A
AAH
Any comments on Jetico and Outpost
Firewalls comparing with Kerio's free version?
Thanks.
Firewalls comparing with Kerio's free version?
Thanks.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
E
elaich
Any comments on Jetico and Outpost
Firewalls comparing with Kerio's free version?
Thanks.
Outpost Free is no longer developed and hasn't been for many moons. I tried
it here and didn't really care for the interface. YMMV.
I've read conflicting reports on Jetico, which I believe is still in beta,
and will probably go pay when finished. Kerio version 4 is garbage.
A
Aaron
Any comments on Jetico and Outpost
Firewalls comparing with Kerio's free version?
Thanks.
By kerio free version do you mean 4.x series or 2.15?
Jetico is nice to play with, but rule management is a nightware.
When an existing preapproved file is replaced and the md5 hash changes,
most firewalls will warn you that the file has changed and ask if you
want to allow. If you allow, it will just update the rule with the new
signature of the the file automatically.
For jetico, it doesn't care, you are just asked to create a new rule. So
if the file changes a lot, you get a lot of different rules.
The rule setting is also very complicated, the rules jump from table to
table instead of all being in one page , so you have to be able to follow
the logic of the rules.
Also You have to be pretty experienced to make sense of the 3 different
rule types. Some of the terminology might also throw you off.
On the plus side, Jetico claims to beat most leak tests, but the cost is
that you will have to management additional rules for handling "process
attacks" which are basically not network related events but behaviors
like memory injection, dll injection etc.
All in all, if you belong to the ZA free school of users, Jetico is
definitely too complicated for you. If you are used to rule based
firewalls like Kerio 2.15, you might try Jetico, but even then be
prepared to dig in a bit.
Outpost free version I played with a long time ago. The Pro version is a
totally different beast but very good.
R
Richard Steinfeld
Aaron said:Jetico is nice to play with, but rule management is a nightware.
When an existing preapproved file is replaced and the md5 hash changes,
most firewalls will warn you that the file has changed and ask if you
want to allow. If you allow, it will just update the rule with the new
signature of the the file automatically.
For jetico, it doesn't care, you are just asked to create a new rule. So
if the file changes a lot, you get a lot of different rules.
The rule setting is also very complicated, the rules jump from table to
table instead of all being in one page , so you have to be able to follow
the logic of the rules.
Also You have to be pretty experienced to make sense of the 3 different
rule types. Some of the terminology might also throw you off.
On the plus side, Jetico claims to beat most leak tests, but the cost is
that you will have to management additional rules for handling "process
attacks" which are basically not network related events but behaviors
like memory injection, dll injection etc.
All in all, if you belong to the ZA free school of users, Jetico is
definitely too complicated for you. If you are used to rule based
firewalls like Kerio 2.15, you might try Jetico, but even then be
prepared to dig in a bit.
Outpost free version I played with a long time ago. The Pro version is a
totally different beast but very good.
How can I find out more about Jetico? This is the first time I've heard
the name.
I've been using Sygate Personal and have used a bundled version of it
earlier, so I'm familiar somewhat with rules-based firewalls. Sygate is
application-based for ougoing monitoring. And yes, one has to be alert
and not just pass a connection when one's guard is down.
I have had two personal problems with Sygate:
- "Background" process activity -- not too bad on its own, but
over-the-top when even more intensive Avast antivirus is added (causes
audio to hiccup and metronome programs to be syncopated).
- A brick wall: there's a limit of 20 rules. That's it!
I've hit that wall.
Does Jetico impose limits?
Richard
W
wolfgang schneider
@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
The rule setting is also very complicated, the rules jump from table to
table instead of all being in one page , so you have to be able to follow
the logic of the rules.
if you'ld have a look at the system of ruling you'ld see that it's very
easy and secure and comfortable if you start from "all forbidden"
instead of getting "asked for any" shit .
after some years of trying several free and "expensive" the jetico is my
favour since it was published and the beta of them is more stable than
some other "production releases" .
R
Richard Steinfeld
wolfgang said:if you'ld have a look at the system of ruling you'ld see that it's very
easy and secure and comfortable if you start from "all forbidden"
instead of getting "asked for any" shit .
????
after some years of trying several free and "expensive" the jetico is my
favour since it was published and the beta of them is more stable than
some other "production releases" .
Thanks for the coments, Wolfgang.
If you've had any experience with Sygate (free or paid) can you compare
the two programs for me?
Richard
W
wolfgang schneider
Thanks for the coments, Wolfgang.
If you've had any experience with Sygate (free or paid) can you compare
the two programs for me?
Richard
there are already enough reviews in the inet . have a quick look at them
..
i mean , have a look at it yourself , try both and depending on your
likes and dislikes you'll find the right for you . no use for very good
progs if you feel them not to be that way !
A
Aaron
How can I find out more about Jetico? This is the first time I've
heard the name.
Google is your friend?
I've been using Sygate Personal and have used a bundled version of it
earlier, so I'm familiar somewhat with rules-based firewalls. Sygate
is application-based for ougoing monitoring. And yes, one has to be
alert and not just pass a connection when one's guard is down.
Jetico is going to drive you nuts compared to sygate.
1)It has this
"Allow network connection" rule that often triggers even for programs
that don't eventually connect outbound. It's unclear to me what this rule
is actually triggering on actually, the help file isn't much help.
2)Problem with not automatically updating md5 hashes of programs, if you
don't do proper management, eventually the "ask user" portion of the
firewall rules is going to get very very long.
3)"System attack" tables. If you run most antispyware or antivirus during
scans it will keep popping up warnings about how memory injection is
occuring for each process running in memory. If you are smart, you will
setup a rule for the attacker process but leave the application field
blank, so it will work for all.
