switching from zone alarm to outpost

Discussion in 'other firewalls' started by angela_86, Apr 18, 2005.

Thread Status:
Not open for further replies.
  1. angela_86

    angela_86 Guest

    zone alarm takes too much resources so i decided to try outpost

    firewall will it give stronger protection like zone alarm
     
  2. TylerGred

    TylerGred Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    69
    Location:
    USA
    I personally think Outpost is one of the best firewalls I've tested.

    It ranked 2nd in the leak tests.

    Awesome, awesome firewall.
     
  3. INTOXSICKATED

    INTOXSICKATED Registered Member

    Joined:
    Jan 29, 2005
    Posts:
    485
    Location:
    Suburbia Hell
    outpost will offer protection just as good as zonealarm, and in my opinion is much better for control over all your applications. i used za for years, and tested many firewalls after finally deciding to dump them. outpost fit my needs perfectly, and there is never any problem getting support here at wilders or over at the outpost forums.

    good luck and let us know how it works out.
     
  4. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    I certainly like my Out Post FW. Zone Alarm while still in the race, has lost it's place and is dropping back imho. ;)
     
  5. Anniel

    Anniel Registered Member

    Joined:
    Dec 1, 2004
    Posts:
    31
    Location:
    London, UK
    Does outpost go well with Kapersky AV?
     
  6. INTOXSICKATED

    INTOXSICKATED Registered Member

    Joined:
    Jan 29, 2005
    Posts:
    485
    Location:
    Suburbia Hell
    i used outpost with kav for a short while and never had any problems.
     
  7. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,229
    My own testing reveals ZA to be a superior firewall to Outpost. While I realize that my testing is rather unlikely to occur in the real world, it is nice to know my firewall handles it. I run simultaneous scans with 3 different browsers from Sygate's online services, PCFlank, GRC and Security Space to simulate a massive DDOS/exploit attack on my system. Outpost locks up the CPU almost immediately and the only way out is a forced reboot. ZA, Sygate, Tiny and Kerio all handle this onslaught with relative ease, I also use a fifth browser process/window to surf the web during the test.
     
  8. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I would have to agree and choose ZA over Outpost at this time also. I tried the latest Outpost and had troubles with it. It failed to recognize Dimension 4, my time sync program, and just blocked it without asking for permission, when in previous versions of Outpost I know that it knows Dimension 4 and has predefined rules for it. Also, I noticed random blocked outbound DNS in the logs, which was kinda weird and had no explanation that I could see. That plus some of the things posted in the Outpost forums indicates to me that it perhaps has more problems at this time than ZA Pro does. ZA has always worked well for me also. Outpost seems to have it's fair share of bugs... I have purchased 3 firewalls over the years, and Outpost is the only one I wish I had not purchased.
     
  9. backfolder

    backfolder Registered Member

    Joined:
    May 25, 2004
    Posts:
    72
    Location:
    Spain
    How is Outpost latest version in resources usage? How many process open and how men usage it takes?

    Thanks!

    backfolder.-
     
  10. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,229
    During normal use OP had better resource management, but with multiple browser windows and an email program open at the same time ZA had better resouce use at least on my system. OP is also harder to config properly as it's rules sets are more complicated in a way. While this isn't a problem for me personally, the remaining family members that use our systems are much more comfortable with ZA.

    I feel that ZA gets a bad rap from all of it's privacy functions blocking content and causing web pages to load in strange ways and people just complain and switch to another firewall instead of learning what ZA is doing to cause the problem. Their default privacy settings and mobile code blocking cause a great deal of frustration for people that do not understand just what ZA blocks and why. Personally I feel blocking third party cookies does more to protect your privacy then blocking the referrer ever will, so I question why ZA blocks this by default once you enable privacy protection. This simple referrer block is the cause of great many people's complaints with ZA as is mobile code blocking. While having the ability to block mobile code or active content as Agnitum calls it is a great advantage to the security of your system, for the vast majority of sites out there however it is not needed, it is of much more use to block on a site by site basis, or block it globally and realize why certain pages don't load right and change it for those sites you trust. The vast majority of ZA users do not take the time to understand the inner workings of ZA and merely complain that it stops pages from loading properly or interferes with email or whatever and uninstall and trying something else.

