268.0 ?
    Runs very well with Nod32 2.7.
    Even with failing the leak test ,I think it's pretty good.
    Cheers, Jacko :thumb:
     
  2. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415

    I've used this off and on twice now in the past month. I like it for its stability, but it's using up to 115 megs (!!) of RAM when I'm in normal operational mode -- T-bird email browser open, Firefox open with about 20 tabs, Skpye turned on.

    I'm not sure whether the high RAM usage is from all these internet connected apps, but it seems most probable.

    As for the little 4.3 suite, I like it better than Zone Alarm.

    Sam


    //
     
  3. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Hi. Yes. Now at the moment I'm using ZA Pro. I used KPFW for two or three months. Nice Gui (better than ZA one). Very stable. Some bugs (alert windows). But the great problem is: memory usage: over than 100mb.
    KPFW is very simple in setting packet filter and program setting. Very nice.
    But according to various test it isn't very strong in security.

    Best regards.
    Mike
     
  4. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415

    Thanks. So which firewalls have the best security?? I've seen SunbeltKerio 4.3 advertised as "voted best buy by IT pros" (lots of room for interpretation there!), but now I'm hearing about how "insecure" it is, failing leak tests, and the like.

    What I want is: a truly secure firewall that is not too complicated to set up. All the HIPS, NIPS, and other bells I can get somewhere else. I want a *secure* firewall!!

    Where should I look??

    Sam


    //
     
  5. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Hi.
    In my opinion you can try ZA Pro or Outpost 4.0.
    The first one is Fw that i use at the moment. The second one I tried in beta version. This last is a good FW, but I like more ZA Pro Gui.
    Here ( http://www.matousec.com) you can find some tests about firewall.
    Do not take these results as gold. ZA Pro and Outpost (someone add Comodo Free FW) are all very goods. But is better you try them by yourself to find the better for you PC.
    And for sure you can find HIPS and NIPS somewhere else.
    Finally I hope in future Kerio upgrade as in my opinion KPFW Gui is the best.

    Best Regards.
    Mike
     
  6. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415
    Thanks for the suggestions. I'm trying Comodo for the second time in three weeks. Sunbelt Kerio 4.3 was bothering me with its extremely high RAM usage, then I did the PCFlank leak test, and it bombed. Got me to thinking... I know, I know, there are those who say leak tests are meaningless. But then again, Comodo passed whereas SKPF did not.

    Also, Comodo is running well this time around. I don't have it "screwed down" as tight as I ran it last time -- not monitoring NDIS protocols anymore, for one thing. So far so good.

    RAM usage for the two processes total 25 mb, vs ~70 to 90 mb under SKPF. What's not to like??!

    Sam


    //
     
  7. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Hi.
    I tried comodo (may be for too short time :oops: )
    I like its GUI. But, if I correctly remember it isn't possible to set trusted / untrusted zones (like in ZA).
    May be there is another way to do this setting (?).

    Regards.
    Mike
     
  8. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Trusted zone, see pic,.. for "untrusted" you can add a packet filter "group" to deny access.
     

    Attached Files:

  9. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Jacko2,
    I have not performed much testing on this firewall,... I installed last time due to a post with a problem with SKPF and AOL AV.
    If the firewall is running o.k. on your setup, and you like it, then use it.
    (I have seen posts with problems of "how stable the firewall driver" are,... but then again, I see posts like that for many firewalls),
    Leaktests,.. yes, it will fail some leaktests, as other firewalls do,.. and there are other firewalls if leaktest prevention is high on your "needed" list,...

    I do like the fact that while you are using this firewall, you will have a chance to learn to create "packet filter" rules per application (you can make a ruleset for your programs), as the firewall can be used as a "application firewall"(allow apps internet access or not),.. or go more advanced with creating the rulesets(and just delete them if you lock yourself out)
     
  10. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Jetico is quite the opposite :D
    Kerio is easy to setup knowing the ports that need to be open for each application
     
  11. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Jetico is less forgiving in user input error (make a mistake and internet connection can be lost (easily at times))
    Kerio (from sunbelt), does not need the user to know anything about port/protocol use, as the defaults are to allow outbound or inbound,... the user can then advance on to creating rulesets to restrict comms for an application in the "Packet filter" rules
    (Maybe you are thinking of Kerio 2?)
     
  12. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    My mistake, you are right :)
    So SKPF is an "application-based" firewall at first and if you wish you can transform it in a "rule-based" firewall, right?
    Jetico 1 is hard to address. I don´t wanna think in the complexity of the new and improved version so I´ve avoided testing it. My networking knowledge is limited
     
  13. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Yes,... application rules can be added later.
    Maybe your knowledge on TCP/IP is limited now,.. stay around,... have a willingness to learn,.. and you will,...... there are many knowledgeable members here who can/will help with this.
     
  14. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Thanks Stem :thumb:
     
  15. Jacko2

    Jacko2 Registered Member

    Joined:
    Oct 6, 2006
    Posts:
    42
    Hi Stem.

    Thank's for your advice,regarding trimming Kerio a little bit.
    But with nod32 2.7 A V ,I'm pretty safe.

    Cheers, Jacko :thumb:
     
  16. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Hi Stem.
    May be I was not so clear.

    I wrote:
    "I like its GUI. But, if I correctly remember it isn't possible to set trusted / untrusted zones (like in ZA).
    May be there is another way to do this setting (?)."
    refering to Comodo.

    Hi.
    Mike
     
Thread Status:
Not open for further replies.