|
|
|
|
|
|
|
|
|
||
|
|
||
|
Partner With Us |
Thinking Outside The (Windows) Box,
Part 4: Free Windows Firewalls—NetVeda Safety.Net
While many businesses depend on Microsoft and its various product suites, alternatives exist, some of which are not well known. Part four of this series examines free windows firewalls.
VP Core Competence, Inc. [March 3, 2006] |
 |
We tried the free-for-personal-use NetVeda Safety.Net desktop firewall, v3.61.0002, on Windows XP SP2. A Safety.Net Professional license ($39.99) can be purchased for business use. Safety.Net also runs on Windows 95/98/ME/NT/2000, requiring a minimum 64 MB RAM (256 MB recommended for home office environments).
|
NetVeda
Safety.Net |
 |
After
Safety.Net installation, a system tray icon warns that the firewall has
not yet been configured. Clicking that icon brings up an Administration
program and configuration alert (see figure at right) that briefly
describes the next steps: (1) choose an Internet adapter, (2) choose a
LAN adapter, (3) add local user policies, then (4) add LAN host policies.
By default, NetVeda assumes that the PC will be serving as a gateway (router
or proxy server) for other LAN hosts and users. To run NetVeda on a solo
host, just change NetVeda's routing configuration to "None" and configure
only user policies.
NetVeda
enforces application and network-layer policies. Like many other personal
firewalls, it builds a trusted application list by prompting when each
program runs. It also uses a digest to detect application over-writing.
However, users and hosts must still be given explicit permission to use
trusted application services. This is done for each User/Host by entirely
permitting, entirely blocking, or selectively granting access to Services
checked off in an Application Control list (see figure at left).
Built-in and custom Groups are used to control Service definitions. For example, "FTP" means outbound access to TCP ports 20 and 21, while "FTP server" means inbound access to these ports. These Group definitions hide network details under intuitive labels, simplifying policy configuration without sacrificing flexibility for advanced users. However, we found Services in an Application Control List with neither "Full Access" nor "No Access" confusing—our tests showed that those Services were allowed unless blocked by a network rule, but this could be explained better in documentation.
Safety.Net User/Host policies can also enforce restrictions on internet access time and web content (i.e., ads, cookies, active code, or censored content, based on Platform for Internet Content ratings). These features (not tested) go well beyond the typical free personal firewall. Time and content filtering are mostly applicable to workgroup installations where the firewall Administrator wants to limit other users (e.g., home networks with children). Because content filtering impacts performance, it is nice that options can be used to adjust or disable filters that you don't plan to use.
The
internet security knobs presented by Safety.Net are relatively high-level:
for example, "hide computer on Internet" and "block file and printer sharing
on the Internet" (see figure at right). More experienced users
can still fiddle with traditional network firewall rules using an "Advanced"
tab where rules like "Inbound Deny Messenger Popups" and "Inbound Deny
SNMP" can be added, changed, or reorganized.
However, all rules apply to traffic passed between the list of "Internet" adapters and the list of "LAN" adapters. This means that exceptions must be based on IP address, not adapter (e.g., you cannot allow DHCP on wireless but not broadband if both are "Internet" adapters).
NetVeda's monitoring capabilities are informative, but less user-friendly than its configuration capabilities. There is no "at a glance" dashboard to get a quick feel for activity. A pair of Application and Network Activity Reports provide real-time session status lists; the Network report can also show history. Firewall blocking actions are visible through configurable pop-up alerts and an on-going Alerts Report. These detailed reports are aimed at administrators, but not end users who are likely to wonder whether a blocked connection by "alg.exe" on port 1025 is normal or worrisome.
Overall, NetVeda is very full-featured for a free personal firewall. If you happen to be looking for an Internet Connection Sharing workgroup firewall, NetVeda is a good choice. Multi-user hosts especially can benefit from free extras like content filtering. But if you want a very simple entry-level single host firewall, NetVeda may prove to be a little complicated.
|
Free Windows Firewalls: NetVeda Safety.Net
|
ISP-Planet's
RSS feed
The Network for Technology Professionals
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers
Webcasts
|
Video: How System Center Helps Reduce IT Costs IBM Cloud Computing for Developers Virtual Event, April 6-8 |
Microsoft Video: OCS and Exchange: Platform Futures MORE WEBCASTS, PODCASTS, AND VIDEOS |