1. Home
  2. Networking Firewalls
  3. The Dreaded Personal Firewall

The Dreaded Personal Firewall

For personal or small network use, a router or NAT device appears to provide good protection against incoming threats.

So, it appears that the true role of a personal firewall would be to control outgoing connections.

The winning combination for me has been Kereo Firewall, Spy Sweeper and some Antivirus. The problem for me is that Kereo can be confusing and intimidating for some users.

Norton Internet Security 2006 claims to combine all these features. Anyone here have experience with NIS06? Does NIS06 do a good job of restricting outgoing connections and blocking spyware/malware?

I have had bad experiences with these Norton suites in that the slow the computer and sometimes block network traffic for no apparent reason.

I like the idea of using a Symantec product since when there is an outbreak, Symantec is where everyone goes for the fix. Norton aims for transparency, which is also a plus when dealing with shaky users on our company network.

The funny thing is most of us don't need PFs or even spyware blockers. There's just this one woman who seems to be a magnet for everything bad on the net. She must open and install everything that comes her way.

A solution I have considered is to upgrade to XP Pro and make her a restricted user. No installation of anything, ever.

I was excited to try the new Outpost firewall, but was let down when it let in spyware while refusing to learn which apps are trusted.

Reply to
brad_pitstain
Loading thread data ...

It's a *bad* idea to trust software to do the job you should be doing. There is nothing magic about what Outpost does. It compares signatures in its data base to the data it is filtering. Of course, no signature, no match.

Reply to
optikl

I personally would never use a Norton product after my past experiences with them. As you mentioned, Norton tends to be fairly slow in terms of responsiveness and it also seems to bog down the system, especially on the older machines. And yes, I have seen that traffic blocking without reason also. Norton stuff also tends to post a *massive* number of entries to the registry, which I find a little disconcerting. I know that many use NAV and love it, but to me Norton is the King Of Bloat. So as such, I'd stay away from it.

If you want a 'suite', the 2 I liked best were the ZA Suite and the BitDefender Suite. ZA had the stronger firewall, and BD had the stronger AV, so depending on which you prefer, one might be more suited than the other. But I think both of them are much more desirable than Norton. Also most of the other 'suites' did not impress me much.

As someone else mentioned, there is no substitute for your brain though. I don't really believe there is any one product that will prevent a user from destroying his or her machine. A little training for the user might go a long way.

Reply to
Kerodo

Hi Brad,

The above is not totally the case. A NAT or any other kind of router/network firewall would protect your "inside" network at the "perimeter" of your inside network from traffic from the "outside" network, but that router or network firewall would not do anything to protect any machines on the inside network from any other machines on the inside network. If a threat ever got onto one of the machines on your inside network, it (the threat) would be free to attack any other machines on your inside network (remember Blaster?).

That's one of the other main reasons for putting a firewall like Kereo or Sygate, or whatever, on the individual machines that are on your inside network, i.e., the per-machine firewall would prevent attack from other machines on your inside network.

Jim

Reply to
ohaya

Someone recommended a Sonicwall for our network. Looks good except that it only has a 5 port switch. I can set it up between our switch and the internet, but I would prefer that it have 24 ports. That would machines on the inside network from each other, wouldn't it?

Reply to
General Specific

Get yourself a seperate switch, like this one;

formatting link

Reply to
Al Dykes

If this device is filtering in a sensible way, too: yes.

And this is, what "Personal Firewalls" are failing to do in a secure way.

This is a good idea anyway.

Yours, VB.

Reply to
Volker Birk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.