All firewalls can block incoming access to your computer, but not all provide the level of two-way protection that Norton Personal Firewall (NPF) 2002 can. This app offers relatively simple installation and setup and protects systems from both incoming and outgoing connection attempts. It not only keeps Web sites and hackers from accessing your system, it also won't allow viruses or any other programs to access the Internet without your knowledge. Unfortunately, NPF is a bear to configure, so we recommend it primarily for technically savvy folks who know their way around a PC and need detailed security settings. Everyone else will benefit more from ZoneAlarm's simple interface and zero price tag. All firewalls can block incoming access to your computer, but not all provide the level of two-way protection that Norton Personal Firewall (NPF) 2002 can. This app offers relatively simple installation and setup and protects systems from both incoming and outgoing connection attempts. It not only keeps Web sites and hackers from accessing your system, it also won't allow viruses or any other programs to access the Internet without your knowledge. Unfortunately, NPF is a bear to configure, so we recommend it primarily for technically savvy folks who know their way around a PC and need detailed security settings. Everyone else will benefit more from ZoneAlarm's simple interface and zero price tag.
Although Norton Personal Firewall (NPF) ships as part of the Norton Internet Security 2002 suite, you can also purchase it as a separate package or download it directly from Symantec. Installation is easy enough; even if it weren't, NPF dialogs walk you step-by-step through the entire process.
Sadly, configuring Norton Internet Security (NIS) takes much more effort. When you launch NIS 2002 for the first time, a wizard walks you through the initial setup process and helps you customize the firewall's default configuration. For example, you can change your privacy settings from Medium to High and decide which Internet applications you'll allow to penetrate the firewall. Unfortunately, we found it confusing to navigate the jumble of configuration dialogs without the manual and some practice.
Lots to tweak
If you want to tinker with these settings at a later date or check your Internet status (the number of alerts and alarms you've experienced) at any time, double-click the NPF System Tray icon. The resulting control panel looks like a well-decorated Windows dialog box. And, like the other programs we reviewed, NPF lets you retrieve program updates from the Web, view how many times outside people or programs have tried to access your system, configure firewall settings (including security levels, Internet access, and port blocking), access the firewall's help files, and adjust privacy settings to either Low, Medium, or High.
Norton Internet Security's default Medium security and privacy setting blocks any program from accessing the Internet. When a new program tries to access the Internet, a pop-up window asks if you want to permit access. If you choose to save these settings, NPF will remember them every time the same program tries to go online. Eventually, NPF learns which programs you want to access the Internet, and those annoying pop-ups trickle off. The Medium setting also warns you before you send personal information (including your name, address, or credit card number) over the Web, but it doesn't block sites from setting cookies on your hard drive. In many cases, this is just an inconvenience, but some cookies can pose a security threat. If you run NPF with security set to High, the program also prompts you before allowing active content (such as Java and ActiveX Controls, which can create potential entryways into your system) to run and alerts you whenever an outsider scans or tries to access your PC's ports. It also prevents you from sending any personal browsing information and alerts you each time a Web site creates or tries to access cookies. Also, the Reporting slider lets you decide just how much of this information you want to see. Set it on High, for example, and NPF alerts you to any and all access attempts. But all of these protection options come at a price: you'll need to learn to navigate your way through a maze of dialogs to find the settings you're looking for.
In our casual tests, we let loose Port Detective (a small client that tests selected ports for possible security problems) on our NPF-protected system. Port Detective attempted to access computer ports 21, 23, 25, 80, 137, 138, 143, and 443. But NPF resisted Port Detective's probing better than any other product in the roundup. Even at Low security, on our machine, NPF blocked ports 21, 23, 25, 80, 137, 138, 139, 143, and 443 and prevented all unauthorized e-mail and Web access. At Medium security, NPF asks permission before allowing any e-mail and Web access. At High security, by contrast, NPF locks down all ports and doesn't allow any Internet access whatsoever.
In CNET Labs' official tests, NPF, like most of the other firewalls we reviewed, closed all of the ports on our test computer and made them invisible to hackers. So, not only will hackers be unable to access your closed ports, they won't even know you're online.
If NPF gets too confusing for you, you can find free e-mail support 24/7 at the Symantec Web site. The Web site offers patches, updates, downloadable manuals, FAQs, and a searchable knowledge base for particular questions. Replies to our e-mail came a little faster from Symantec than from McAfee, but the answers were rather short and basic; don't expect lots of hand-holding. There is no free telephone support for NIS, but fee-based support is available.
Solid but pricey
All in all, NPF 2002 has what it takes to protect your PC from intruders without and digital traitors within. However, unless you want a program that, say, warns you before you send personal information, at $49.95 NPF costs too much for us to recommend it over equally effective and less expensive products such as ZoneAlarm.