Which Firewall is Best?

I have been doing some research on several firewalls and have found conflicting reviews on which is best. Here is a short list of what I have found so far:

  1. Sygate Pro
  2. BlackICE
  3. Outpost Pro
  4. BitDefender Pro
  5. PC-Cillin Internet Security 2004

I am wanting to make the move away from Symantec, but would like some user experiences on the products before I purchase.

Thanks in advance!!!

Reply to
Robert Smith
Loading thread data ...

"Robert Smith" wrote in news:mYzNc.158026$ snipped-for-privacy@twister.southeast.rr.com:

No one can make your decision but you. Try them all and find the one that best meets your needs. They all have trial software.

Duane :)

Reply to
Duane Arnold

Thanks Duane,

I'm more looking to find out if anyone has had any problems with any of them - support, crashes, etc...

Reply to
Robert Smith

None of those...

ZoneAlarm (Pro) or Kerio..

Reply to
Earthling

Earthling,

Thanks for the reply - never tried Kerio, but I have ZAPro and had some problems with certain websites when using it... I believe it was either JAVA or ActiveX problems - can't recall...

Reply to
Robert Smith

Just noticed that this post is not showing up on deja... I'm going to repost in case noone can see this but rr.com users...

Reply to
Robert Smith

Before you buy, you might want to try some of the free versions to see which one "fits". Sygate free is at:

formatting link

Reply to
Casey

Buy yourself a sleek RP614 router. There inexpensive and an effective firewall.

Reply to
K2NNJ

The RP614 is a router with NAT, not a firewall. It is a nice first line of defense for home users.

Reply to
Leythos
7/28/2004 8:33:12 AM

effective

Just checked NetGear's site - I think I may try the FR114P (which has both NAT and SPI firewall...)

Thanks for the advice!!!

Reply to
Robert Smith

Just keep in mind one thing - neither NAT or SPI make the device a firewall. SPI ensures that the traffic that is permitted in is the correct traffic. NAT and SPI are parts of many firewalls, but they do not make the device a firewall.

Isn't it wonderful what Marketing types and Sales people can do when they start playing with words to describe a product :)

Now, for the real info - if you get a router with NAT/SPI, it's a very nice start, in the old days I used NAT as a border defense method and additional protections inside the network, even with public facing services. During that time I ever found an uninvited quest connected to our systems, but, that was before people really started attacking the "routers". If you are going to get something with SPI, consider a Linksys, so that you can download the free WallWatcher software to track ALL in/out bound traffic - this will let you monitor what stations INSIDE your network are communicating with OUTSIDE resources, and it will also show you what outside resources are making connection attempts. It's a dang nice application - about a year ago he sent me the source code for it and I modified it to log all the traffic to a SQL server for reporting, dang nice chap.

I don't know if the Netgear works with WallWatcher, but Linksys was a number of "Firewall" named units (which are NAT/SPI) that you could pick from.

Reply to
Leythos
7/28/2004 10:05:40 AM

connected to

Leythos,

Thanks for the advice! That's very useful and I'll check out LinkSys' products as well!

Reply to
Robert Smith

Just thought I would let you know that the FR114P is at the top of the WallWatcher Website as being supported (looks like the ONLY NetGear supported, btw...)

Reply to
Robert Smith

The RP614 is a firewall. Maybe not your definition of a firewall.

Reply to
K2NNJ

And since I design secure networks, manage secure networks, etc... all over the country I would say that my definition carries some weight with all of our virus free, uncompromised, protected clients. How many RP614's have you seen protecting businesses where they can state they've never been compromised? How many home users can state that they've never been compromised while using the RP614 (I know about 30 that have been compromised while using one - even with no port forwarding).

What are you saying, are you one of those marketers that claims anything that blocks anything for any reason is a fully functional firewall?

How about bottom posting too.

Reply to
Leythos

"K2NNJ" wrote in news:AHVNc.15311 $ snipped-for-privacy@news4.srv.hcvlny.cv.net:

One can call it what one wants. The RP614 cannot be called a true FW appliance. It's a simple as that. It doesn't meet the specs. It has FW like capabilities and nothing more. It doesn't take a rocket scientists to figure it out.

If the RP614 can meet the specs in the link below, then it is a FW appliance. The RP614 cannot meet the specs.

formatting link
No NAT router for home usage such as a RP614 is a FW appliance. It's plain and simple.

Duane :)

Reply to
Duane Arnold

WallWatcher can be changed to add support for other Routers. The main requirement is that the Routers must send real-time log records to SysLog port 514 or SNMPTrap port 162. For more information, go to the WallWatcher website

formatting link
and find the section on "Adding support for other Routers."

Reply to
Dan Tseng - WallWatcher author
7/29/2004 2:11:32 PM

Dan Tseng - WallWatcher author wrote in message

NetGear

Thanks Dan! Just wondering if you happen to know if the NetGear FVS318 does this or not. I can't seem to find any information on it on their website...

Thanks!

Reply to
Robert Smith

Dan - you are my hero. Back when I wanted to use WW (several years ago) with my BEFSR41 you sent me the code so that I could change it to log to my SQL server. You are a great person!

Thanks for making such a great product!

Reply to
Leythos

Thanks for posting Dan,

Nice product, I knocked up some perl about 12 months ago to convert OpenBSD PF

formatting link
logging into a pseudo linksys form which could be digested by it.

Seeing, that you're taking requests so to speak LOL.

If you're interested I can collect and send on some PF logs from OpenBSD and the FreeBSD port of PF within the next day or so.

Greg

Reply to
Greg Hennessy

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.