    Having said all of that, I do totally agree that support for ZA has gone down quite a bit since the takeover by Checkpoint although it does seem to be improving here of late but not as fast as it declined.
     
  11. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,102
    Location:
    on my zx10-r
    i do agree with you on the fact that za would be the "easier" of the two but outpost is by no means complicated and can be learned very easily i think by anyone. however and this is in no offense to you or anyone i feel outpost is a much better firewall. i agree that they had the bsod issue which for me is fixed with 2.6 instead of 2.5. but zone has been way to buggy for me of late. the older versions seemed way more stable than the new ones. i find that on my machine outpost takes very little resources. usually between 6-8 mb of ram. yes it will go up with p2p or very heavy browsing because it has more to do but it will go back to normal when done.
    za is a good firewall no doubt and i have tried every firewall i could get my hands on. it one of the best. i feel better with the likes of op , kerio , tiny, or look n stop. of all these op is the easiest by far. i love the proccess control of op its like having a second program built in. with za i just had way to many issues with 5.0 and on. again not bashing anyone just my opinion. personally if kerio would make thier resources lower i would be using kerio. but kerio 2.1.3 uses 28-30mb most of the time which is crazy. when they fix this ill switch until then im a very veru happy outpost user wouldn't use anything else at this point including za
     
  12. treat2

    treat2 Registered Member

    Joined:
    Apr 23, 2005
    Posts:
    26
    (If you think ZA consumes too many resources, then steer clear of Norton!)

    The question you ask relates to my request for ANYONE to whom has EVER seen a well-tested XML Rules file, for the average surfer.

    NO Firewall "out of the box" is worth anything. The amount of protection people think they have when the slap a Firewall on their disk, and write a few rules, or just let things take their course, with responding to prompts, etc. is a completely erroneous idea that Firewalls are really doing something very useful for them, without ever having to write a ton of customized rules, in specific order, and for specific programs, and more.

    The question is really like asking if one house without a roof, is better than another house without a roof.

    Properly customized, ZA and virtually any other Firewall that is deserving of being called a Firewall are essentially the same.

    Sure, you can find differences that some might argue of terribly important, but in my opinion there are 2 questions. The first being (to me) more important than the second. The first question to ask is:

    "Does anyone have well-tested customized rules in a File that can be loaded and saved to as a "Rules Database", for either ZoneAlarm or Outpost, for AT LEAST a similar kind of purpose and configuration as your own, which for example, might be "a DSL Web Surfer" Rules Database?"

    The second question to ask is:

    "Which of the two Firewalls provides the best documentation for creating ALL of the customized rules that you would need to create, assuming that the Vendor and no decent amount of qualified Persons, have posted well-tested rules files for specific configurations and purposes that are most like your own?"

    From what I can see ZA Doc sucks big-time. What Ports are blocked by various checkboxes are not intuitive, nor spelled out anywhere.

    Additionally, I asked question #1, which essentially is:
    "Where's the beef?"

    In other words, point me to a variety of places or EVEN a SINLGE PLACE, in which a variety of customized Rules
    Databases exist.

    As can be seen from the response, no one had a clue. Several hours of searching for EVEN ONE site with a variety of well-tested Rules files files for different purposes and configurations existed, confirmed to my satisfaction, that no such thing actually exists for ZA.

    Thus, setting up ZA to be an effective Firewall is a matter of being a Pro, and having had a few years to test out the Configuration Rules on the Net.

    P2K, (Paraniod2000 at the Outpost Forum) has a rather good acount of a number of the rules that need to be created for Outpost, and that account is by no means trivial.

    So, in the case of Outpost, it would appear that you would be faced with the same problem.

