RE: Personal firewall for lambda users

["Austen, Stefan" <austen () e-Spirit de>]

In the current issue german renowned c't magazine tested 5 free personal
firewalls for windows (c't 13/2004, 14.06.2004, pages 142-147, Personal
Firewalls).

Competing are:

-Outpost Firewall
-Zone Alarm Personal Firewall
-Kerio Personal Firewall
-Securepoint Personal Firewall
-Sygate Personal Firewall

Unfortunately this article is not available online. But as you live in
lovely switzerland, you should have no problems buying the current issue. Or
maybe buy the specific article online at http://www.heise.de/kiosk/.

Have fun,
Stefan


> -----Original Message-----
> From: Alexandre Zglav [mailto:azglav () heritage ch]
> Sent: Monday, June 21, 2004 11:49 AM
> To: security-basics () securityfocus com
> Subject: Personal firewall for lambda users
>
>
>
>
>
>
>
> Hi all,
>
> I am currently studying various  personal firewal softwares for
> installation on my company's Laptops.
> Most of my users are lambda users and I wanted to make sure being
> firewalled on their laptop would be as transparent for them 
> as when their
> working in our corporate LAN.
>
> I've recently been testing Sygate Personal firewall ( now owned by
> netscreen ) and I found it pretty deceiving... The software is clearly
> designed to be used and administered on a dayly basis by 
> experimented users
> and the security level is quite low in my opinion: there are 
> continuous
> popups that come to the user asking for him to choose if he 
> should let the
> trafic for a specific application in or out ( thats quite normal for a
> personal  firewall) but a user without the admin password can 
> set a rule
> just by clicking on a button on the popup (thats quite unusual...) .
>
> So basically what I'm trying to do is to protect my users 
> from themselves
> by configuring the firewall to let very specific applications ( email
> client, web browser etc.. ) in and out, and to deny all the 
> rest so that
> the user doesnt' see any popup. Moreover I want to set real 
> admin passwords
> that won't let a user set a rule without it ( such as it was in Sygate
> PFW...)
>
> I personally use Kerio at home since three or four years  now and I'm
> pretty satisfied with it. I wanted to know what you, security 
> experts :) ,
> thought about this product.
> I know that kerio will let me do what I want with admin password,
> application specific rules and a "Deny all" rule at the end 
> of the list but
> I want to know how reliable and secure it is and if the 
> company has any
> chance to survive the next decade (or years...  :) ). Is there another
> secure and reliable personal firewall that I sohould try to 
> accomplish what
> I want to do ?
>
> Thanks for your answers.
>
> Oh and by the way my users are using Windows XP pro.
>
> See you!
> ________________________________________________
>
> IT Projects
> Alexandre Zglav
> Heritage Bank & Trust
> 12 cours des bastions
> P.O. Box 3341
> 1211 Geneva
> Switzerland
> Phone :  ++ 41 22 817 31 11
> Direct Line : ++41 22 817 32 21
> azglav () heritage ch
> www.heritage.ch
> ________________________________________________
>
> This document should only be read by those persons to whom it is
> addressed  and  is  not intended to be relied upon by any person
> without  subsequent written confirmation of its contents. If you
> have  received  this  e-mail message in error, please destroy it
> and delete it from your computer.
> Any  form of  reproduction, dissemination, copying,  disclosure,
> modification,  distribution  and/or  publication  of this E-mail
> message is strictly prohibited.
> ________________________________________________
>
>
> --------------------------------------------------------------
> -------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and 
> get $545 off 
> any course! All of our class sizes are guaranteed to be 10 
> students or less 
> to facilitate one-on-one interaction with one of our expert 
> instructors. 
> Attend a course taught by an expert instructor with years of 
> in-the-field 
> pen testing experience in our state of the art hacking lab. 
> Master the skills 
> of an Ethical Hacker to better assess the security of your 
> organization. 
> Visit us at: 
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------
> --------------

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------