Wow!
Finally!
Sunbelt Software Personal Firewall (Beta) is Vista compatible!
Sunbelt Software has released a new beta-version of their Personal Firewall (previously known as Kerio); this version is 4.6.1751.
Sunbelt Blog: New version of Sunbelt Personal Firewall now in public beta
The new version offers a significant number of changes. From the forum download page:
Changes
* Significant improvement in packet filtering
* Significant improvement in network performance when web filtering is enabled.
* Enhanced Process Injection prevention to prevent code inject attempts into Windows system DLLs.
* Corrected numerous application crashes in the firewall service.
* Corrected various crashes in assist.exe
* Enabled support for Windows Vista
* Corrected issue in which binary data appeared in logs.
* Significant improvement in product stability.
* Enhanced leak test protectionSystem Requirements
- Microsoft Internet Explorer 5.5 or higher
- IBM Compatible 400MHZ Computer with at least 256MB of RAM
- Windows 2000 Pro SP4R1 or greater, Windows XP SP2 or greater (Pro, Home, Media Center), Windows Vista (incl. SP1)
- 15mb of available hard drive space
Use the Special Key
Once you download and install it (more on that in a bit) you use the provided registration key (44M72-KM9D8-M86EE-E7CM8-C5CEF) to fully activate the product and access all the features as opposed to not using it and getting the limited "free version" capabilities . This key is only valid during the testing period and expires on 07/31/2008. (And no, I'm not giving away any secrets here. It's clearly posted on that official product forums page.)
I've been a big fan of Sunbelt Software's Personal firewall. It seemed to provide better than adequate outbound protection, and great inbound firewall protection. It also was very light and thin and used very few system resources. Always was on my recommended list of free personal software-based firewalls.
But no Vista support left me hanging until I started using Comodo's Firewall Pro 3 which does support Vista and seems to have much better "leak-protection" as well HIPS-style process monitoring (Defense+) if so desired.
Disclaimer; all my home systems (XP/Vista) now are running Comodo's Firewall Pro 3. But before those switches, I used Sunbelt Personal Firewall (free) on all my XP home systems.
Installing SPF Beta in Virtual PC session
I was anxious to see what improvements could be seen. But, I didn't want to go through the hassle of uninstalling Comodo from my systems and put on a beta-level firewall. Not a good practice for the security minded.
So, I set about using one of the many Virtual PC systems I have available for just such software testing cases. I decided to use the IE 7 or IE 8 XP virtual hard disk image versions offered for free by Microsoft. These are great resources for testing software safely.
- IE6_VPC.EXE - Windows XP SP2 with Internet Explorer 6
- IE7_VPC.EXE - Windows XP SP2 with Internet Explorer 7
- IE8_VPC.EXE - Windows XP SP2 with Internet Explorer 8 Beta 1
- IE7-VIS1.exe - Windows Vista Business with Internet Explorer 7
- IE7-VIS2.rar - part of IE7-VIS1.exe
- IS7-VIS3.rar - part of IE7-VIS1.exe
I downloaded the SPF Beta file from the afore-linked forum page, then copied it over to the desktop of the Virtual PC session.
I ran the setup file. It ran, then gave me a dialog box showing the Microsoft Setup Installer command-line parameters, but no installation wizard.
I tried again. Same thing. I even tried under different VHD's listed above. All the same result.
It looked like SPF Beta just would not install under a VHD. Hmmm.
Wonder if I can "unpack" it and install a bit semi-manually?
My favorite tool for picking open installer files is Universal Extractor.
So I ran that program and told it to unpack the setup file.
It quickly identified it as being created with Install Shield Installer, but offered me two methods of extraction: isunpack extraction or InstallShield /b switch method.
I first chose the isunpack method which failed.
I then tried the InstallShield /b switch method. That worked.
I had to run the installer "live" for a portion, then I could cancel while Universal Extractor captured what it needed.
Once done I was left with the following extracted files:
_ISMSIDEL.INI, 0x0409.ini, Setup.INI and the biggie, SPF.msi
I then ran the SPF.msi file in the VPC session and bingo, it installed flawlessly into the virtual PC session. Reboot was required. And, as noted in the forum notes for the download, Windows XP balks at the two "unsupported" device drivers needed during the installation. Just accept them and keep going.
First Takes
For all those folks who shudder when a new software version is released, and live in fear of a new and radical GUI redesign or feature changes that leave them befuddled (Grisoft AVG Free fans....), have no fears here.
While Sunbelt Software reserves the right to change things on the final version, SS-Personal Firewall fans will be relieved to know that I could find no GUI changes at all between this new version and the current release. None.
It looks the same, it acts the same, you have access to all the same features. If you are a SPF fan, you should feel right at home with this version when it makes final release.
Sunbelt has been hard at work tweaking and modifying the stuff under the hood and not the sheet-metal that wraps it.
I know a lot of folks who probably wish other software vendors would take the same approach.
Watching it for a while under ProcessExplorer (again, in a Virtual PC session) found that it was using three processes: SbPFLnch.exe (1600 K RAM), SbPFSvc.exe (24300 K RAM), and SbPFCI.exe (7300 K RAM).
In contrast, Comodo Firewall Pro 3 is showing (on my main system) just two processes; cmdagent.exe (400 K RAM) and cfp.exe (3700 K RAM).
I haven't had the time yet to toss on Matousec's Security Software Testing Suite to put this new SPF version through the paces. When I get a chance and some free time, I will do so and let you know what I experienced with the clear disclaimer (in fairness to Sunbelt) that this version is clearly still Beta product.
Matousec's tests of the SBPF version 4.5.916 resulted in a "not recommended" rating. They have a detailed PDF available of those test findings. And, yes, let's be clear here, Matousec's Firewall Challenge tests a number of advanced firewall and security process features of these products including (but not limited to) out-bound firewall "leak" protection. This is quite a bit more advanced than just inbound firewall blocking only....something that most all (good) software-based firewalls do pretty good. Heck, even the default Windows XP firewall can do that.
It will be interesting to see if the changes made by the Sunbelt Software developer's have improved it's performance on these tests.
Granted, these tests are pretty specialized and are designed to really push the limits of firewall capability. Many users might not need or care about that, and be rightly satisfied with having a basic software-based firewall to protect them against unsolicited and malicious inbound attack threats.
If that is the case, Sunbelt Personal Firewall might still be a good choice to consider. Certainly so now that it is supporting Vista. Unfortunately, they are arriving a bit late to the third-party firewalls for Vista table.
Time will tell if the investment made in additional development time will pay off.
--Claus
No comments:
Post a Comment