    Alternatively, you can just slap the stuff on your disk, and accept what little protection you actually are going to get from any Rules-based Firewall, not that I would be aware of some other kind of thing I would call a Firewall, as opposed to a resident utility program that only has perhaps only 1 or 2 specific purposes.

    I've not used Outpost, so I can offer no opinion on the Doc, but if P2K had something to do with the Doc, then it is bound to be fairly detailed, and someone that is not a Pro would not find it easy to follow or make a decision if they REALLY want the degree of protection that P2K cleverly proposes for a number of different Ports, in particular DNS. (Even as a Pro, some of the critical aspects of what was being described was (IMO) "abbreviated", and I found myself unable to understand some of the statements that are not (to me) apparantly clear to everyone else.).

    You could also make a choice on this basis:

    If you have no customized rules, then it really doesn't matter what Firewall you slap on disk, and can just go with whatever you feel lets you get better response time.

    (Not something I would do, but I understand that 99.999% of the Net have no clue as to what needs to be in a Firewall, so is you have essentially no extensive database of Rules, it really makes you no worse of than the rest of the bunch! lol.)

    (Off Topic: Anyone that knows where the beef is from ZA is again invited to respond to my post today, requesting any knowledge of such a thing existing would be appreciated, if shared.)

    Again Off-Topic: What bugs the hell outta me is that the folks at ZA have a checkbox for you to share your own Rules with them, yet they in turn, have put together nothing, during the (presumably) 5 Major versions of the product. (Not unlike Symantec, and other companies, BUT I've not seen any that have a built-in facility that asks you if you want to share your Rules, even though they MIGHT BE copying or peeking at them, as they please, unbeknownst to their customers.) So, presumably they've got a ton of Rules Files, and never bother to implement anything terribly useful, nor to even put together and well-test a variety of Rules Files for different purposes and configurations (which REALLY bugs me. Got any bug spray?)
     
  13. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Does all of this detail really make a difference. Thre are millions of computers hooked up to broadband using nothing more than a NAT or the Windows ICF, and nothing is happening to them. How far do you want to play the paranoid gane? Go to an airport to see what I am talking about. Once you play the paranoid game there are no limits to what you can say will happen, and no proof required of what will actually happen.
     
  14. ghost16825

    ghost16825 Registered Member

    Joined:
    Feb 1, 2005
    Posts:
    84
    You ask some reasonable questions here.
    Firstly, for any home user firewall there are two groups of rules - 1)Systemwide: localhost, ping out, ping in, DNS, DHCP etc and 2)Application specific: browsers, P2P etc

    There exists a handful of systemwide firewall guides, in which the authors often describe their usage in conjunction with a specific firewall. However, the same concepts mentioned can nearly always be applied to any firewall, with just a slightly different rule creation method.

    Some popular 'systemwide' rule guides:
    BlitzenZeus Default Replacement (Kerio 2x)
    Paranoid2000 (Outpost)
    the Phantom (Lock n Stop)

    Application specific rules are slightly trickier. Often applications can be grouped according to certain functionality - browsers, mail clients etc. Other times their pattern of network traffic may make secure static rule creation difficult. Sites like PCFlank have a list of application rules, but often the rules include too many open ports because of rarely used application features.

    Let's be direct here. The security of a firewall ruleset is directly dependent on some basic networking knowledge. There will never be a firewall which automatically creates a ruleset which is more secure than one you can create yourself, given the right knowledge. There is no way around this.

    Oh, and in case you didn't know it is almost universally agreed that ZA Pro has a terrible interface for creating complex rules.
     
  15. treat2

    treat2 Registered Member

    Joined:
    Apr 23, 2005
    Posts:
    26
    Hiya ghost,

    Since my post also involved switching from Norton to ZA, I
    feel their's a bit of leeway to discuss my own reasons, and concerns.

    Check your E-Mail for a rant on my experiences with BOTH, Norton Internet Firewall Pro 2004, and ZA Pro 5. There's plenty of info in that E-Mail, so I'll just sum it up by saying that I think both Firewalls, as shipped, and as coded suck,
    and leave it to you to post my E-Mail for those interested in way they're not held in high esteem, by me anyway.

