Results 1 to 7 of 7

Thread: Firewall Recommendations - Number Four!

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675

    Lightbulb Firewall Recommendations - Number Four!

    Firewall Recommendations - Number Four!

    This edition is posted to keep you updated of any new additions to the list and display the status of your current firewall recommendations. With that in mind, we did have four new firewall recommendations. They were: SoftPerfect, StoneGate, CyberGuard, and Firebox-3.

    The period covered is 17 Jul 2002 thru 11 Oct 2004 and the data was taken from the “Firewall & Honeypot Discussions Forum”. Since the other threads were well received, I have kept pretty much the same format. Including of course, the trends in popularity of the Windows Compatibles Section. As we found in the other Firewall Recommendations there was a significant shift during the later part of the period.

    So directly from the keyboards of AO Members:


    Software Firewall Recommendations - Windows Compatibles:

    - Sygate – 72 times. *Doesn’t even have to look back to see who’s chasing them.
    - Zone Alarm – 54 times. *Folks still switching to Sygate or Outpost.
    - Outpost – 46 times. *Really favored 2002-2003 and moving up on ZA.
    - Kerio - 36 times. *More popular 2003-2004 and continuing to increase.
    - Tiny – 27 times. *Really popular 2002.
    - Norton – 13 times
    - Checkpoint – 11 times
    - BlackIce - 9 times
    - McAfee - 5 times
    - VisNetic – 4 times
    - Bordermanager – 2 times
    - ICF (XP) – 2 times
    - Look’n’Stop – 2 times
    - Symantic – 2 times
    - BitGuard – 1 time
    - Gnatbox – 1 time
    - Kaspersky – 1 time
    - OmniQuad –1 time


    Top Changes: (in magnitude of change)

    - Outpost from 42 to 46, increasing and could be past ZA pretty soon.
    - Kerio – 32 to 36, climbing significantly!
    - Sygate from 69 to 72 recommendations.
    - Zone Alarm from 51 to 54.
    - Checkpoint – 8 to 11
    - Tiny – 26 to 27
    - Norton – 12 to 13


    Software: - *nix:

    IPTables – continues to dominated {dar}

    - Smoothwall – 13 times
    - OBSD (pf) – 7 times
    - Coyote – 5 times
    - Astaro – 3 times
    - IPCop - 3 times
    - Securepoint – 2 times
    - Devil Linux – 2 times
    - Mandrake – 1 time
    - Sentry – 1 time


    Hardware:

    - Pix: dominated (had to put it by itself)

    - Linksys router (NAT) – 8 times
    - Sonicwall – 4 times
    - Dlink – 3 times
    - Netgear (NAT) – 2 times
    - Watchguard – 2 times
    - CyberGuard – 1 time
    - StoneGate – 1 time
    - Fortigate – 1 time
    - Netscreen – 1 time
    - Raptor – 1 time
    - Sidewinder – 1 time


    New Entries:

    SoftPerfect Personal Firewall, is a free network firewall
    http://www.softpedia.com/public/cat/14/3/14-3-76.shtml

    StoneGate Firewall, also manages Stonebeat Products. Interestingly enough, updates to Check Point’s Firewall-1, can be downloaded here.
    https://my.stonesoft.com/download/fw

    CyberGuard
    http://www.cyberguard.com/news_room/...ses_041007.cfm

    Firebox-3
    http://www.watchguard.com/products/firebox.asp


    Brief Descriptions of Some Firewall Technologies:

    Network Address Translation (NAT): Lately, two dominant attacks have been the Sasser and Blaster. How did the SOHO Routers with NAT fair against them? The router conceals the IP addresses of the internal network while it displays only one IP to the Internet. The worms mill-about the Internet looking for a Window’s OS that is vulnerable. Although the Router’s IP is visible, it does not have a Window’s OS for them to attack. This only applies to these types of attacks and if NAT is your only line of defense then you could be in big trouble soon. Just consider NAT Routers as one part of your multi-layered defense. And that defense should include an updated, well configured, properly deployed, "stateful inspection" firewall.

    Circuit-Level: Allows packet flow by approved IP’s, ISP’s, networks, etc. After the session is established, all other packets flow unchecked.

