ZoneAlarm - gets in the way, and hard to diagnose problems. You end up turning it off because it never remembers your settings and you can't trust it.
Kerio - I liked the best, but the GUI would crash when trying to display all your packets. This is a known bug. Allows you to create rules, and to see how they are applied in comparison to the system-generated rules. Definitely try. 8Signs - Said it had stateful packet inspection, but didn't. I gave up trying to poke a hole for TFTP. I haven't tried Tiny, its next on my list. The toughest part about these firewalls (for me) is determining how/when a packet is filtered. Does it hit the internal rules first or does it check against yours? If one time you hit Permit on a pop-up window, can you go into the program and find rule? On 1/17/06, Steven <[EMAIL PROTECTED]> wrote: > I am looking at supplementing the Windows XP (Pro) SP2 Firewall with a third > party product on a bunch of Windows machines. I am trying to determine what > product to go with and wanted to solicit some opinions from this mailing > list. The four that I really come across and have used in some cases are > ZoneAlarm, Sygate, Norton, Kerio, and Tiny. My understanding is that Norton > has actually acquired Sygate and that the Sygate Personal Firewall probably > wouldn't be the best choice of these now. With that in mind I am looking > for a product that easy to setup, easy to use, works well, and does not take > up too much in terms of system resources or harddrive space ( I also don't > want it to add 20 minutes to the boot process either). > > I am not looking for e-mail protection, anitivrus, or any other non-firewall > type services to be included. I do however want it to be able to manage > applications and their internet usage. (i.e. if they install something new > that tries to access the web (trojans included) they will get a popup > telling them something is doing this). > > Any suggestions and opinions on the above products and any others that I > might not have mentioned are welcomed. > > Also -- on top of this if someone knows of software/hardware that can scan > these machines and verify whether or not both the SP2 FW and/or the 3rd part > FW -- and perhaps prevent them network access if they are not running -- > please let me know. [I am not sure what security products have these > capabilities] > > Thanks > > Steven > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- - Nic _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