    Whatever fixes were put into 5.5.xxxx Pro I've seen no obvious sign of, nor am I really interested, as they need more than a minor revision to provide a decent product.

    Now as to your first point, needless to say, from my earlier posts on the entire topic of system rules being provided for a variety of typical user configurations....

    I not only EXPECT IT, but the FIREWALL REQUIRES IT!!!

    Now, YOU and I KNOW for a FACT, that Zone Labs has a variety of system rules used by people, but they are NOT ACTUALLY IMPLEMENTING THEM, nor are they providing them in a set of XML Files for various configurations.

    System Rules go FAR beyond what appears to someone glancing at your response, as in insignificant statement, and therefore an rather unimportant topic.

    The FACT IS, that there are "TYPICAL" users that could make good use of a variety of system, and program rules.

    The FACT that even Microsoft recognizes that NTFS Security would be different for a variety of typical users, BUT THEY PROVIDE THE CONFIGURATION FILES to permit the creation of those NTFS rules, supports my argument that their are a variety of typical users. HELL, even if they used Microsoft's criteria, for the rule sets it would be far better than being given NOTHING, which is essentially what they provide a user, out of the box.

    I'm going to repeat something I said in another E-Mail, so I'll keep this short....

    1 PROMISING valid configuration would be what I would call, the "At Home Dial-up Web Surfer, wanting Maximum Reasonble Security"

    (That would not be a user in which the default is to enable scripting, ActiveX, Java, and the rest. I think you can pretty well assume that.)

    The user has specific ICMPs that should be BLOCKED, OR ENABLED, depending upon if the ICMP is inbound, or Outbound, or from a DNS Server, or from a trusted site.
    All of that needs to be in a VERY SPECIFIC order. HOWEVER, THERE IS NO question about which PORTS to Block IN A DEFAULT RULE SCRIPT. (SURE, we know that some ISP's want some ICMP ability, to be enabled. It's more the exception than the rule, BUT REGARDLESS of that, IT DOESN'T MATTER!) The fact remains that their is the rest of the Net to consider, and many Rules that must be specified in a particular order.

    Then there are the rules that apply to 127.0.0.1,
    for ICMP, TCP and UDP.

    More rules that apply to DHCP/Bootps/Bootpc Ports 87, and 88, which often gets screwed up.

    Then there are the rules for the Ports Less Than 1024 and greater than, for example, the rules for handling 23, 135, 137-9, 445, 1900, and many dozens of other Ports FOR BOTH, inbound AND outbound msgs, in UDP, and in TCP.

    The TYPICAL SURFER, has no requirement for NetBios on the Net! And one that desires MAXIMUM SAFEY would want their bases covered on Port 23, 21-2, RDP, Port 80, and dozens more below the 1024, THAT ARE ENTIRELY Obvious to be STEALTHED AND BLOCKED for a web surfer wanting maximum saftey.

    Their are plenty of nasty Ports > 1023, that a should also be blocked by default.

    WE SHALL ASSUME THAT THIS PROFILE IS NOT FOR A SERVER, that would require different ruleset profiles, for that reason BLOCKING the MS-DS, SQL SERVER PORTS, REMOTE WINSOCK, and DOZENS MORE including
    5000-5007, would be necessary.

    ENOUGH!

    Every user with Windows XP gets the same damn set of Executables in system32. WELL, WERE ARE THE PROGRAM RULES, for out typical Safe Surfer.

    Shall we assume that a safe surfer is running Telnet Servero_O I don think so. How about RDPo_O Nah! I don't think so,

    So, where are the rules for RPC and all of the DLLS, and Executables for it. Then there are the infamous RSH, and REXEC, ....

    And would a safe surfer WANT MICROSOFT TO BREAK IN with Terminal Servero_O

    I don't think so, where are the Rules for that.

    There are a few hundred rules that are missing IN EVERY PC RUNNING WINDOWS!

