SafeGroup

Na

[Aby zobaczyć linki, zarejestruj się tutaj]

znalazłem dziś taki wątek na temat zapory Outposta
" Great Big Software Review

Agnitum Outpost Pro beta 7 is without question the best firewall software we have ever encountered” — our highlight conclusion.
Over the past two weeks we’ve been installing, running and uninstalling like mad. We wanted to update our experience with previously reviewed programs and add a couple to the mix.
Here’s the list alphabetically, with our conclusions:

More Info: SSO Review"

Ktoś może sprawdzić ten link "SSO review"?, bo jakoś nie mam do niego dostępu, a anons brzmi ciekawie i obiecująco?

Tu masz raczej pewniejsze żródło

[Aby zobaczyć linki, zarejestruj się tutaj]

Treść SSO Review:

Cytat: Great Big Software Review

“Agnitum Outpost Pro beta 7 is without question the best firewall software we have ever encountered” — our highlight conclusion.

Over the past two weeks we’ve been installing, running and uninstalling like mad. We wanted to update our experience with previously reviewed programs and add a couple to the mix.

Here’s the list alphabetically, with our conclusions:

Agnitum Outpost Free v 6.51 (Recommended!)
Agnitum Outpost Pro v 7 Beta (Recommended)
Agnitum Outpost “Competitive Upgrades” to Old Versions (Strongly Avoid)
Ashampoo Firewall (Waste of Time)
Avast! Free v 5 (Recommended!)
Comodo Firewall v 4 (Needs Improvement)
Online Armor (Waste of Time)

Disclosures

The programs fall within very distinct categories.

Online Armor and Ashampoo each represent the most basic firewalls. We liked the user interface of Online Armor and no one can complain about the simplicity each of these programs offers to users. But the simplicity is the problem.

There is no ability to control these programs beyond the absolute basic of allowing applications or not. In the case of Online Armor, even that ability is extremely restrictive.

The bottom line for these products is they no longer serve a useful purpose. The Windows Firewall included with the operating system actually exceeds the feature set of Ashampoo Firewall (free) and Online Armor (free). We feel it is pointless to go into detail about these two programs because, respectfully, it is a waste of one’s time to even download them.

Comodo Personal Firewall lives on the other end of the spectrum, with extensive user options. We have long advocated the the late version 3 offerings of Comodo Firewall but we started having reservations when the firewall was too tightly integrated with Comodo’s anti-virus solution. But we realized that it is unreasonable to maintain content relating to a seriously out-of-date version so we took the newest version for a spin.

We continue to appreciate the range of Comodo Firewall. It can be relatively easy to operate for a novice but provides commercial-class options for serious security geeks to refine, fine tune and target.

We had no trouble importing our existing rule set which is large. One of our significant tests of firewalls is their ability to target specific IP addresses as compared to the wholesale permission to the entire internet address space. The reason many programs avoid that level of control is that most consumer-users will either not use it or become frustrated and give up on the firewall.

This is a serious concern. If users feel so annoyed or so overwhelmed that they disable the core security measures, the result is exposure for everyone. Every unprotected computer is a source of attack against us all.

So we consider the ability to fine tune firewalls to be an important, but not essential feature. An issue arises when a program does offer that level of control but does so badly in some way.

Our experience with the newest versions Comodo Firewall is that it causes extreme performance degradation.

We went into the exercise actually biased in favour of Comodo. We think they do a lot of good work as a company.

But we cannot ignore the fact that frequently, very frequently, Comodo was pulling 100% on our CPU. While working in any other program, things would suddenly grind to a halt while Comodo went about doing whatever it is that it was doing.

We are also concerned that important questions in the Comodo support forums are ignored or trivialized. In one case a user wanted to understand why cmdagent.exe was constantly doing outbound connects when he had turned off auto-updating. The Comodo “Helper” Agent had no apparent reason for this behaviour. The question was never answered.

A similar question was asked related to a user who had configured to not be a member of the “threat cast” community because he did not want anyone maintaining a record of every web site he visited. Despite having declined that opportunity he too observed frequent outbound connections from Comodo Helper Agent. The purpose of these connections was never explained.

