Trend's Firewall 2006

Discussion in 'other firewalls' started by The Hammer, Jul 23, 2005.

Thread Status:
Not open for further replies.
  1. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Previous versions of PC-cillin have come under criticzim for the firewall. PC-cillin 2006 is now in beta testing. Any improvements to the firewall?
     
  2. squibbon

    squibbon Guest

    I don't believe the beta testing for Trend Micro 2006 begins until 9/6/05 as per this thread:

    https://www.wilderssecurity.com/showthread.php?t=89842

    The Trend 2005 firewall was a marked improvement over the 2004 version with the addition of the ability to create application rules, though.
     
  3. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Thanks for the reply. I just thought there might have been mention of it in new promo material. Various review sites I visit rake previous versions of the firewall over the coals.
     
  4. squibbon

    squibbon Guest

  5. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Having been a customer of Trend Micro for several years now, I've expressed my concerns about the firewall to them by email earlier this year.

    Their reply (customer service for PC-Cillin Internet Security 2005) indicated that even they considered their firewall a lightweight firewall. I do not seriously expect much improvement in this area.

    Trend Micro does not even run a forum for their products on its website afaik - I could be wrong in not knowing if there is one. If they had such a forum they might then stand a chance to be added to the firewallleaktester.com website tests.

    It seems to me that Trend Micro has opted to combine their AV product line with complementary (though lightweight) ancillary functions like the firewall.

    The two most important capabilities of a firewall (at least in my opinion) aside from the standard features are:
    1) stealth all of the ports to protect against intrusions
    2) notify user of unauthorised outbound connections

    These features are why I use ZoneAlarm Free with the PC-Cillin firewall.

    -- Tom
     
  6. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    Another thing about TM 2005's firewall. If you are using AdSubtract or simular software, TM's firewall will allow an application anauthorized outbound connection. Not a good thing.


    Lotuseclat79.....You run two firewalls at the same time? I didn't think that a good idea. Of course with TM's firewall, maybe that's a good idea.
     
  7. squibbon

    squibbon Guest

    While I have a somewhat more favorable opinion of the TMIS firewall, especially the 2005 version where I was able to create a custom profile with rules based on BlitzenZeus' ruleset for Kerio 2.15, I do recognize the firewall could be improved - that's why I signed up to be a beta tester for the 2006 version, so I can make some suggestions.

    Graystoke - I hadn't heard about the AdSubtract issue until your post. Is this akin to the Proxomitron problem in Sygate?
     
  8. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Graystoke,

    Its precisely because TM's firewall does not stealth the ports like ZA does that I run both - no problem if you configure ZA to not duplicate TM's PC-Cillin's email check in/out.

    -- Tom
     
  9. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California

    squibbon

    I believe so. I have AdSubtract Pro 2.55. When I first installed TMIS 2005 with AdSubtract Pro running, and ran the manual updates for several of my apps, TMIS's firewall didn't ask me if this was ok. I had the firewall set to high priority. When I shut down AdSubtract, and ran the manual updates, TMIS's firewall asked if it was ok to do so.
     
  10. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California
    lotuseclat79


    I had no problems with TM's firewall not stealthing ports. I ran it in high priority. I tested it at GRS.com and all ports were stealt.
     
  11. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Graystoke,

    High and Medium Priority in TM's PC-Cillin Firewall are defined as:

    High: Recommended for most users. Blocks incoming traffic unless allowed in the Exception List. Allows outgoing traffic unless blocked in the Exception List.
    Medium: Blocks network virus attacks and other known threats

    Are you absolutely certain you want to allow outgoing traffic unless blocked in the exception list?

    I get by quite well with Medium and ZA.

    -- Tom
     
  12. squibbon

    squibbon Guest

    I think you have the security level definitions mixed up. What you quote as the 'High' security level is really 'Medium'. The actual definition for 'High" in is as follows:

    Recommended for users who need strong protection.
    -Blocks network viruses and other known threats.
    -Blocks incoming traffic unless allowed in the Exception List.
    -Provides alerts for outgoing traffic.
     
    Last edited by a moderator: Jul 29, 2005
  13. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California

    Yep, that is they way I had it set up when I was using it. The reason I stopped using the firewall, was that there were some things listed in the Exception list that was allowed incoming statis, that I was not too sure about. I removed the check mark next to these, but never was too sure if that actually disabled that particular action from happening.
     
  14. squibbon

    squibbon Guest

    From the help file entry for the Exception List:

    Note:
    Clear the rule's check box to keep the rule in the Exception List, but not activated.


    One of my biggest peeves about the Exception List is there are rules that can't be modified or deleted, such as the ones for NetBIOS. The only thing you can do is uncheck the boxes and create your own replacement rules.

    I'd also like more customized control over ICMP in the 2006 version.
     
Loading...
Thread Status:
Not open for further replies.