You will also get warnings about hidden windows etc etc.
I have had two personal problems with Sygate:
- "Background" process activity -- not too bad on its own, but
over-the-top when even more intensive Avast antivirus is added (causes
audio to hiccup and metronome programs to be syncopated).
- A brick wall: there's a limit of 20 rules. That's it!
And of course the infamous loopback control problem
http://forums.sygate.com/vb/showthread.php?threadid=7813
Does Jetico impose limits?
No.
A
Aaron
????
Indeed. It's kind of impossible to run any firewall in deny all mode,
without first training it. And that is when the popups will begin.
Jetico is a big step up really, but it's worth playing with, if you have
a lot of time and enjoy fiddling hours and hours with lots of rules
F
Franklin
On Sat 27 Aug 2005 22:11:33, Richard Steinfeld wrote:
And each program you pass on a permanent basis will need to have
server rights disabled manually in the Applications menu. :-(
I think it is likely to be Avast Antivirus which is drawing the
power. Sygate is pretty undemanding. As an alternative to Avast
you could try AntiVir which needs less power but it looks and
feels and runs rather differently.
20 rules is quite a lot. What are you using them for?
How can I find out more about Jetico? This is the first time
I've heard the name.
I've been using Sygate Personal and have used a bundled version
of it earlier, so I'm familiar somewhat with rules-based
firewalls. Sygate is application-based for ougoing monitoring.
And yes, one has to be alert and not just pass a connection when
one's guard is down.
And each program you pass on a permanent basis will need to have
server rights disabled manually in the Applications menu. :-(
I have had two personal problems with Sygate:
- "Background" process activity -- not too bad on its own, but
over-the-top when even more intensive Avast antivirus is added
(causes audio to hiccup and metronome programs to be
syncopated). - A brick wall: there's a limit of 20 rules. That's
it! I've hit that wall.
I think it is likely to be Avast Antivirus which is drawing the
power. Sygate is pretty undemanding. As an alternative to Avast
you could try AntiVir which needs less power but it looks and
feels and runs rather differently.
20 rules is quite a lot. What are you using them for?
A
Amamba
Franklin said:On Sat 27 Aug 2005 22:11:33, Richard Steinfeld wrote:
And each program you pass on a permanent basis will need to have
server rights disabled manually in the Applications menu. :-(
I think it is likely to be Avast Antivirus which is drawing the
power. Sygate is pretty undemanding. As an alternative to Avast
you could try AntiVir which needs less power but it looks and
feels and runs rather differently.
20 rules is quite a lot. What are you using them for?
I've tried all freeware there was for A/V and FW about a year ago. I
had Avast until it failed VB100. I switched to Grisoft AVG and I
absolutely love it, takes much less system resouces, a very clean
interface, seamless updates.
As for the firewalls, I tried Outpost, Zone Alarm, and Sygate. Stay as
far away as you possibly can from ZA. It's a death wish for your
system. It starts fine and then slowly but surely grinds everything to
a halt.
Outpost is fine, but AFAIK they stopped development of the free
version.
Sygate is what I stuck with - very simple, inobtrusive, and reliable.
Of course you have to watch what process you grant access to.
J
Jan
I have been using ZA for years and I beg to differ. Grinds what to aI've tried all freeware there was for A/V and FW about a year ago. I
had Avast until it failed VB100. I switched to Grisoft AVG and I
absolutely love it, takes much less system resouces, a very clean
interface, seamless updates.
As for the firewalls, I tried Outpost, Zone Alarm, and Sygate. Stay as
far away as you possibly can from ZA. It's a death wish for your
system. It starts fine and then slowly but surely grinds everything to
a halt.
Outpost is fine, but AFAIK they stopped development of the free
version.
Sygate is what I stuck with - very simple, inobtrusive, and reliable.
Of course you have to watch what process you grant access to.
halt? My PC's have always run fine with ZA.
A
Amamba
Well, you're among the lucky 30% then.
My ZA ran fine for about 4 mos, then started to slow down my system
more and more drastically, hang, etc. The first time I did a clean
uninstall / reinstall and got it working for another couple of months.
The second time around I did a check on the net and found it to be a
known and rather widespread problem.
Anyway, I've been very happy with Sygate for about 2 years now.
My ZA ran fine for about 4 mos, then started to slow down my system
more and more drastically, hang, etc. The first time I did a clean
uninstall / reinstall and got it working for another couple of months.
The second time around I did a check on the net and found it to be a
known and rather widespread problem.
Anyway, I've been very happy with Sygate for about 2 years now.
M
Mel
Amamba said:Well, you're among the lucky 30% then.
My ZA ran fine for about 4 mos, then started to slow down my system
more and more drastically, hang, etc. The first time I did a clean
uninstall / reinstall and got it working for another couple of months.
The second time around I did a check on the net and found it to be a
known and rather widespread problem.
Anyway, I've been very happy with Sygate for about 2 years now.
I've been using ZoneAlarm free version for years, I've
also used various versions of Kerio, Tiny, Sygate
and also ZA pro.
ZA has caused very few problems, although I did have a
recent problem with the obsolete version of ZA I was then
using causing a lockup after installing a troublesome windows
98 security fix, forcing me to upgrade ZA (although the patch
seems to be the real issue).
I've also had crashes after installing a certain version of Kerio, and
Sygate would fall over or lock up my system when it went to standby
mode.
Of these ZA seems to use the least processor time, with Kerio 2.1x
coming in a very close second. Sygate uses the most, so much so,
that transferring files across the Local network is slowed to a crawl
by the processor usage hitting 100% - even installing Sygate causes the
"idle process" CPU usage to drop by 10%+ .