Given the performance issues and the lack of answers to basic privacy questions, we have to conclude that Comodo Firewall needs improvement. We are not willing to rule it out or issue an avoid recommendation because it is a fine piece of technology. Performance issues are inconsistent — most users do not report experiencing the problem and those that do may be stretching the feature set to its maximum. Simply, we believe that Comodo is a worthy alternative and for the technically inclined it is worth an experiment. For the average consumer user, it is quite possible that the performance issues will not appear because they do not place heavy demands — such as thousands of individual rules — on the software. So we conclude that Comodo’s firewall can stand some improvement.

The gem of personal free firewalls is Agnitum Outpost.

It provides more than enough flexibility for demanding users while ensuring the consumer-user can be protected without annoyance or unreasonable exposure. Outpost will automatically create rules for known applications or trusted publishers so the user is not required to deal with pop up alerts every time a new program is installed or changed. For those who want more hands on control, the automatic rule creation can be turned off.

In its default mode, Outpost handles internet connection requests the same way as the majority, which is the permission is based on the application, not the internet address. So, for example, FireFox is given permission to access the internet once and no further questions need be answered about FireFox. (If auto rule creation is enabled not even the first question will have to be answered).

If, however, you want single address control, you can have it. You can have it for all applications or only one, depending entirely on how you choose to interact with the firewall. If you prefer to have rules based on IP address alone you can do that too. This is useful when you use several applications to access specific web sites, for example FireFox and Filezilla and Thunderbird. You do not need to choose between open access and creating three separate sets of application rules. Instead you can create one “System-wide” rule.

It is also a terrific feature that Agnitum allows you to use web urls rather than IP addresses. So if you want to be able to always allow access to securesurfing.net, you can actually enter “securesurfing.net” and Outpost will look up the IP addresses for you.

For both technical users and consumer-users, the ability to have the firewall automatically create rules on the fly is a big advantage. Consumer-users can simply ignore the rule set and they will be well protected. But technical users, or those just plain curious, can look up the logs to understand what is happening with their system. If they choose they can then modify the auto rules to suit their preferences or curiosity.

As good as is Agnitum Outpose Free version 6, OutPost Pro version 7 is better.

At the time of writing, our experience is with the beta of version 7 and it is the paid version, not free.

But for the few bucks the upgrade to pro costs, it is an expense we will joyfully incur. Be careful however! Agnitum has several cheap offers around the web, but they are often offers for old versions of the program. For example, there is a “Competitive Upgrade” offer at $20, but you get version 3.5 when the current version is 6.5 and 7.0 is just around the corner. Our review has nothing to do with these obsolete versions and we do not recommend purchasing an old version rather than being content with a brand new version of the free edition. Of course the best option is to pony up for a new pro version, but if you are making a decision between a $19.99 special on something that is almost 4 versions out of date or forgoing the extra features of the newest pro version, then take the free route for sure. We are disturbed that Agnitum takes this approach to recruiting new customers.

That said, OutPost v 7 is a wonderful piece of software. It includes an Anti-Spyware engine, IP Block lists, url black lists, intrusion protection, application protection, ad blocking and even file/folder security for locking up your data. Note that the version we are testing does not include an anti-virus engine, although it is available as part of the Agnitum “Suite.”

We prefer to not have bundled anti-virus, in part because we are completely impressed with Avast! and in part because we believe it is important to diversify your defense technologies.

Similarly, although almost every vendor is now offering some form of protection against “bad” web sites, we do not use the feature. The method most vendors use is to grab the web address you type into your browser and then send that web address to their own server to check against that vendor’s list of bad sites. This means that everything you do on the internet is collected by some vendor. We think that is a bad idea in general.

Agnitum’s implementation appears to be substantially different. We believe that rather than sending every one of your internet requests to its own servers, Outpost periodically downloads the list of bad sites and the filtering is done on your own computer. Which we think is good.

