Which firewall do you think is good? I need some opinions from you guys,

Malaysia
April 24, 2007 10:05pm CST
I am using ZoneAlarm at the moment, and i need more opinion from you guys, share with me if you know about firewall, give me some softwares introduction, tell me which one is good and better with the reasons. Thank you
1 person likes this
3 responses
@santuccie (3384)
• United States
25 Apr 07
ZoneAlarm Pro is a decent product, with meticulous system monitors, proven sturdiness against termination, and excellent performance in leaktests. The free version, however, has been stripped to bare bones, and now offers little more than traditional SPI (Stateful Packet Inspection). Browser security breaches are nothing new, and are growing in prevalence since the tremendous success of web rating tools like McAfee SiteAdvisor caused phishers to frantically start attacking green zones, injecting JavaScript malware into the HTML code to hit unsuspecting visitors with drive-by infection. Ever since last fall, when SQL Slammer and Stack Bot worms flooded the web and infected nearly 11% of all the computers on the planet with IRC botnet programs, McAfee has been saying that firewalls need to include IPS (Intrusion Prevention Systems). All of McAfee's firewalls have it now, even the free one built into AOL Safety and Security Center. If you're interested in a free, self-managed all-in-one suite, this is for you. It incorporates antivirus and IPS firewall powered by McAfee, and antispyware by CA PestPatrol. A couple of firewalls I've found over the years to be consistent in their abilities to withstand attack are Sunbelt Kerio and IBM/ISS BlackICE. The former offers a free version that proves to be a real alternative to paid firewall solutions, while the latter boasts one of the largest and most informative intrusion databases in the business. This being so, it's little wonder to me why the entire company was recently purchased for 1.3 billion dollars by none other than International Business Machines, pioneer of the Personal Computer. While the products mentioned above would protect you quite well against most Internet attacks and greatly reduce the urgency to download and install security patches from Microsoft Updates, the type of security modeling they employ is actually the lesser of two. While most IPS products employ the negative security model, which blocks blacklisted protocols by way of heuristic signature or anomaly detection, the positive security model uses a reverse approach. This model admits only whitelisted protocols and blocks everything else. The drawback for corporations and highly prolific home users with the positive security model is that it is more prone to false positives than the negative model, and may restrict certain legitimate activities they might happen to require/desire. But for a majority of home users and small businesses, who would be more likely to value security over extra functionality, the positive security model is currently the ultimate power in the network IPS (NIPS) realm, as it should theoretically be able to defend against new exploits for years to come without the need for updates. A fairly big fish in this pond is Citrix, whose Netscaler web application firewall holds the prestige of ICSA certification. Thus far, I've found one freeware web application firewall available on the Internet that uses the positive security model. It's called FeeBe WebWall. It has a tiny footprint, which I would expect from a product that only needs to maintain a small whitelist, yet it successfully defended IE6 from every browser exploit test I've been able to find on the Internet. However, WebWall happens to be a universal product that can be used on servers as well, and apparently lacks SPI. Although hackers might not be able to penetrate WebWall with malware, they could still "waltz" right on in and access your personal files. The solution? Use WebWall and Windows Firewall together. :)
• Malaysia
26 Apr 07
Thanks a lot for your detail replying :)
1 person likes this
@santuccie (3384)
• United States
26 Apr 07
You're very welcome. Hope this helps you in future decision making.
@Impervious (1147)
• United States
25 Apr 07
I have to go with zone alarm. The free edition is effective. And I have been quite happy with it for a while now. Even the free edition rates very high in the reviews.
@santuccie (3384)
• United States
25 Apr 07
Unless you're using dial-up, or another component in your security apparatus is filling in the void, or you're using a non-IE browser, or you're not doing a lot of surfing, or you can't really tell when your machine has been compromised, I assure you that ZA Free is not what it used to be. Ian "Gizmo" Richards and I disagree on the roles of different security programs. I would rather rely on a firewall/NIPS with strong inbound protection against exploits, while Gizmo assumes everyone is a P2P junkie and should use a sandbox instead, choosing the firewall with the best outbound protection. Yet, even Gizmo agrees that ZA Free is a very basic firewall and does not recommend it: http://www.techsupportalert.com/best_46_free_utilities.htm#5 Hope this helps!
@pandaren (30)
• China
27 Apr 07
I am suing ZoneAlarm pro and kaspersky. just because its easy to use.