What in your opinion is the best software firewall?
I used to like Zone Alarm but it has become bloated over time.
Was using Kerio Firewall beta 3 but it kept on prompting me at every point and I found that annoying. (every point even when looking into display properties or installing an app).
P.S. It has to be free ;)
I've tried both Black Ice Defender (note a new company has acquired it, and well the name has changed to Black Ice PC Protection) and Zone Alarm. Some of the things I've noticed:
- Can detect many intrusions without requiring one to sepcifically authorize or deny programs access to the Internet. (I'll mention something there in a bit).
- Newer versions do contain Application Protection, though unlike ZA (I haven't tried ZA Pro, so can't say if it has the same sort of feature) it does have an option to scan the programs on your comp and remember them. Upon installing, one doesn't have to answer individual prompts for every friggin program one might use to get out, telling it to remember the choices each time.
- There is also, as I remember (though I disabled App protection for a bit of a glitch) an option to put it in some kind of install mode, so what executables go onto the comp then, it will remember they're OK to run without individually prompting when one goes to run them).
- Some programs, Application Protection has problems with. For whatever reason Diablo II xpack for instance, it prompts me (even though it scanned) for running it and then going out to battle.net. I tell it yes let it connect to the Internet, yes do remember my choice and it doesn't. It still prompts. This is a reason I disabled it. It doesn't have this problem with all apps, but some. I filed a bug report, and well still waiting for an update that might finally fix such issues. Note: app protection is rather new, this is like the first or second build of this program to include this new feature.
- One of the big draw backs with BID has been that if one upgrades to a new OS, service pack, or security update the firewall component of it ceases to function. In the past (such as with win2k and then win2k SP1 they took quite awhile to update the program). When I applied winXP SP1 however, I didn't have all these hassles, and was able to get an update without waiting 2 months or more. This is one area I had wished it was less prone to breaking due to a security update, SP, or new OS, like ZA is.
- Doesn't suffer from the problem of having the firewall protection broken by and OS or service pack update like BID traditionally has. Reason I previously switched to it when I was beta testing win2k (through the different beta builds) and with the service pack and all
- The protection seems to require you know exactly what programs should get out and what one's shouldn't. When I got winXP in beta, hell if I knew many times. Lots of processes wanted to connect to the Internet, many things with names I didn't recognize. Under the beta there was no Resource Kit or documentation to indicate what all this stuff was, and not everything used the same name as in win2k (for ZA's prompting). Less intutive blocking, depends on user knowing how to answer prompts to have it remember it for latter on. With XP, I switched back to BID after an XP supported version of it came out for this reason.
- If one needs to format and reinstall the OS, one will have another period of user prompts galore before one finally has the firewall broken in. Having the ability to scan one's drive and have it remember without always prompting, what programs the user installed, etc (like BI PC Protection) would help, but without the bugs where some programs...it has trouble with.
In the above, I can only speak from having used the freeware version of ZA, can not speak for ZA Pro however.
vBulletin® v3.8.6, Copyright ©2000-2013, Jelsoft Enterprises Ltd.