    Think that the VENDOR can't create a variety of Rulesetso_O

    Then how come a DOPE like Gates can put out a product that has over half a dozen Rulesets for a variety of typical users of various typeso_O

    Nope. I've been coding and designing in this biz since '81.
    I've written TCP/UDP in Windows, before Microsoft even supplied an ip Protocol stack, as FTP did. And I've written designed, and lead a team doing custom LU6.2 on the Mainframe, and TCPIP Apps on PC's, in applications that vary from what Trading Brokers call their "Color Screen", which is the Main Program used to make buys and sells, in near-realtime environments, to programs that transfer LITERALLY BILLIONS of dollars EACH day, in Global Funds Transfer, ... and the list goes on. C, C++, JAVA, and now C# and .Net are my bread and butter.

    I've seen enough systems, and had enough experience in DEPLOYING applications using a variety of software packages that DO AND CAN CONTROL many things, you appear to have not considered, e.g. the IE settings for Internet, Intranet, Trusted and Restricted Zones, not to mention the Advanced Options Tab for IE. THAT stuff is ALL 100% Configurable, by even a not so skilled programmer, but more a "scripter type".

    Certainly, there are different Rule Sets that can AND SHOULD HAVE BEEN CREATED AND INCLUDED in ALL Firewalls.

    So, I must most emphatically entirely disagree with the basic assumption that Rulesets from a small variety of different users (I referred to as Typical Users), can be created.

    The AT Home UNSAFE SURFER, has got ActiveX, Java, Scripting, and all that garbage running as a default. So, for that profile, those Program rules need to be different, and for many of them, Program Rules would be a bad idea, since that would make it difficult to set them enabled/disabled in IE, and then remember which programs and dlls have rules that need to be enabled or disabled. In any case, their rulesets to not differ dramatically from the Safe Surfer.

    Now, a last point, about Zone Alarm..... and it's "screen design". Actually, ZA sucks for even more important reasons than even having meaningless titles over columns, like "WebBugs", and other non-intuitive garbage, THE WORST ASPECT of ZA's "screen design" TIES DIRECTLY INTO THE DESING OF THE PRODUCT!

    When the Firewall blocks something, YOU HAVE NO CLUE WHAT PART OF THE FIREWALL BLOCKED IT!!!!

    THAT, is entirely, and totally unacceptable design for a Firewall, and it is one of the primary reasons that Forums like this are plauged by users who can't figure outt WHAT SPECIFIC PART OF THEIR FIREWALL is blocking something!

    That is also a completely and totally brain-dead design for a Firewall.

    The System Rules ARE GIVEN NAMES, to identify them.
    Many IP's I see are resolvable by DNS, Yet NEVER are you given a clue what site is being blocked in a ZA Alert!
    Never are you given a clue in the Alert or the Log, what Rule Blocked something!!!

    So, try writing a bit more than 2 dozen System Rules, and a few hundred program rules, for Windows DLLs and EXE's in System32, and other places, not to mention the widely used MS OFFICE products, and E-Mail Programs, all of which are a major pain for users that have no clue what kind of rules to write.

    That problem is also ENTIRELY SOLVABLE, and rather easily done, since whatever blocked something, knows that it blocked something, and can pass along it's Identity for display in an Alert and the Firewall/Program Logs too.

    This might seem as if I'm singling out ZA, the fact is that ALL FIREWALL VENDORS are culpable for not writing a variety of rule sets, that a user can select from, and revise after they attempt to be implemented.

    BTW. The idea of Firewalls writing their own rules is a novel one to me, but would be a neat thing that could be based on AI. Whomever builds that intelligence, would own the Firewall Market.

    A Final comment. Firewalls are only necessary because of what the inexperienced programmers and team leaders at Microsoft screwed up. They are an "after the fact
    work-around" in the face of reality.

    Microsoft would rather sell you the functionality to do something, than consider the implications of what the new UNDESIREABLE functionality that new functionality would provide.

    In any case, this is not a religious issue. We can agree to disagree, and leave it at that, or the discussion could be continued in a new thread, perhaps even suggest a new Forum, for a Firewall Wish list.

