The most P2P friendly and the lightest firewall with full protection

I am a laptop user who is also a massive P2P user.
I'd appreciate recommendations of the most network tolerant and the lightest firewall with full protection.

Requirements for the firewall:
The firewall software programs must work well under the below situation.
1. Offers full inbound and outbound protection
As I am a frequent traveler and work on laptop mostly, I don't have hardware firewall for most of the times.

2. Must be extremely network tolerant - 100 or more simultaneous live P2P connections
I run P2P often with 100 or more simultaneous live P2P connections. The firewall must be tolerant of this.

3. Must be system resource friendly
I can't stand system resource (worse, and network) hogging firewall even it is the best in its kind. So Comodo is out!

4. In addition, must work well for SOCKS proxy and VPN

My current considerations based on my research:
- Jetico 2.x
Very much concerned its prematureness and unstability, and rumored irresponsiveness of Jetico support

- Kerio 2.15
Concerned about its intolerance with massive P2P - can't work right if connections reach more than 100?

- Look n' Stop
Not much research has been done yet

Side note: Been using Outpost 2.5 for the past 2 years. It was fine for doing massive P2P but still was recourse hungry.

Thanks for your kind advices and patience.

 

Jetico and LooknStop work fine for me but my p2p loads are probably lighter than yours.

 

Which version of Jetico my friend?

 

the v2 betas. I have not tried the more recent builds (2.0.0.3x) though.

 

Hello,

Sygate, I'm often downloading at full speed with over 800 connections, minimal CPU impact and only about 8-10MB memory. Absolutely fabulous. Plus you got to surf while you download without any lag.

Answer: Sygate.

I'm downloading the net since 2001 or so at broadband, never a single hitch ...

Mrk

Sygate in Albanian means: he who downloads porn without any trouble...

 

Hi there.

Packet filters such as GhostWall and CHX-I are generally recommended for heavy P2P users. But you have to accompany them with additional HIPS if you are concerned about leaks. Outbound protection and resource-saving often don't go hand-in-hand - process control takes up most of firewall's resources. So if you are trying to accomplish all goals from your post#1 with a single app, you will face some hard times.
Jetico 1 is very good also (and free), light and stable, but has a "flaw" as it doesn't run as a service on startup. If this is of any importance to you, then steer clear.
Do some research on L'n'S by all means, it could be the one for you...

Ah, Sygate, yes. Why is this firewall almost forgotten? It's still one of the best IMO (although I prefer rule-based). If you are considering older firewalls (Kerio), then you should include Sygate in your list as well.

Cheers.

 

Thanks for the additional replies. Nick you must have expected I might start thread like this one There are already lots of threads about the lightest firewall, but mine adds considerations/requirements for P2P and SOCKS proxy and VPN. Just for the proxy reason, I doubt Sygate will be my cup of tea

Please also look at my sig if you can. I have SSM Pro 2.3.0.612 running

I am seriously considering Look n Stop and Kerio 2.15 right now. Anyone could kindly show first-hand confirmation Kerio 215 is incapable of handling over 100 live P2P connections?

 

Hi concerned807

2 remarks:

1- Kerio 2.1.5 WAS an excellent firewall.

2- L'n'S can handle all your p2p connections...
The number of allowed simultaneous connections are modifiable throught
a registry key.

 

Hello fellow member concerned807

I certainly can't. Kerio worked with over 200 here wihout a single issue. But it didn't get along with VMware networks on my system, for whatever reason (it was a beta of VMware 6). I will have to try Kerio again with final VM. Nevertheless, Kerio is still a good firewall. As I see, many members here still use it. And with SSM (I completely overlooked your sig, sorry ) you should be well off. But, take another look at L'n'S, it's not free, but it's continually improving, and the support (here) is great!

Cheers.

 

Hey Climenole!

Thanks for popping up on this one
I did hear nice things about LNS from friend of mine who also P2P a lot.

I will check the LNS support forum on this board shortly and read the manual. But I can't wait to get answer to this. Does LNS handle well proxy (esp. SOCKS 4/5) and VPN? Due to work reason, I have to be either of the two almost constantly.

@ The Seer:
Thanks for confirming Kerio on P2P connections

 

Personally I never had any problems with Comodo and P2P and its many connections, but that only shows that no application behaves exactly the same on all configurations out there.
Look´n´stop is also very P2P friendly (now that i think of it, I cant remember any firewall that have given problems with P2P, at least those that I managed to figure out how to configure (Core force and Jetico was not two of them ).
Just dont run random ports in your P2P application. Life becomes much easier if you assign one port for the P2P.

 

Aha, surprising new facts.

Rumours are very often claptrap and therefore nonsense.
Only own, real experiences count.


Regards,

Smokey

 

definitely CHX-I

 

I never checked to see how many connections there were, but I use Kerio 2.1.5 with Shareaza with no problems. I read somewhere that the DNS resolving feature can slow it down when there's lots of connections but haven't run into that problem.
Rick

 

Hi concerned807

Proxies:

The proxy's (socks 4, 4a and 5) are handled by your operating system and the programs you're using, not the firewall.

An example of this is Tor, The onion router, which use third party application with socks to handled DNS requests... The only things you have to do with your firewall is to authorised these applications (e.g. privoxy, freecap, torcap, etc)

VPN:

LNS support VPN in 2 way: with specific rules for VPN:
47-GRE Generic Routing Encapsulation

or

50-SIPP- ESP + ( ipsec udp port 500 )
Simple Internet Protocol Plus (IPV6) Encapsulating Security Protocol

Sometimes there is a new network interface created to handle the VPN.
(Such as OpenVPN...)

LNS allow to start an second instance to handled this second network adapter with a command line added to the second instance...:

C:\Program Files\Soft4Ever\looknstop\LooknStop.exe -multX

where X = the number of the other Network Adapter...

 

Due to another post, I have been checking CHX with multiple connections (300+ on latest tests), no problems with setup of CHX+SSM(or PS). I have been connecting with 300+ and downloading at max speed (10Mb). There are some errors (blocked packets) if other NDIS drivers are installed, so care should be taken.

Of course, there is no outbound protection for applications internet access from CHX (in my setups I have used SSM (or PS) for this)

 

Again thanks for all the kind replies. I appreciate your comments greatly.

I do need full firewall software protection - inbound & outbound, as often I travel and work on laptops w/o hardware firewall. Please see my first post in this thread.

I am pretty ready to give LnS a shot and use the below combo.

- Avast Pro 4.7
- Look 'n' Stop Firewall 2.06
- System Safety Monitor 2.3.0.612 Full

As for Jetico, I will wait for it to fully materialize.
@Stem: I am very much impressed by your Jetico help on this forum.

As for Kerio 2.15, I will try LnS first

 

I second Sygate, it handles massive connections well, and is quite light.
One of the best firewalls ever for windows, even though it is not updated anymore.
Just don't look for it to pass all these recent outbound leaktests.
You can add execution prevention or behavioural blocker software if you need to plug those kinds of leaks.

https://www.wilderssecurity.com/showpost.php?p=947511&postcount=6

 

You might be wise to try LnS first, yes.. I have heard a few people say that Kerio 2 doesn't fare too well with a lot of p2p connections. I can't vouch for this personally, but I have heard more than one person say this..