News
Commentary
4/9/2002
10:29 AM
Fred Langa
Fred Langa
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Langa Letter: Firewall Feedback

Fred Langa tests the new crop of desktop firewalls, makes his recommendations--and wants to hear about your experiences.

Agnitum Outpost
Not many people have heard of Outpost. It's a new firewall contender that's only recently emerged from a very long beta cycle.

Its unfamiliarity might be reason enough to lead off with this software, but there's another. In addition to excellent general documentation about the free and pro versions of Outpost, the Agnitum site also offers a good overview of the features of 12 competing firewalls.

Naturally, you need to be cautious when reading any vendor-supplied comparison charts. It's very easy for the vendor to skew the definitions and tests to ensure that its product wins in every important category. In addition, information about competing products may not always be fully up to date. And while both these major caveats pertain to the Agnitum comparison chart, it's still a useful starting point to see what's available from a wide range of firewall vendors.

And--despite any built-in bias in the comparison chart--Outpost does seem to be a legitimately good desktop firewall. Both the free and pro versions set up and operated smoothly on my test machines and passed the security scans and leak tests I ran. They both were nearly identically easy to use and provided good feedback and logs on what's using your Internet connection. The full list of product features is too long to reproduce here, but the site lists them all.

Of special note is Outpost's use of plug-ins. With software modules, you can add to or enhance features of the firewall, such as blocking ads or filtering "active" content. While other firewalls offer similar features, Outpost's architecture makes it possible for any developer to create new plug-in modules. This gives Outpost the potential to become an extremely versatile general security tool.

Do note that this is a "version 1" product (actually, version 1.0.1551.1038, as of this writing), and, according to Usenet chatter, there may be some rough edges. (I found none in my tests, however.) But even users who reported problems with Outpost were generally positive about Agnitum as a company, especially its customer responsiveness.

The free-for-personal-use version comes with no tech support. The pro version has tech support, comes with some additional features, and is available for a free 30-day trial. After 30 days, a license is $40, with steep discounts available for quantity purchases.

I think Outpost deserves serious consideration in any desktop firewall application.

Sygate Personal Firewall
Longtime readers know I was a major fan of Sybergen's Sygate, an inexpensive and ultrasimple Internet access-sharing utility. Through version 3, Sygate was unsurpassed in security, ease of use, and setup.

But things got funky after that. Sybergen seemed to lose its way, and, for a time, its products became encrusted with features that added little to the basic functionality. The problem was exacerbated by awful documentation. The badly written (or poorly translated) instructions weren't a problem when the software was ultraeasy to set up, but as the software gained complexity, users needed clearer documentation. Alas, there was none.

The company eventually got the message. It changed its name (now the company is called Sygate Technologies) and revamped its documentation and products. What used to be Sygate (the Internet-sharing utility) is now called Sygate Network, and comes in home and office flavors. More germane to today's topic is Sygate Personal Firewall (now in version 4.2) and Sygate Personal Firewall Pro (now at version 5).

In a way, these products are naturals. Sygate pioneered the use of "stealth" technology in its original Internet-sharing tools. Instead of merely closing the network ports on your system, the Sygate software also deliberately refused response (in any way) to external port probes, making your PC a kind of black hole on the Net--almost impossible for anyone to detect and attack. Stealthing is common now, but Sygate was first to use it in a generally available desktop product.

With that kind of background in advanced security features, you might expect the Sygate firewalls to be effective, and they are. They not only do exactly what you'd expect in blocking inbound intrusion attempts, but they also pass the leak test and block unwanted outbound connections. The firewall interface also makes it extremely easy to see what's using your Internet connection and what's being blocked. You can drill down to see activity on a connection-by-connection basis or drill up to a very nice overview that shows both the normal incoming and outgoing activity, and also the amount of blocked traffic, in real time, on a moving bar chart.

Sygate works well with Microsoft's Internet Connection Sharing system and other kinds of connection-sharing tools (not all firewalls do). It also has some features you normally see only on higher-end products. For example, the Sygate firewall can be configured to send an E-mail message to any designated address to warn of an attack upon the firewall. If the Sygate-protected PC is in a remote location or otherwise not continuously monitored, this kind of automated warning system can alert the proper people right away and help stop an attack before it gets too far or goes on too long.

Although the Sygate firewall works right out of the box, it's also unusually easy to custom-configure in an extremely fine-grained fashion, both in establishing general rules that govern broadly allowed behaviors and in setting application-specific parameters. For example, you can set the firewall to allow or disallow connections by application, to- or from-address ranges, port, time of day, duration of the connection, and so on.

It appears that Sygate learned its lesson, because the firewall's advanced functions are clearly explained in the help files and documentation.

About the only area where the Sygate firewall seems to fall short is in clearly differentiating between the basic and pro versions. The company's Web site is rather vague on the subject.

One clear difference is that the pro version 5 can block attempts to circumvent the TCP stack. That's a good thing, because it helps detect and thwart hack attacks that use nonstandard connection methods. But the next version of the basic firewall (now in beta) will also have that feature, so the differentiation between basic and pro versions will get murkier.

But despite that quibble, the basic Sygate Personal Firewall is an impressively complete, powerful, and easy-to-use product. It's free for personal use or $20 per seat for commercial use. The pro version starts at $40 and offers quantity discounts. Highly recommended!

Previous
2 of 4
Next
Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.