    Something of a Side-Note on what is thought to be possible, and not be possible... where I got it wrong.

    In the very early 1980's I was having dinner with a friend whom was also a lowly Programmer. He told me a about something he heard in a bar from a guy that was not to good with holding his liquor.

    He went on to tell me that the guy and him began talking about computers, and at some point the guy related to him that he was a programmer on a project being done at AT&T for the FBI.

    That in itself, seemed unlikely, but what he said next, seemed utterly impossible, and too much to be believed.

    My friend then began telling me that the guy had told him that the project involved "word recognition" by computers, over telephones, or other means of sending analog communications.

    The purpose being that if someone said "bomb", that the program would be able to recognize it, and match the telephone number and name up an input that into a list, and presumably turn that transmission over to some huge array of devices to be recorded, or whatever....

    Well, "word recogition" was STILL SCI-FI, in the early '80's,
    even for programmers.

    My friend was absolutely convinced that the guy was 100%
    sincere, and I was convinced otherwise.

    WHYo_O? (i.e. why would I be so convinced otherwise?)

    Simple. I considered such a thing to be entirely impossible at that time.

    20 years later, it did come out that the guy was indeed telling a truth. There was a project being done for or by the FBI to recognize words from speach.

    It was NOT in fact, impossible. However, my experience had lead me to believe that it was.

    I can tell you this... I've worked on Minis, Mainframes, and PC's, and done many dozens projects, a few were very large projects, but most were small and inovative.I've worked in Commercial Software Development on TCPIP communications from Mainframes to PC's, and Visa-Versa,
    and I've worked in so many industries in the past 25 Years that the list would bore you to tears.

    I can tell you for a fact, that Rule Sets not only can be created, but the SHOULD BE part of the installation process
    when installing a Firewall, with the provision that, that part of the Installation Process can be independently rerun, for the purpose of changing Rule Set Profiles.

    There is NOTHING mysterious or magical in any of the points I brought up. Obviously, assumptions will be made. However, given the REASON why something did NOT happen, you will know EXACTLY were to go to make the change to make it happen.

    That is a "minor point" that seems to have been lost on some Firewall Designers & Coders. Only problem is that the point has not been lost on their customers.

    So, sure. ZA has a REAL LOUSY system design, making it virtually impossible to find the source of why ZA is doing as reqested, or perhaps might in some cases be exhibiting a bug.

    BTW. I NEVER discussed a Firewall creating rules, itself.
    What I have discussed and debated is the fact that Firewall Vendors like those whom own ZA, do in fact have
    this information, and that I would like to find someplace where I can download a few well-tested rule sets. BTW.
    during and after installation, ZA gives users the option to share their rules with the Vendor. You can bet that the Vendor has tested plenty of rule sets. However, they are apparantly unwilling to share that information, as I made a point of wanting that info, in "their" own Forum, where they suggest support information for ZA can be provided.

    I'm about talked out on this issue, at the moment, after the E-Mail responding to yours, that I just finished, and the writing in this post, as well.
     
  16. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    That is the LONGEST post I've ever seen in my life... :eek:
     
  17. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    461
    All things being equal. I just want the firewall, with as little memory use and as few bugs as possible, good logging and easy access to the parts of the GUI I use the most. So that rules out ZA, Outpost, Symantec, Kerio (new) and Tiny (new). I tested NPF 2005 the other day and it used 40 MB RAM with all this crap disabled. The new Kerio and Tiny use (I think) around 30 MB. I think this is nuts. None of these five will ever own the Firewall Market without a big impact on the Memory Market.
     
  18. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    Why does that rule out ZA? It uses the least memory of all those mentioned above. The GUI is a little rinky dink, but otherwise it's not a bad firewall.
     
