Defensive Computing Subscribe to Defensive Computing
July 12, 2008 6:12 PM PDT

Two recommended Windows firewalls

Posted by Michael Horowitz

Finding a new firewall program has been on my to-do list for a long time. I was a long time fan of the free version of ZoneAlarm, but the upgrade from version 6 to 7 was a put-off. The file size increased tremendously (it's now 44.6MB) and the functionality hardly changed at all. That made me suspicious of what all that extra code was there for. Still, old habits die hard and I was used to it like an old pair gloves. But a few days ago, when a bug fix for Windows broke ZoneAlarm, and no other firewalls, it lost my confidence.

I can't yet recommended a firewall based on personal use, but someone I trust, Scot Finnie, recommends two. Scot, who now works for Computerworld, has been writing a free newsletter for years. I was lucky enough to discover it long ago and I've come to trust his recommendations. Recently, it morphed into a blog.

Back in March, Scot wrote The Best Firewall Software of 2008: Online Armor, the final chapter in his 19 month investigation of firewalls. That's not a typo, he spent a year and a half researching firewalls.

Cutting to the chase, he recommended two firewalls: Online Armor 2.1 and Comodo Firewall Pro 3.0.

In his own words, "Tall Emu's Online Armor 2.1 is The Scot's Newsletter Blog Best Firewall Software of 2008 ... [with] the best blend of a high degree of protection with a high level of usability."

There is a free and a paid version of Online Armor, Scot reviewed and recommended the paid version. Vista users are out of luck, Online Armor only works with Windows XP (32 bit only) and Windows 2000.

Scot felt that Comodo Firewall Pro 3.0 offered excellent security, but that it was high maintenance and thus more appropriate for techies. He doesn't like being frequently interrupted by firewall alerts, a sentiment I agree with. Comodo Firewall Pro is free and works with Windows XP (both 32 and 64 bit) and Vista.

A big reason I liked ZoneAlarm was ease of use. When it popped up an alert, the explanation of why was simple and clear. Likewise granting permissions to programs couldn't have been easier. I tried a handful of firewalls and none came close in terms of ease of use.

Once, when I was teaching a class, and a student brought in a screen shot of an alert from the Norton firewall asking what it meant. It wasn't clear if the firewall was asking the user something or telling them, let alone whether the alert was about something coming in to the computer or going out. If you watch, the TV show Boston Legal, think word salad. And, I know the lingo.

Ease of use was a big reason that Scot recommended Online Armor, saying "Online Armor's user experience is on par with ZoneAlarm Free and Sunbelt Personal Firewall -- the two firewalls I've pointed to in the past as having the best user interfaces in this field."

Part of this entails running silently, after the initial getting-to-know-you period that any firewall requires. As Scot put it "When pop-ups are too repetitive or too frequent, it's only human nature for a large segment of the user base to start ignoring them. That behavior leads to a severe loss of security." I agree completely, as, I'm sure, many Vista UAC users do too.

The criteria Scot used in his evaluation were "usability, company support, stability, compatibility, and bug resolution". Sounds perfect to me.

Another thing I agree with Mr. Finnie on, is a dislike of all-encompassing software suites. Both his recommended firewall programs are just that, firewalls. Nothing more. As he puts it:

"The impetus for this review came after more than a decade of using and reviewing multifaceted, everything-but-the-kitchen-sink security suites such as Norton Internet Security. When I kicked that habit, I looked around for something better and realized that most mainstream computer publications were for the most part reviewing only the big-name, large-footprint products. It was clear to me that there was a better way that involved selecting a small set of best-of-breed security products that work well together."

I never heard of Tall Emu, the company behind Online Armor. But, Scot was impressed with them:

"What's especially impressive about the talk and actions emanating from Australia-based Tall Emu is a strong corporate culture that values communication, honesty, a willingness to talk openly about problems, a responsive attitude, open-mindedness, and respect. I'm not sure how to say this, but I trust Tall Emu to do the right thing. I can't remember the last time I felt that way about a software company in the post-Microsoft-antitrust era."

A small point in the article bears repeating. Someone with a single computer connected to a broadband modem, doesn't need a router. Technically. Yet installing a router is nonetheless a good thing - for the firewall. Rather than depend on a single software firewall (Windows security and all that that entails) the hardware firewall in a standard, relatively cheap, consumer router provides an extra layer of defense.