    Application-gateway: Filters by IP and the specific application, while it may be busy blocking some apps – it will also allow approved apps to be executed.

    Stateful Inspection: examines and analyzes the entire packet for the purpose of determining what type of data is attempting to pass through the firewall.

    Packet-Filtering: allows communications only with specific IP’s by monitoring the packets.

    ***Note: Some firewalls combine several technologies to accomplish their goal.


    Possible new breed of Firewall around the corner: Memory Barrier – Posted by foxyloxley
    http://www.antionline.com/showthrea...threadid=258503

    Check Point VPN-1 ASN.1 Buffer Overflow Vulnerability
    http://www.antionline.com/showthrea...threadid=260309


    Zone Alarm is now a Check Point Company. “Check Point paid approximately $114 million in cash and issued approximately 5.3 million Check Point shares, and will also assume employee stock options of Zone Labs, which could become exercisable for approximately 2.8 million additional Check Point shares.”
    http://download.zonelabs.com/bin/fre...2004/pr_8.html


    For those that may not know: The original team that developed Tiny left the company and started the Kerio Firewall. It was based on the Tiny’s engine but with many improvements. That may help explain the popularity of Tiny in 2002 and then the Kerio popularity in 2003-2004.

    Summary: For Windows Compatible Software Firewalls – Sygate, ZA, Outpost, Kerio, and Tiny were the most recommended. Sygate well in the lead. Outpost and Kerio are hunting down ZA as well. For Hardware Firewalls – PIX most recommended. For *nix Software Firewalls – IP Tables was most recommended.


    http://smb.sygate.com/products/spf_standard.htm

    http://www.zonelabs.com/

    http://www.agnitum.com/products/outpost/

    http://www.kerio.com/kpf_home.html

    http://www.tinysoftware.com/


    References:

    Firewall & Honeypot Discussions
    http://www.antionline.com/forumdisp...&forumid=70

    Firewall Recommendations - Number Three!
    http://www.antionline.com/showthread...hreadid=260404

    Firewall Recommendations - Number Two!
    http://www.antionline.com/showthrea...threadid=258944

    Firewalls: Hardware and Software.
    http://www.antionline.com/showthrea...threadid=257776


    Most notable quotable for the period: “OOF! It seems that Zone Alarm is quickly going down the same path as a certain former heavyweight champion.... ”, gn0min0mic0n


    Enjoy!

    Connection refused, try again later.

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Interesting read/report there Tyler. I'm surprised and upset though at ZoneAlarm's position. Both Outpost and Kerio IMO are more popular and better software firewall's than ZoneAlarm. I'll even take Tiny Personal Firewall over ZA. Oh well, just my personal recommendations. Good stuff all the same.
    Space For Rent.. =]

  3. #3
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Thanks,

    I would imagine alot of it has to do with ZA's advertizing. But ZA better not take a pit-stop because they are steadily gaining on him.

    cheers

    edit: Being associated with Checkpoint would definitely improve sales...lol
    I wonder if they will ever change ZA's name?
    Connection refused, try again later.

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by Relyt
    Thanks,

    I would imagine alot of it has to do with ZA's advertizing. But ZA better not take a pit-stop because they are steadily gaining on him.

    cheers
    I'd imagine that its also because they've been purchased by checkpoint...
    If checkpoint doesn't know how to make a firewall product... then I don't know who does.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    Junior Member
    Join Date
    Oct 2004
    Posts
    14
    Wow, really nice report. I think I may have to implement some of those walls on my new systems.

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    386
    Another up and comer, currently in beta but very stable on my machine after 3 weeks of testing is Jetico. I currently have the 1.0.1.31beta which is the current beta version and so far haven't found a single thing to report. It's light on resources, stealth everywhere, somewhat confusing but not difficult to set up, and it just works. I'm running Win XP Home SP1, 1.3G Athlon, and 512 RAM. Anyone interested in testing it, it's available at the addy below. The beta is free and is upgraded as needed.

    http://www.jetico.com/

  7. #7
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Chuck56,

    Great info, and please do a little eval on it and make a thread in this forum so I can find it easily. I'll include it on the next version of this thread.

    Thanks
    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •