Security Basics mailing list archives
Personal firewall for lambda users
From: Alexandre Zglav <azglav () heritage ch>
Date: Mon, 21 Jun 2004 11:48:37 +0200
Hi all, I am currently studying various personal firewal softwares for installation on my company's Laptops. Most of my users are lambda users and I wanted to make sure being firewalled on their laptop would be as transparent for them as when their working in our corporate LAN. I've recently been testing Sygate Personal firewall ( now owned by netscreen ) and I found it pretty deceiving... The software is clearly designed to be used and administered on a dayly basis by experimented users and the security level is quite low in my opinion: there are continuous popups that come to the user asking for him to choose if he should let the trafic for a specific application in or out ( thats quite normal for a personal firewall) but a user without the admin password can set a rule just by clicking on a button on the popup (thats quite unusual...) . So basically what I'm trying to do is to protect my users from themselves by configuring the firewall to let very specific applications ( email client, web browser etc.. ) in and out, and to deny all the rest so that the user doesnt' see any popup. Moreover I want to set real admin passwords that won't let a user set a rule without it ( such as it was in Sygate PFW...) I personally use Kerio at home since three or four years now and I'm pretty satisfied with it. I wanted to know what you, security experts :) , thought about this product. I know that kerio will let me do what I want with admin password, application specific rules and a "Deny all" rule at the end of the list but I want to know how reliable and secure it is and if the company has any chance to survive the next decade (or years... :) ). Is there another secure and reliable personal firewall that I sohould try to accomplish what I want to do ? Thanks for your answers. Oh and by the way my users are using Windows XP pro. See you! ________________________________________________ IT Projects Alexandre Zglav Heritage Bank & Trust 12 cours des bastions P.O. Box 3341 1211 Geneva Switzerland Phone : ++ 41 22 817 31 11 Direct Line : ++41 22 817 32 21 azglav () heritage ch www.heritage.ch ________________________________________________ This document should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. If you have received this e-mail message in error, please destroy it and delete it from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this E-mail message is strictly prohibited. ________________________________________________ --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Personal firewall for lambda users Alexandre Zglav (Jun 21)
- <Possible follow-ups>
- RE: Personal firewall for lambda users BĂ©noni MARTIN (Jun 23)
- RE: Personal firewall for lambda users Corne Van Dyk (Jun 23)
- RE: Personal firewall for lambda users Austen, Stefan (Jun 23)
- Re: Personal firewall for lambda users Thorsten Mandau (Jun 23)
- Re: Personal firewall for lambda users Thorsten Mandau (Jun 24)
- Re: Personal firewall for lambda users Alexandre Zglav (Jun 26)
- Re: Personal firewall for lambda users ddcrane (Jun 28)