There has been quite a bit written recently about the computer software firewall tests performed by Matousec and the results posted here.
I would like to make a number of comments on this topic:
- I do recommend using both a hardware firewall, preferably a top notch true firewall like a Fortinet, but I fully realize that the cost for that is prohibitive in most home environments, and a software firewall. If you value your business however, it’s a no brainer to buy a Fortinet or equivalent.
- I also support the use of a software firewall, which is what the above test results are regarding. Here is where the rub comes in.
- A quality hardware firewall will protect you from the outside (inbound attacks), and can give you good outbound protection if configured properly.
- The software firewall is probably what is giving you outbound protection. BUT, only if the user understands what’s going on. As I and others have written many times, what good is a prompt from a software firewall that says “Program lsass.exe wants to connect to the Internet. Approve or Deny?“. One writer indicated that you have to be somewhat savvy to know what to do with this kind of message. I counter with – Who, including most PC Guru’s, truly know what to do with most messages of this kind? Helpful – NOT!
- Further, specifically regarding the test mentioned above, I draw your attention to a comment by LavaSoft a bit further down the page from those results: “2008-05-20 (Lavasoft Personal Firewall 3.0.2293.8822 scored 70%): Thank you very much for your inclusion of the Lavasoft Personal Firewall 3.0 in the Matousec research. Upon review of the results, we were surprised to find that the Lavasoft Personal Firewall program received a ‘good’ rating and could not be a recommended firewall, whereas our firewall technology partner, Agnitum, received an ‘excellent’ score with recommendations for the same firewall technology. We hope that you will take this under consideration with your next round of research, and continue your good work.Michael Helander
Vice President
Lavasoft” The answer, of course, is that the tests weren’t the same of every product! Then how can the results be of much value? - You can spend all of your working day tracking down the best component of a good computer security suite. Find the best firewall today, it’s the worst (according to someone’s test) tomorrow. Same with Antivirus, same with Antispam. This is particularly frustrating if you have paid products and not free products. The solution is to accept that you will never have the best of everything for long. And never will every reviewer or tester agree which is the best in any category.
- Since your chance of infection of some type, as I have long said, depends in greatest part on YOUR INTERNET SURFING BEHAVIOR, keeping your PC clean has more to do with you than it does the security products you install on it.
My Recommendation:
- Examine your surfing habits, I’ve written on this before.
- Don’t rely on free computer internet security products if you want a fire-and-forget solution. Free requires (IMHO) a bit more savvy and work on your part.
- If you are buying a product, get one that is well respected even though it may not always score at the top of every single test; then only OCCASIONALLY check those test results. They change daily and may be skewed by any number of factors, not the least of which may be a financial tie somewhere.
- Do make sure whatever computer internet security suite or combination of products you use stays up to date. If you don’t understand how to do this then you definitely want to buy a competent product with a free trial and tech support.
Some recommended Computer Internet Security Software (Paid):
ZoneAlarm Internet Security Suite – My novice computer user clients find this easier to use than most
TrendMicro Internet Security Suite – Never scores the highest in all tests, but a long term success story
Lavasoft – This is a personal firewall only, NOT a full suite; also highly recommend AdAware product
Free Computer Internet Security Softare:
For right now I will leave this debate alone. Tempers run high in this area (why? – it’s like Yankees vs Red Sox..) so I will leave that to another post. I have offered many recommendations in the past in other posts and newsletters and will likely update from time to time.
