Keeping the outside out: Seven desktop firewalls tested

How we tested

The software was installed on a typical system, an Excel 2700C Notebook with a 1GHz Pentium III processor, 256MB of RAM, running Windows 2000 SP2.

We conducted two tests to assess the software's ability to prevent attacks from outside:

1. The system was port scanned using nmap v3.00 with fingerprinting. This reveals if any TCP or UDP ports are visible to the outside world, which may then be attacked.

Firewalls: Introduction Check Point SecureClient Computer Associates eTrust EZ Firewall ISS RealSecure Desktop Protector Kerio Personal Firewall McAfee Desktop Firewall 7.5 Symantec Client Security 8.0 Zone Alarm Pro Sample scenario How we tested Glossary Specifications and results Editors' Choice About RMIT Test Labs

2. A ping flood attack was launched at the system using a program called jolt2.exe. This determines how vulnerable the system would be to a denial-of-service attack.

We then ran a series of basic client functions:
• Connect to a Windows share
• Browse some Web pages
• Read e-mail with a dedicated client

These tests determine the firewall's ability to detect and block software on the tested PC connecting to the outside. This is to prevent Trojans or other malicious code from sending data on the PC to the outside world, or from using the PC as a launch-pad to attack others systems.

Interoperability was based on the clients that the systems would run on and some of the management features available.

Futureproofing was based on the user friendliness and configurability of the systems, as well as their potential to be managed in a large environment.

Return on Investment was based on features of the software balanced against the cost (both software and deployment).

Service was based on documentation and support available.

• Related stories

• Alerts

Sign up for an e-mail alert

ZDNet Australia Alerts is an e-mail alert service which provides personalised news, features and reviews to readers’ inbox on an hourly, daily and weekly basis.

Alert:

E-mail: *

Frequency: *

Hourly Daily Weekly

Add alert

Add your opinion

Add your opinion

All fields are required

Subject:
Comments:
Full name:
E-mail address:

Your e-mail will not be displayed

Posting options:

Display all details Do not display details

Security Code:

You must read and type the 6 chars within 0..9 and A..F

 

central silent installs?? was ...Anonymous -- 20/05/04

central silent installs?? was in ice cap but to my knowledge not yet wriitten into SP!!

• Reply to comment
• Reply to story
• Report offensive content

You did not review the new eTr ...Anonymous -- 03/11/04

You did not review the new eTrust EZ Armor. It is different now; it consists of eTrust EZ Antivirus and eTrust EZ Firewall (which is ZoneLabs technology). So you have a good antivirus, not a resource hog, uses less space on hard drive, and "ZoneAlarm." There are not many better.

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

Login

E-mail Password (forgot?)

Login Remember

Sign up and win a iPhone3GS!

Reader Services

Popular Topics

Essentials