Firewall Recommendations - Number Three! - Antionline Forums

*Relyt* · July 31st, 2004, 04:11 AM

Firewall Recommendations - Number Three!

This latest edition is posted in hopes of keeping current information readily available for the inquiring mind. The period covered is 17 Jul 2002 thru 27 Jul 2004 and the data was taken from the “Firewall & Honeypot Discussions Forum”

In the other Threads, I indicated some trends in popularity in the Windows Compatibles. As we found in Firewalls Recommendations – Number Two, there was a significant shift in our recommendations during the later part of the period. This trend continues much to the delight of our members!

So directly from the keyboards of AO Members:

Software Firewall Recommendations - Windows Compatibles:

- Sygate – 69 times *Ladies and Gentlemen: winner by Technical Knockout, SYGATE!
- Zone Alarm – 51 times *Popularity declining, folks switching to Sygate and/or Outpost.
- Outpost – 46 times *Really favored 2002-2003 and now moving up as well.
- Kerio - 32 times *More popular 2003-2004 and continuing to increase.
- Tiny – 27 times *Really popular 2002.
- Norton – 12 times
- Checkpoint – 11 times
- BlackIce - 9 times
- McAfee - 5 times
- VisNetic – 4 times
- Bordermanager – 2 times
- ICF (XP) – 2 times
- Look’n’Stop – 2 times
- Symantic – 2 times
- BitGuard – 1 time
- Gnatbox – 1 time
- Kaspersky – 1 time
- OmniQuad –1 time

Top Changes: (pecking order in magnitude of change)

- Sygate from 60 to 69 recommendations, smokin’!
- Kerio – 26 to 32, climbing significantly!
- Outpost from 42 to 46, increasing and could be past ZA pretty soon.
- Zone Alarm from 48 to 51, Fading - Don’t know if even CPR will help!
- Checkpoint – 8 to 11
- Norton – 10 to 12
- Tiny – 26 to 27

Software:
*nix:

IPTables – continues to dominated {dar}

- Smoothwall – 13 times
- OBSD (pf) – 7 times
- Coyote – 5 times
- Astaro – 3 times
- IPCop - 3 times
- Securepoint – 2 times
- Devil Linux – 2 times
- Mandrake – 1 time
- Sentry – 1 time

Hardware:
- Pix: dominated (had to put it by itself)

- Linksys router (nat) – 8 times
- Sonicwall – 4 times
- Dlink – 3 times
- Netgear (nat) – 2 times
- Watchguard – 2 times
- Fortigate – 1 time
- Netscreen – 1 time
- Raptor – 1 time
- Sidewinder – 1 time

*** Minimal changes to all *nix and hardware firewalls because of lack of inquires.

Brief Descriptions of Some Firewall Technologies:

Circuit-Level: Allows packet flow by approved IP’s, ISP’s, networks, etc. After the session is established, all other packets flow unchecked.

Application-gateway: Filters by IP and the specific application, while it may be busy blocking some apps – it will also allow approved apps to be executed.

Stateful Inspection: examines and analyzes the entire packet for the purpose of determining what type of data is attempting to pass through the firewall.

Packet-Filtering: allows communications only with specific IP’s by monitoring the packets.

***Some firewalls combine several technologies to accomplish their goal.

Possible new breed of Firewall around the corner: Memory Barrier – Posted by foxyloxley
http://www.antionline.com/showthread...hreadid=258503

Check Point VPN-1 ASN.1 Buffer Overflow Vulnerability
http://www.antionline.com/showthread...hreadid=260309

Zone Alarm is now a Check Point Company. I will keep the two separate unless they rename ZA. It will be interesting to see if any changes transpire.

For those that may not know: The original team that developed Tiny left the company and started the Kerio Firewall. It was based on the Tiny’s engine but with many improvements. That may help explain the popularity of Tiny in 2002 and then the Kerio popularity in 2003-2004.

Summary: For Windows Compatible Software Firewalls – Sygate, ZA, Outpost, Kerio, and Tiny were the most recommended. Sygate has TKO’d ZA. Outpost and Kerio are hunting down ZA as well. For Hardware Firewalls – PIX most recommended. For *nix Software Firewalls – IP Tables was most recommended.

http://smb.sygate.com/products/spf_standard.htm

http://www.zonelabs.com/

http://www.agnitum.com/products/outpost/

http://www.kerio.com/kpf_home.html

http://www.tinysoftware.com/

References:

Firewall & Honeypot Discussions
http://www.antionline.com/forumdispl...?s=&forumid=70

Firewall Recommendations - Number Two!
http://www.antionline.com/showthread...hreadid=258944

Firewalls: Hardware and Software.
http://www.antionline.com/showthread...hreadid=257776

Enjoy!

*kryptonic* · August 2nd, 2004, 12:23 AM

Nice job. Relyt i have been looking for a new firewall. It helped me out a lot.

*Relyt* · August 2nd, 2004, 12:52 AM

kryptonic

Thanks for the Kudos!

I have also changed the various firewalls I use with *nix, and windows, based on the info provided by our members. Glad I could make this stuff available for all.

cheers

gn0min0mic0n · August 2nd, 2004, 03:28 AM

OOF! It seems that Zone Alarm is quickly going down the same path as a certain former heavyweight champion....

Great job, Relyt!

*Spyder32* · August 2nd, 2004, 03:35 AM

gn0min0mic0n: Yeah, not to get off topic but 4 round's, eh? Pretty bad. Oh well, couldn't have happened to a nicer guy.

Anyways, good info/report Relyt.

whatthe · August 13th, 2004, 05:38 PM

I was just about to search through past threads to see what people recommended and you just saved me a lot of time.

R0n1n · August 13th, 2004, 09:29 PM

No Cyberguard???

Regarding Checkpoint/zonelarm - The Checkpoint integrity client was released this week which wraps Checpoints VPN software and Zonealarm in one easy to deploy package(so they say).

maybe it would be good to distinguish the firewalls between home use ones and corporate/large network ones?? Just a thought.