  19. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    461
    Of those mentioned I actually like it the best. The versions I liked the best
    were 2.6.362 and 4.5.594. I don't like:

    -flashing tray alert..would need to use Resource Hacker to get rid of it on 2.6.362.(since I can't stand flashing/blinking stuff)
    -traffic tray display..would need to use Resource Hacker to get rid of it. (since I can't stand flashing/blinking stuff)
    -memory use acceptable (can't remember 4 sure, possibly 14 MB on 2.6.362) but some firewalls are lower like Kerio 2.1.5, CHX-I, etc.
    -database corruption common problem...so config should be backed up regularly...be prepared.
    -maybe someday I will figure out a way to add "Event Log" to the system tray
    icon right-click menu (but why should I have to do it??)

    These problems I can overcome/overlook, so I quite like 2.6.362 actually.

    -additional for 4.5.594 only: doesn't remove components when programs removed from list (bad housekeeping). Some may prefer its nicer
    GUI and additional protection.

    -versions after 4.5.594: way too many people having way too many problems. I liked ZAPlus the best and was disappointed it was discontinued.
    Some p2p users are seeing latest ZA use hundreds of MB's RAM.

    I would recommend 2.6.362 and 4.5.594 to those who want an application-aware firewall, aren't bothered by their limitations of being older versions and prefer their simplicity to Kerio 2.1.5. I just don't like the way the firewall is evolving, and it kinda reminds me of what Symantec did to AtGuard. I don't
    think I could go through that again.
     
  20. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I also liked Plus 4.0 the best myself.. And I'm with you on that flashing tray alert stuff in 2.6.362. If I could get rid of that, I might actually use 2.6 again. That's the most annoying little piece of nonsense.. :p
     
  21. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    Have not meet you Noway, welcome to the Wilders. ;)
    Many very good points that I totally agree with. Good example: Checkpoint is taking Zone Alarm down the Symantec road for sure.
     
  22. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Outpost's CPU utilisation can be greatly affected by your anti-virus configuration - if it is not excluding Outpost's logfiles then Outpost's CPU utilisation will skyrocket with heavy traffic. See the Outpost forum FAQ Resolving High CPU Utilisation Issues with Outpost and Agnitum's KnowledgeBase My system slows down while running an antivirus app and Outpost simultaneously.
    Do you have any recollection of what was reported in the logs? Aside from the Blocked logs, Component Control and Alerts Tracker may have information relating to blocked applications.
    This is due to the DNS Cache plugin - any DNS lookups that are handled by this are now reported as blocked. This is technically accurate (since Outpost is blocking the outgoing request) but understandably confusing - changing the reason given would resolve this issue.
    While it is certainly true that customised rules can offer greater security, writing off a "generically configured" firewall is a bit of a stretch here. Even one with basic inbound filtering only will provide some degree of protection while ZoneAlarm's all-or-nothing approach (excluding their expert rules option) will certainly alert users to new applications trying to connect out.

    Where more detailed/customised setups help is in countering more sophisticated malware (particularly those disguising their traffic as DNS requests) and imposing tighter controls on applications (e.g. blocking port 80 for email clients to stop the use of web-bugs in mail, restricting browser access to an anonymising proxy to prevent websites from bypassing it). At this point though, the network and software environment becomes important so firewalls have to be individually configured.

    For most users who are using default applications with "standard" network setups, the default configurations will provide a good (though not perfect) level of security. In Outpost's case, the installer will scan for applications and use predefined rules for them, which you can review and change before they are implemented. While these presets can be tightened up (since they are designed for convenience over security), they do provide clear benefits over an allow-or-block configuration (though offering a choice of Medium and Maximum Security settings would be a good idea here).
    Tosh, absolute nonsense old chap. :) When was the last time you saw ZoneAlarm being sold in a garish yellow box? :D
     
  23. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    P2k, thanks for the explanation of the DNS behavior. I had not thought of that, and it was a little hard to believe that OP would just randomly block outgoing DNS. Problem solved/explained.. :)

    The other anomoly with D4 time sync program - nope I don't recall the log entries at all. It was some time ago. I believe I solved it by temporarily disabling the last advanced rule (can't recall that one either). Then it worked and OP asked me for permission for D4.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.