Friday, November 23, 2007

Free Vista Firewalls: And then there were five

Having an extended holiday is a blessing and a curse for a guy like me.

I have two extra days to chill out, visit with family, surf the web, tweak my own home pc systems, etc.

Of course, that often leads me to uncover additional subjects to blog about.  Currently I have about twelve post subjects now waiting in my Firefox bookmarks collection.  I hope to get through them all!

Yesterday morning we traveled to Lavie's parent's home in the country (a.k.a. "the sticks") and spent the night.  Luckily Pop has a DSL connection as well DishTV so we have the entertainment aspects down.  I dug out the D-Link router that we got him (and which he doesn't use) so I can run my laptop on his net-connection while keeping his system connected as well for Alvis to use.

Anyway, this week a fifth freeware firewall solution for Vista was released, thus leading me to this post and a change-out on my Vista firewall.

Free Vista Firewalls - New Release!

Comodo™ Firewall v3.0 - (freeware) - This week, Comodo released it's final version of it's leak-proof winning firewall product.  The new version is fully compatible now with Windows Vista in both its 32 and 64-bit OS flavors. Yummy!

I had been using the Microsoft firewall that ships with Vista until now.  Installation was a breeze and I selected the "Train with Safe Mode" for the firewall setting and the "Clean PC" for the Defense and Security Level setting. This HIPS system helps keep the system safe from malware and virus/trojan attempts to hijack a running system.  The whitelist of approved programs that ships with the application supposedly has nearly 1,000,000 items listed.  All executables are checked against the list to verify the are genuine before being allowed installation.  You can also manually add trusted software vendors.

The pop-up alerts are very helpful and informative. Once when a process appeared and was caught trying to access the net, I didn't have a clue what it was.  I clicked the link offered for the application and was able to view the properties and find that it was actually the Vista Media Center updater doing a network connection to look for updated catalog info.  It was amazingly simple to do this quick bit of research on the file via the Comodo interface.

I really like the updated user interface.  It is very nice and well organized. Navigation is simple and advanced views are easily accessed. On my Vista Home Premium system it is running with just over 3.5MB of RAM used.

I've been using it for two days now and still am finding new areas to optionally configure and tweak (because I can and want to, not because it is required).  It has been a long-time since I have had this much fun poking around a new firewall application and being happy to do so.

In the past, I did have an issue with how it and the AVG-Free email-plugin for Thunderbird worked...they didn't.  So I think I will uninstall the Kerio/Sunbelt firewall on my XP system and try this new Comodo version on it as well to see if that has been fixed. If so, I will probably leave the Kerio/Sunbelt firewall off and stick with the new Comodo version.

Also, it has been noted pretty clearly now that Comodo Firewall v3.0 isn't playing nice with the Avast! anti-virus application or some other A/V applications.  So you might want to be cautious.  I'm using AVG-Free with Comodo and haven't seen any performance issues at all, myself.

Comodo Firewall v3.0 -- Valca recommended!

Free Vista Firewalls - Four Others!

There are also four other quality freeware firewalls for Vista at the moment worth considering as well:

Webroot Software Desktop Firewall - (freeware) - This application offers "multiple layers of security include desktop firewall, port manager, URL filter, process monitor, and application/system anomaly detection."  Review and screenshots via CyberNet News post.

PC Tools Firewall Plus Firewall - (freeware) - This firewall that is Vista compatible has a very simple interface, but allows for more complex rule setting. Review and screenshots via CyberNet News post.

ZoneAlarm by CheckPoint - (freeware) - ZoneAlarm was my perennial free Windows firewall selection for years and years.  Then it became a bit buggy and bloated in my opinion. So I left it behind for Kerio/Sunbelt.  However, I understand this new version which is Vista-compatible has been cleaned up considerably from previous versions. ZA remains a strong contender in the free consumer software-based firewall market.

Microsoft Vista Firewall - This default firewall that ships with Vista is clearly better than nothing-at-all. It has been improved in many regards from the XP firewall.  However, unless you are are willing to do lots of technical work with "profile configurations", it really just functions as an inward-blocking firewall only.  I did find this nice SANS whitepaper (PDF) on the Vista firewall.

The Vista firewall provides simple and effective protection and clearly is not intended to be a single security solution.  It’s cost effective as being distributed as part of the OS and offers a sense of purity in what it does.  Combined with other facilities such as anti-virus and patch management, it can still be thought of as that 3rd piece of an overall PC protection posture.  On the down side, trouble shooting can be difficult due to limitations in logging.  This would include the ability to control what is put in the logfile and Microsoft’s choice to only record events involving ports that are listening.   The Domain Aware feature, while extremely useful, is inflexible in its ability to decide which adapters are involved with authentication.  Like most other 3rd party firewalls, it offers no protection against programs or facilities that can be installed in such a way that network traffic can be processed before it has a chanced to be examined by the firewall.  Overall there are no features or characteristics that would prevent an organization from adopting the Vista firewall.  With organizations eventually migrating to Vista and those that already support Active Directory and Global Policy, this may provide the perfect solution.

Still waiting on Sunbelt's Vista version

And meanwhile...we still wait patiently for Sunbelt to release a Vista-compatible version of their Sunbelt Personal Firewall.  This remains a shame as quality freeware firewalls choices for Vista are continuing to appear and providing Kerio fans the chance to try and use them in the meantime.  If they aren't careful, they may get behind in the race.

I sincerely hope that Sunbelt's delay is due to the hard-work and efforts in preparing to deliver a updated application that will perform awesomely and be a major evolution in the features and interface they ship to their faithful.

Whatever application you decide to go with, there are too many strong and quality choices to not use one to keep your Vista system secure and safe.

--Claus

2 comments:

Anonymous said...

I have been using Zone Alarm since Day 1 with Vista about a month or so ago and found it to suit my needs. I was using Sygate and on my dead XP system. I want to try Comodo however after hearing it doesn't play well with Avast! I opted not to.

Anonymous said...

I don't blame you for your caution.

If you have a firewall that is stable and works well on your system then that is a good thing to keep with.

I am really impressed with the newest version of Comodo and previous versions have been highly rated in outbound "leak-testing" comparisons.

From what I have read, you are justified in your caution for using Comodo at the moment. I'd wait until an updated version gets released first, then give it trial run....especially if you are an Avast! a/v user.

It is nice to see more freeware options coming out now!