RE: Client End Firewalls

["Bryan S. Sampsel" <bsampsel () libertyactivist org>]

I've worked with the free version of the zone labs product...while it
doesn't provide the same level of protection the commercial product does,
I found it intuitive to use.  The only confusion for users may lay with,
"Allow this exe to blah blah blah" messages.  The average user won't know
enough to say yes or no in an informed manner.

I've also used F-Secure's firewall/AV combination package.  It works quite
well, not quite as easy to use, but very reliable once configured.  You
could much more easily "Pre-Can" a standard and expect it to work.  In
fact, they pioneered much of the "distributed firewall" concept.

I've also used Symantec's and found it to be awful.  It was kludgy and
problematic.

Client side firewalls are a great "last layer" defense.  Preferably, the
client is behind at least one firewall device/system, whether it is a SOHO
Netgear Broadband "router" or a Raptor Firewall or a Cisco PIX.  It helps
mitigate the "crunchy on the outside, chewy in the center" problem that
most networks have.

Sincerely,

Bryan S. Sampsel
LibertyActivist.org


Grant.Orchard () aws aust com said:
> Hi Scott,
>
> I should have provided more detail sorry. I'm looking to centrally manage
> this. Employees will be given basic training, more for awareness than "how
> to" knowledge. We are planning on developing a corporate rule set which we
> can modify upon legitimate requests.
>
> We recently had our comms company come out and tell us about the "great
> new
> zone labs product". Of course, I don't trust them not to be impartial so I
> thought you guys could provide some help.
> 1. Are client side firewalls worth having (yes)
> 2. Have you had any experience with Zone Labs
> 3. If not, what client firewall product would you recommend?
>
> Thanks a lot
>
> Grant Orchard
> IT Coordinator
> Australian Water Services
> 02 9224 7916
> 0403 457 315
>
>
>
>              staylor@velectric
>              .com
>                                                                         To
>              05/10/2004 06:50          securityfocus () delahunty com,
>              AM                        security-basics () securityfocus com,
>                                        Grant.Orchard () aws aust com
>                                                                         cc
>
>                                                                    Subject
>                                        RE: Client End Firewalls
>
>
>
>
>
>
>
>
>
>
>
>
>
> What would be a good one to implement? I would be interested in knowing:
> 1. Would you train all employee's on managing the local firewall?
> 2. Would you just have your IT people configure it and not let individual
> users mess with it?
> 3. It seems it could create a lot of administration overhead.
>
>
> Thoughts on this would be greatly appreciated.
>
>
> Scott
>
>
> -----Original Message-----
> From: Steve [mailto:securityfocus () delahunty com]
> Sent: Thursday, September 30, 2004 6:21 AM
> To: security-basics () securityfocus com; Grant.Orchard () aws aust com
> Subject: Re: Client End Firewalls
>
>
> These can be very effective at blocking incoming traffic to the
> workstations
> and also the ones like from Symantec get firewall policy/rule updates
> downloaded periodically.
>
>
> Consider the situation where some of your folks with laptops are at a
> customer site, or a vendor site - they are wide open to threats without
> desktop firewall protection.  Consider the situation where a worm gets
> inside your network somehow, it will bounce around infecting many machines
> if there is no desktop protection.
>
>
> ----- Original Message -----
> From: <Grant.Orchard () aws aust com>
> To: <security-basics () securityfocus com>
> Sent: Tuesday, September 28, 2004 12:27 AM
> Subject: Client End Firewalls
>
>
>
>
>
>
>
>
>
> Hi guys,
>
>
> How much protection do you believe client side firewalls provide? My boss
> has asked for my thoughts on a system like Zone Labs are now offering. Can
> anyone provide me with their thoughts on what benefits this actually
> provides?
>
>
> Many thanks
>
>
> Grant Orchard
> NOTICE - This e-mail (and any attachments) is confidential. It may contain
> privileged information or copyright material. You should not read, copy,
> use or disclose it without the written authorisation of AWS.  If you are
> not an intended recipient, please contact AWS by return e-mail and then
> delete both messages.  AWS does not accept liability in connection with
> computer virus, data corruption, delay, interruption, unauthorised access
> or unauthorised amendment.