I have been using ZoneAlarm Suite (now ZAX) for several years because I trusted the reputation of its firewall and also liked the idea of integrated Kaspersky AV and some other features. Due to recent router issues I connected my laptop directly to the cable modem, also to use it as virtual router, and was running ShieldsUp to test security without router protection. The firewall received a miserable failure, with only port 0 stealthed, ports 135, 139, 445 (NetBios) open, and all other ports closed. I looked through the ZA forum, and apparently this seems to be common with Win7 because the Programs feature enables server functions on most applications which alter firewall settings, but may be necessary for applications to work. IMHO this makes the firewall useless! ZA forum gurus actually suggest that firewall protection is now redundant and focus should be on browser based threats utilizing ZA virtualization method. I am wondering if there are other ZA users here who also lack protection once they go off the router (as we may do often on the road).
Interestingly, once I enabled the Win7 firewall all ports were stealthed in ShieldsUp test! So I am considering my options for a simple and reliable security solution (i.e. suite):
1) stay with ZA, disable all server functions for programs, and see if that works
2) try MSE2 and Win7 firewall as it's designed for Win7 and I have heard much good about it
3) try Comodo Suite as a free third party option with good firewall and decent AV reputation
4) see what else may be suggested here?
-
Windows firewall is good enough. Add the AV software you like then.
Michael -
Closed ports aren't necessarily bad. It's just more like a 'I'm here but not answering the phone' sort of thing. Stealthed ports are only unseen, 'I may be home or maybe not.' Stealth is preferable, but closed doesn't mean you're leaving all your windows and doors wide open.
You should disable NetBios if its something you never use. That should close the 445 and 139 ports. Port 135 is DCOM according to GRC Port authority.
Comodo Firewall is great and it gives you HIPS if you want it too. I thought the AV suite is their pay program? Windows 7 firewall is very good too. Comodo prompts you for everything until it learns what you allow to happen, Win 7 is completely silent. -
-
MSE is an antivirus/antimalware program.
Comodo IS/CIS is a firewall with HIPS and AV/AM and more stuff like sandboxing (actually more 'LUA-ing') programs; a full suite.
So the programs are not comparable.
Free CIS offers more protection due to it's HIPS and other features so be sure to read a manual about it's options before installing or you might be in for a ride if a HIPS is new to you.
The AV/AM in CIS is of rather poor quality, so it would be better to install MSE for AV and CIS only partially (without the CIS AV/AM part installed).
Installing/using MSE is simple and basic.
Using CIS will have a higher learning curve but can offer much more security if used properly.
If you'd like a more basic FW+HIPS to start with, perhaps check out Private Firewall link.
ZA firewall full of holes?
Discussion in 'Security and Anti-Virus Software' started by merlin666, Jan 27, 2011.