CNET también está disponible en español.

Ir a español

Don't show this again

Norton Personal Firewall 2004 review: Norton Personal Firewall 2004

  • 1
Hot Products

The Good Hides every PC port; no setup required; integrates with Internet Explorer.

The Bad Antipiracy activation required; few changes from last year's version; Symantec's online e-mail help hard to access.

The Bottom Line Norton Personal Firewall 2004 does the job, but free ZoneAlarm and the beefier Norton Internet Security 2004 are smarter buys.

7.3 Overall
  • Setup 7
  • Features 8
  • Performance 9
  • Support 5

Review summary

Norton Personal Firewall (NPF) 2004 defends your PC against attacks by hackers, port sniffers, and other malcontents. It's easy to set up, and you don't have to touch a thing to make your computer invisible to intruders. But at $50--and considering this version's merely minor changes from NPF 2003--NPF 2004 is overpriced, especially compared to the $40 McAfee Personal Firewall Plus or the free ZoneAlarm 4.5. Our advice: If all you need is a firewall, install ZoneAlarm. But if your PC also lacks antivirus software, your best bet is to get Symantec's $70 Norton Internet Security 2004, which includes Norton Personal Firewall, Norton AntiVirus, and Norton AntiSpam. Installing Norton Personal Firewall (NPF) 2004 involves loading the contents of a CD, typing in a 24-character key code, and rebooting the system. A wizard then walks you through the final steps and performs a quick check for updates. When all is said and done, NPF 2004's 8MB firewall occupies more than twice as much space on your hard drive as McAfee's more efficient 3.3MB personal firewall. Symantec also requires product activation for all of its consumer products, although you can use NPF 2004 for up to 15 days without activating (but after that, you'll need tech support to activate it). The idea here is to stymie high-volume piracy, but Symantec admits that one activation code will allow as many as five different installations of its firewall.

/sc/30524439-2-300-SS1.gif" width="300" height="225" border="0" />
When NPF 2004 detects an attempted intrusion, it puts up a simple alert.

If you're upgrading from an earlier edition, NPF 2004 now migrates your customer firewall settings. For our informal tests, we updated a system that had been running NPF 2003 without losing a single setting.

NPF 2004's interface is almost criminally simple: green check marks mean everything's OK, while red check marks signal that detection files are out-of-date. This simple design is best suited to beginners who just want protection and don't care about mucking with settings. To get to advanced features, such as firewall rules, you must dig through at least four screens. Some settings, such as those for ActiveX Controls, are hidden even deeper. We'd prefer to access these setting via fewer clicks.
Unfortunately, NPF 2004 doesn't add any features worth its $30 upgrade price. There are, however, two minor changes worth mentioning. The first, Network Detector, is a new feature that automatically employs different rule sets for different networks. This tool is handy for laptop users who haul their notebooks from, say, home to office to wireless cafe. The second noteworthy feature is integration with IE that turns ad and pop-up blocking on and off. The toolbar will also launch the NPF 2004 display and selectively block any cookies on the current site.

/sc/30524439-2-300-SS2.gif" width="300" height="225" border="0" />
NPF 2004 now automatically detects a change in network connections--handy for notebook users moving from the home to the office.

Other than that, NPF 2004 remains much the same as NPF 2003, offering an intrusion-detection system that sniffs out possible attacks, an ad blocker, and a petite privacy module that prevents personal data such as credit card numbers from being transmitted via browser, instant messenger, or e-mail. (You pick which data it protects.) If you want, you can also trace back an attacker to his or her originating domain (or at least the one that the hacker spoofed). And as each desktop application tries to access the Internet, the program either automatically assigns a firewall rule for that app or gives you the option of allowing or denying access by flashing an alert in the lower right-hand corner of the screen. We ran NPF 2004 against Steve Gibson's &siteid=7&edid=&lop=txt&destcat=ex&destUrl=http%3A%2F%2Fwww%2Egrc%2Ecom">ShieldsUp port tester. In stealth mode, our PC was entirely invisible to the world, which is the best result a firewall can get.

ShieldsUp common ports Norton Personal Firewall 2004 McAfee Personal Firewall Plus 5.0 ZoneAlarm Pro 4.5
Port 21-FTP Stealth Stealth Stealth
Port 23-Telnet Stealth Stealth Stealth
Port 25-SMTP Stealth Stealth Stealth
Port 79-Finger Stealth Stealth Stealth
Port 80-HTTP Stealth Stealth Stealth
Port 110-POP3 Stealth Stealth Stealth
Port 113-IDENT Stealth Stealth Stealth
Port 119-NNTP Stealth Stealth Stealth
Port 135-RPC Stealth Stealth Stealth
Port 139-NetBIOS Stealth Stealth Stealth
Port 143-IMAP Stealth Stealth Stealth
Port 389-LDAP Stealth Stealth Stealth
Port 443-HTTPS Stealth Stealth Stealth
Port 445-MSFTDS Stealth Stealth Stealth
Port 1002-ms-ils Stealth Stealth Stealth
Port 1024-DCOM Stealth Stealth Stealth
Port 1025-Host Stealth Stealth Stealth
Port 1026-Host Stealth Stealth Stealth
Port 1027-Host Stealth Stealth Stealth
Port 1028-Host Stealth Stealth Stealth
Port 1029-Host Stealth Stealth Stealth
Port 1029-Host Stealth Stealth Stealth
Port 1720-H.323 Stealth Stealth Stealth
Port 5000 UPnP Stealth Stealth Stealth
LeakTest Passed Passed Passed

More information about how we test firewalls can be found at CNET Labs. Symantec's tech support varies in quality and cost. Online support is free and generally excellent, although the new Support Assistant, a small app that downloads to your PC, didn't lead us to resolve our test problem as we had hoped. Searching the knowledge base manually, however, got us clear and concise assistance for most of our problems.

/sc/30524439-2-300-SS3.gif" width="300" height="225" border="0" />
Locating Symantec's online e-mail tech support could be a lot easier. After endless clicking, we found this buried link.

E-mail to tech support isn't slick. It's almost impossible to find the form on the Symantec site, then you must use it to query the help desk; then it takes Symantec a good 48 hours to respond. In our case, the tech didn't answer correctly even when he did respond.

Finally, you can call Symantec for tech support, but the price--$29.95 per incident or $2.95 per minute--and the limited, weekday-only 6 a.m. to 5 p.m. PT hours left us cold.

Hot Products

This week on CNET News