July 25, 2008
Personal Firewall Software - Security Test Results Reveal Surprises
Matousec, a security consulting and research group named after its founder, David Matousek, researched and tested security performance on numerous software firewalls (also known as personal firewalls, as they are installed on personal computers rather than being hardware-based).
The firewall test results and rankings are worth a read if you've just purchased a new computer, considering a change, or your annual subscription is nearing its renew point. Some of the better known firewall products such as those from Norton, McAfee, and ZoneAlarm were ranked particularly low. The results were somewhat surprising on that front, although I wasn't surprised to see that the free Comodo Firewall Pro remained in the top-ranked group, as it's been receiving accolades for some time.
It's good to see the results and methodology so we can make more informed choices, and the software vendors can learn more about their weaknesses so they can plug the holes. It's also a good idea to watch the rankings over time to see which ones are progressing, and which ones are falling further behind.
Update 8.1.08: I should also mention a very noticeable trade-off between certain firewalls. Some firewalls will prompt you, seemingly endlessly, to allow or block a program or service that's trying to access the Internet -- particularly while it's in "learning" mode. I believe Comodo Firewall Pro and ZoneAlarm operate as such. Others, like Norton Internet Security, silently grant or deny access to your programs based upon its considerable database of common applications.
From a user perspective, especially for those who are not security professionals, the latter approach provides what I call "usable security". The problem with the former types of firewalls is that after a short while, users become increasingly annoyed with the barrage of prompts. At that point, they'll likely either begin allowing all access or denying all access to the vast majority of the prompts. Obviously, neither is desirable. Too much access granted, and you've compromised the security of your PC and network. Too little access granted, and well, you won't be getting much done on the Net now, will you? Couple these firewall nags with Vista's User Account Control (UAC) prompts, and it's enough to make you run screaming straight for a Mac.
I've used a number of personal firewalls over the years, and have to say that while the Norton Internet Security firewall didn't measure up on these particular tests, I greatly prefer its more balanced user approach. By the way, for those of you who understandably left Norton after using their bloated 2005 and 2006 products, it's worth another look. Since the 2007 version, both the Norton Antivirus and Norton Internet Security packages have been redesigned from the ground up with the goal of optimizing their performance. I've found it performs much more quickly, takes up less resources, and is virtually invisible to the user. Yes, it makes certain decisions for you automatically, which I'll agree with some security experts results in some compromises. However, it's usable, and gets out of your way so you can actually get some work done. Now, if a software developer could develop a top-notch personal firewall that could pass these advanced security tests while being transparent to us, the users, now that's something I'd be very interested in having on my PC.