It's a very long article but well worth reading.

On July 16, 2008, I wrote up my first impressions of Online Armor

See a summary of all my Defensive Computing postings.

Topics:

Software,

Windows,

Firewall

Tags:

Zone Alarm,

Online Armor,

Tall Emu,

Comodo

Bookmark:
Digg
Del.icio.us
Reddit
Recent posts from Defensive Computing
Why can't Firefox print as well as Internet Explorer?
Summarizing the Nvidia problems with laptop chips overheating
In a pinch, GoDaddy and Typepad let a customer down
The market share of Firefox vs. Internet Explorer
Netflix computer problems continue
Add a Comment (Log in or register) 9 comments (Page 1 of 1)
by soccer18 July 12, 2008 7:23 PM PDT
My computer was recently rendered unable to connect to the internet. I run Zone Alarm as well (I've been extremely happy with it) but the recent security update from microsoft conflicted with it and shut down all internet access. Zone Alarm has issued a fix by way of a product update on their website. I installed that and then re-installed the security update and everything is working just fine.
Reply to this comment
by Scopip July 12, 2008 8:21 PM PDT
I find this all ironic. I recently had to re-install, and felt very deceived by the mandatory zone-alarm update also. In less than 10 mins, I found armor2net, and do like it a lotl.

Both AVG and Zone alarm my old favs, hit the dump real fast. Life of the internet.....

back to avast, / armor2 net
Reply to this comment
by The_Decider July 12, 2008 8:30 PM PDT
Comodo adapts to its user quite nicely. You can put it in dumbed down mode for the masses or let it give you all the control you need.
Reply to this comment
by john55440 July 12, 2008 8:53 PM PDT
Norton Internet Security 2008 is an excellent program, and proof that Symantec is moving in the right direction.
Reply to this comment
by jgfuller July 13, 2008 1:43 PM PDT
Maybe I've just been lucky, but I run the Windows [xp] firewall, Windows Defender, and AVG free, and have had no problems. I do practice Safe Computing, with regards to opening suspicious e-mails and attachments, and am careful about web sites. So far, so good.
Reply to this comment View reply
by buchpteclare July 16, 2008 8:02 AM PDT
I just dumped ZA - which up to last week had been reliable. I replaced it with Online Armor - which looks like a keeper. Easy to install, and clear in its use.
Reply to this comment
by Maxweel August 3, 2008 5:28 PM PDT
By the time, ZA Pro has had a lot of trouble dealing with Vista (and it's definetively the firewall, not the OS), so I decided to try something new. This post was decisive, thank you: I will try Comodo and give feeedback as soon as I can.
Reply to this comment
by rharmon618 August 14, 2008 8:40 AM PDT
Let's see if I got this right - a Windows bug caused a problem with ZA so this caused people to search for another firewall. What are you going to do when another Windows bug causes problems with the new firewall? Research and find another? Why not change the operating system instead?
Reply to this comment
Powered by Jive Software
advertisement

  • About Defensive Computing

  • Michael Horowitz is an independent computer consultant and the author of several classes on Defensive Computing. He views Defensive Computing as taking steps, when things are running well, to avoid or minimize the inevitable problems down the road. It's about educating yourself to the level where you can make your own intelligent decisions about keeping your computers and data happy and healthy. If you depend on computers, yet are on your own, without an IT department or nearby nerd, this blog's for you. His personal web site is michaelhorowitz.com.

    He is a member of the CNET Blog Network and is not an employee of CNET.

    Disclosure.

Add this feed to your online news reader
Google
Yahoo
MSN

Defensive Computing topics

Latest tech news headlines

All News.com headlines »

Featured blogs

Beyond Binary by Ina Fried

Coop's Corner by Charles Cooper

Defense in Depth by Robert Vamosi

Geek Gestalt by Daniel Terdiman

Green Tech

One More Thing by Tom Krazit

Outside the Lines by Dan Farber

The Iconoclast by Declan McCullagh

The Social by Caroline McCarthy

Underexposed by Stephen Shankland

advertisement
Welcome (log out) |View profile
Log in | Sign up Why join?
On MovieTome: TRANSFORMERS 2 SPOILERS!
Advanced
search
Advanced
search
Visit other CBS Interactive sites