The beauty of this method is that users do not need to install or configure any component on their own system. Enterprise software suites (or in the case of Windows Live, a Web-based service) will manage their own update program. This means that the attack signature database is automatically updated centrally so that the protection program always does the same job. The drawback in this approach is that solutions are often compromised due to the absence of the best protection program and the opportunity to exploit may slip through. In addition, they do not support all older versions of Windows.
IT managers looking for ways to control a PC are not subject to any management, such as those of home workers or temporary workers, not official employees. 'A few years ago, after the attack of the Blaster worm they found that traditional anti-virus and intrusion detection systems are now too simple and have no effect,' Weiss said.
Weaknesses of Windows Firewall
The biggest drawback of Windows Firewall is based on Windows' built-in personal firewall (or Mac OS). 'Personal' labels make Windows Firewall distinguishable from enterprise firewalls, which protect the entire corporate network from attacks. Personal version only works on desktop computers.
Based on the built-in personal firewall provided by the operating system is not a good security solution, because users can easily turn off the firewall (by chance or intentionally) but forget to turn it back on when needed. With many older versions of the operating system, namely Windows XP and some earlier versions, the built-in firewall often provides a protection program that does not satisfy users, even giving a false sense of security.
For example, Windows XP only starts to integrate a firewall with operating systems from Service Pack 2 and above. However, the XP firewall only protects internal connections, not preventing threats from outside the network boundary. That is, any potential danger, for some reason finding a way to penetrate a user's hard drive, can proceed to take control of the computer and use it to send it. Attacks or botnet attacks. ' The key factor in computer security is to protect the network from attacks from outside the border, where sensitive information goes out ' (Robertson).
' SP2 has patched a lot of bugs, made XP stronger and Internet Explorer much safer ,' said Igor Pankov, Agnitum's product marketing manager. ' But SP2 doesn't do much to improve overall security integrity, because malware, whether more or less, always sends personal data out of network boundaries .'
Vista and Windows Live OneCare management services are always built with their own firewall with slightly more advanced capabilities. But the default Vista firewall can only protect connections in the border. It is possible to configure the protection program on the border but it is not simple and somewhat beyond the reach of the average user. ' Vista inherits many features and is more secure than previous versions of Windows, but not perfect, ' said Shane Coursen, a Kaspersky Labs expert technical consultant.
Balancing a safer and easier to use problem has created a built-in firewall replacement market on Windows. These programs can also be used for remote users or mobile users, working outside their organization's intranet.
Third-party personal firewall
Two basic methods do not meet the requirements and instead, the third one is frequently used: combining a more powerful firewall on each desktop with a centralized security device or a security suite honey. This is the core of existing security products in the market, such as Cisco, Consentry, Juniper, Lockdown Networks and Mirage Networks. They all implement a tool to monitor the status of each network device and ensure they are safe.
But these solutions are often very expensive and take a long time to deploy. A better option is to use a third-party personal firewall such as Zone Labs of CheckPoint Software, Panda Software, Prevx and a number of others, as shown in the summary table below:
Product Address (URL) Main component
Panda Software Client Shield 2006
Pandasoftware.com
Support Windows 98/2000, enterprise version.
Zone Alarm Internet Security Suite v7.0, CheckPoint Integrity
Zonelabs.com
There is a free version (only firewall) and money collection;Product suite includes IM and antivirus / spyware protection
Prevx v1.0
Prevx.com
Free blocking, but it costs $ 25 a year to change or reconfigure.
Jetico Personal Firewall v1.01
Jetico.com
Free, for Win98 / 2000
Agnitum Outpost Pro v4.0
Agnitum.com
For Windows 64-bit and Win98 / 2000;Function: anti-malware / spyware
Kaspersky Internet Suite v6.0
Kaspersky.com
For Windows 64-bit and Vista support;Components: anti-malware / spyware
Third party personal firewall product
Benefits from using these products have been shown in practice. They effectively protect the desktops and better prevent the exploitation of the vulnerability against the attack capabilities of many people across the enterprise network.
A good example is the telecom company VAR Tele-Verse that uses Symantec's Norton antivirus software to protect Windows 2000 20-plus series about 9 months ago, when a detected computer was attacked. by viruses and spread to the entire machine in the company. ' It took us almost a day to find the program that could kill this virus, including updating the latest version of Norton on all machines, ' said Scott Rendell, managing Tele's operations. Verse recounted. ' Finally we found Prevx and it saved the company. It works very easily and quickly detects the problem, then immediately isolates the virus. We didn't have any trouble after that time . '
Prevx regularly checks for updates with new signs and also detects the virus-like activity of the application. Several other third-party personal firewall products have also begun to incorporate similar techniques. And security researchers are spending a lot of time checking and finding ways to remove malware without requiring specific signs.
Finding the best personal firewall is not easy. IT managers will need to check a large number of desktop and application configurations before making any decisions. They must ensure two factors: what can be protected and easy to use in everyday computing activities. ' The challenge lies in how to minimize the additional software management burden for additional desktop protection programs ,' said Weiss's CheckPoint. ' Enterprises always have a certain limit on the number of different software they want to support .'
A number of independent testing has been conducted to determine the effectiveness of personal firewalls. One of them is Firewall Leak Tester. A variety of different products are included and a test program to determine whether firewalls can prevent certain types of attacks from any threat. IT managers can evaluate the test program and determine the corresponding strength on each product.
One of the surprising points discovered from these test programs is the difference between the free version and the paid version of Zone Alarm. The free version can only eliminate 27 different types of attacks while the paid version can eliminate nearly 20 more.
The personal firewall rated at the top is Jetico. The firewall is completely free, but it is not easy to configure. If using this product, IT managers will need a lot of time to set up and put it into operation for each user. The test shows that Jetico is difficult to configure, especially for users using Internet multi-function applications, not just e-mail and Web browsing.
The other two firewalls are also at the top of the list: Outpu Pro firewall of Agnitum and Internet Labs of Kaspersky Labs. Both are commercial products, which have been on the market for several years. Both integrate personal firewalls with anti-virus and anti-spyware programs. Kaspersky supports Vista as well as older Windows versions.
Some manufacturers start putting personal firewalls as part of a comprehensive unified security solution for companies. Often they distribute endpoint security software better or simply combine separate business and personal product lines together. An example is the case of Symantec with Client Security, Integrity of CheckPoint Software and Open Space Security of Kaspersky. All three personal firewall lines are combined with overall enterprise management tools.
The problem is not where you choose which product, but it is important to quickly start evaluating personal firewalls. ' For laptops, you should choose the best security solution with anti-virus, anti-spyware and firewal functions ,' said Robertson of Software Security Solutions. ' It's time to start thinking about the required requirements in personal firewalls as an extremely important tool for remote users '.