Still, the best way to avoid getting hit in a drive by attack or getting stung with connections in a malicious email is to use OpenDNS. We’ve reviewed OpenDNS extensively and we repeat that setting your system to use it should be considered bare minimum security. It’s easy and it is free, so just do it.

We are also not entirely pleased with the ad blocking module of Outpost Pro. At least in the beta, it is an all-or-nothing proposition. You either must block ads from all the listings Agnitum has built or you can block none of them. This is unsatisfactory because there are good reasons to allow ads from some sources. For example, we enable ads from cbc.ca. The site is — for us — a fantastic source of news and information. We get that content without charge so if the site is to continue it needs ad revenue. We block all Google ads, so we do not even see the “ad word” links. However valuable is the search engine, we will not bring ourselves to support an organization so single-mindedly set on destroying personal privacy.

These are our decisions. You may have different ones. The best software allows you to make those decisions. Unfortunately beta 7 of Outpost does not.

All the same we consider this relatively trivial, because if you are following good internet hygiene you are using FireFox wth AdBlock. In that case you have total control over what sites can display ads to you. It’s as simple as clicking on the AdBlock button and selecting “Disable on this site.”

There are dozens of nice features in Outpost beta 7, such as displaying all processes with the ability to right-click and directly edit firewall rules for any of the running processes. The level of such positive details is too great for us to cover.

We do have a wishlist for Outpost. It would be a big time saver if the rule-creation dialogue included the ability to set a system-wide IP address rule rather than requiring an application rule. We’d aslo like the ability to import URL lists into the Site Blocking. This may be a limitation of the beta since there is an import featuer for the Ad blocking list that works perfectly. We also wish there was an option to Add IP to exist rule. The current state requires the rule creation, followed by a visit to the rules manager, noting down the ip address (it’s not possible to simply copy an IP address — hint) then opening the relevant rule, entering in the ip address and after adding the new IP to the rule list, go back and delete the original auto rule. There has to be a better way. Perhaps allowing a Combine function to combine the IPs from selected rules into a single rule with an IP list.

We would also like to use wild carding in adding host names to rules, so that *.securesurfing.net fetches each subdomain for inclusion into the rule. At the very least every firewall should accommodate IP ranges in the form xxx.xxx.xxxx – yyy.yyy.yyy. The current Outpost rule systems require either a mask or individual IP entries. These features are available in other firewall programs so it is not a matter of technical mystery.

Regardless, the average user will not miss any of those features. Agnitum Outpost Pro beta 7 is without question the best firewall software we have ever encountered; ready to go for the person who wants to know nothing about their computer. Aft4er all, you don’t force yourself to become a mechanic before you drive a car.

Which brings us to a marriage made in heaven: OutPost plus Avast! Antivirus 5.

The free version of Avast is the best antivirus available. Of course it includes an anti-spyware engine, as Avast does not try to up the ante in forcing you to become a paid user. If it’s a monster hiding in software or email, Avast is designed to find it. It really is a complete anti-malware solution. Avast includes:

File system protection — the “regular” kind of anti-virus protection
Email protection — targeting the beasties that come wrapped in email you think is from a friend
Web protection — active scanning of internet traffic into your computer
File sharing protection — if you or your kids participate in one of the file sharing networks, Avast has you covere
IM (MSN/Yahoo/Skype chat, etc) — Infected files are not going to arrive by way of a chat channel
Network and software behaviour protection.

ALL of those modules are included and fully functional in the Avast! Free edition. It also includes automatic updates and strong heuristics that protect between updates.

Avast could be called A-Fast antivirus because it does its work without any noticable impact on machine resources. It has a small footprint on memory and is judicious in its use of CPU.

We have only one concern about Avast. With the unrivalled completeness of its free edition, we worry that the business model might not sustain them well into the future!

For the paid version adds functionality that you get completely from Outpost. So the paid edition of Avast includes a firewall, but a pretty basic one. It includes a script shield for Internet Explorer — but you shouldn’t be using Internet Explorer anyway.

Upgrade features that may be compelling include Avast’s new Sandbox technology and online banking protection. We dont have installed trials of the upgrade versions at this time, so express no opinion on them.