Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement
With the introduction of the FreeBSD-based Mac OS X, Mac users can no longer count on "security through obscurity"--that is, the invisibility that has historically freed the platform from the security exploits that plague the Windows world. Now that OS X opens the Mac to Unix-based Internet flaws, Mac users need online protection. Intego's NetBarrier X offers three lines of defense--a software firewall along with antihacker and personal privacy features--to protect your home network and keep data on your computer safe as well as block out specific cookies, pop-ups, banner ads, and more. While Mac OS X ships with Apple's version of the Unix firewall, called ipfw, enabling it requires mastering an arcane syntax. NetBarrier X, on the other hand, offers an easy-to-use interface for a powerful and customizable set of tools at a reasonable price ($60). As with most Mac applications, installation of NetBarrier X is a snap. Double-click the installer, OK your way through the standard Mac OS X installation screens and license terms, reboot, then enter the registration key. That's it. Since Mac OS X is, at its heart, a multiuser system, you'll need to be logged in as the root or administrator of the system to install or make changes to NetBarrier.
|"="" --="">/sc/21128028-2-300-SS1.gif" width="300" height="225" border="0" />|
Available in a brushed-metal flavor, the basic interface for NetBarrier X is easily navigable. However, the Customize option is for experts only.
The NetBarrier X interface should be immediately comprehensible for most Mac users. The major functions (Firewall, Antivandal, Privacy, Monitoring) can be accessed from buttons along the left side of the NetBarrier window, with tabs sorting out features. NetBarrier X obeys all Mac user interface guidelines, such as selecting and dragging items in lists; you can even switch to a brushed-metal look (à la iTunes) if that's your preference. Finally, NetBarrier's live-updating traffic gauges are fun to watch. NetBarrier's firewall filters incoming and outgoing data transparently, providing protection against malicious access. If you don't want to delve into details, you can leave the default setting alone and be reasonably secure with the well-defined presets. In other words, install and go. For more control, you can edit and refine sets of rules easily. By comparison, you can download configuration interfaces for ipfw, but none come with NetBarrier's extra features. You can save firewall log files at user-defined intervals as text or as HTML, even to a shared folder on a network for remote access.
|"="" --="">/sc/21128028-2-300-SS2.gif" width="300" height="225" border="0" />|
NetBarrier's interface makes it easy to turn on and off various security features; ping sensitivity can be adjusted right on that graph.
NetBarrier also blocks cookies, pop-ups, and banner ads; as well, it filters out spam for most e-mail applications such as Mail and Entourage. You can even drag an ad to NetBarrier's window, and the firewall will block that specific ad server. In addition, data filters can be set to prohibit transmission of credit card numbers, passwords, your mother's maiden name, and so on. We ran NetBarrier X against Steve Gibson's ShieldsUp port tester. In stealth mode, our PC was invisible to the world, which is good.
|NetBarrier X |
|NetBarrier X |
Port 445-MSFT DS
Port 5000 UPnP
We began with IP Agent, a free utility provided by ShieldsUp that determines the test machine's current IP address, then contacts the ShieldsUp Web site to begin testing.
Next, the Port Probe utility tested our system's defense against Internet port scanners. The test originates from the ShieldsUp server and attempts to establish standard TCP/IP (Internet) connections on a handful of commonly exploited Internet service ports on the test computer.
Using ShieldsUp, each port gives one of the three following results:
Stealth: This result means that the probe was not able to find this particular port on your computer. This is the most secure result.
Closed: This shows that the probe was able to detect this particular port on your computer but that the connection was refused.
Open: This result means that the port is actively advertising its presence on the Internet. Port scanners will have no trouble finding it.
More information on these tests and what the results mean can be found at ShieldsUp. More information about how we test firewalls can be found at CNET Labs. Unfortunately, there is no help menu for NetBarrier, as there is for most Mac applications. The software ships with detailed manuals as PDF files; those manuals are also available on the Web site for download. We found the electronic manuals to be well written and amply illustrated, but they're hard to search, and there's no FAQ or troubleshooting section. Online support consists of a form-based Web page (replies come from a human) and a toll number in Texas. Fortunately, we found the phone support to be cheerful and well informed.
|"="" --="">/sc/21128028-2-300-SS3.gif" width="300" height="225" border="0" />|
It's a handsome, amply illustrated manual--but it's a pain to print out, with many pages containing only an image and a few paragraphs.