Two recommended Windows firewalls

Scot Finnie recommended two firewall, and I trust his advice.

Finding a new firewall program has been on my to-do list for a long time. I was a long time fan of the free version of ZoneAlarm, but the upgrade from version 6 to 7 was a put-off. The file size increased tremendously (it's now 44.6MB) and the functionality hardly changed at all. That made me suspicious of what all that extra code was there for. Still, old habits die hard and I was used to it like an old pair gloves. But a few days ago, when a bug fix for Windows broke ZoneAlarm, and no other firewalls, it lost my confidence.

I can't yet recommended a firewall based on personal use, but someone I trust, Scot Finnie, recommends two. Scot, who now works for Computerworld, has been writing a free newsletter for years. I was lucky enough to discover it long ago and I've come to trust his recommendations. Recently, it morphed into a blog.

Back in March, Scot wrote The Best Firewall Software of 2008: Online Armor, the final chapter in his 19 month investigation of firewalls. That's not a typo, he spent a year and a half researching firewalls.

Cutting to the chase, he recommended two firewalls: Online Armor 2.1 and Comodo Firewall Pro 3.0.

In his own words, "Tall Emu's Online Armor 2.1 is The Scot's Newsletter Blog Best Firewall Software of 2008 ... [with] the best blend of a high degree of protection with a high level of usability."

There is a free and a paid version of Online Armor, Scot reviewed and recommended the paid version. Vista users are out of luck, Online Armor only works with Windows XP (32 bit only) and Windows 2000.

Scot felt that Comodo Firewall Pro 3.0 offered excellent security, but that it was high maintenance and thus more appropriate for techies. He doesn't like being frequently interrupted by firewall alerts, a sentiment I agree with. Comodo Firewall Pro is free and works with Windows XP (both 32 and 64 bit) and Vista.

A big reason I liked ZoneAlarm was ease of use. When it popped up an alert, the explanation of why was simple and clear. Likewise granting permissions to programs couldn't have been easier. I tried a handful of firewalls and none came close in terms of ease of use.

Once, when I was teaching a class, and a student brought in a screen shot of an alert from the Norton firewall asking what it meant. It wasn't clear if the firewall was asking the user something or telling them, let alone whether the alert was about something coming in to the computer or going out. If you watch, the TV show Boston Legal, think word salad. And, I know the lingo.

Ease of use was a big reason that Scot recommended Online Armor, saying "Online Armor's user experience is on par with ZoneAlarm Free and Sunbelt Personal Firewall -- the two firewalls I've pointed to in the past as having the best user interfaces in this field."

Part of this entails running silently, after the initial getting-to-know-you period that any firewall requires. As Scot put it "When pop-ups are too repetitive or too frequent, it's only human nature for a large segment of the user base to start ignoring them. That behavior leads to a severe loss of security." I agree completely, as, I'm sure, many Vista UAC users do too.

The criteria Scot used in his evaluation were "usability, company support, stability, compatibility, and bug resolution". Sounds perfect to me.

Another thing I agree with Mr. Finnie on, is a dislike of all-encompassing software suites. Both his recommended firewall programs are just that, firewalls. Nothing more. As he puts it:

"The impetus for this review came after more than a decade of using and reviewing multifaceted, everything-but-the-kitchen-sink security suites such as Norton Internet Security. When I kicked that habit, I looked around for something better and realized that most mainstream computer publications were for the most part reviewing only the big-name, large-footprint products. It was clear to me that there was a better way that involved selecting a small set of best-of-breed security products that work well together."

I never heard of Tall Emu, the company behind Online Armor. But, Scot was impressed with them:

"What's especially impressive about the talk and actions emanating from Australia-based Tall Emu is a strong corporate culture that values communication, honesty, a willingness to talk openly about problems, a responsive attitude, open-mindedness, and respect. I'm not sure how to say this, but I trust Tall Emu to do the right thing. I can't remember the last time I felt that way about a software company in the post-Microsoft-antitrust era."

A small point in the article bears repeating. Someone with a single computer connected to a broadband modem, doesn't need a router. Technically. Yet installing a router is nonetheless a good thing - for the firewall. Rather than depend on a single software firewall (Windows security and all that that entails) the hardware firewall in a standard, relatively cheap, consumer router provides an extra layer of defense.

It's a very long article but well worth reading.

On July 16, 2008, I wrote up my first impressions of Online Armor

See a summary of all my Defensive Computing postings.

Featured Video

VTech hack exposes 5 million accounts, including kids' photos, chats

The toymaker stores personal data and photos in a way that may be easy for hackers to access. Also, Amazon shows off its latest design for delivery drones.

by Bridget Carey