Sygate Personal Firewall Pro' 5.5 - Opinions ?

Archived from groups: comp.security.firewalls (More info?)

"David" <Researcher01@ComcastNOMAIL.Net> wrote in message
news:HbidnWk49ryeLOndRVn-hA@comcast.com...
> How would you rate Sygate Personal Firewall Pro' 5.5? Good/Bad/Comments
> etc. apprecciated....
>
> David W
>
>
Pretty good but I wouldn't relay only on Sygate to secure my system.

Archived from groups: comp.security.firewalls (More info?)

"David" <Researcher01@ComcastNOMAIL.Net> wrote in
news:n5SdnQ6wK6MfT-ndRVn_iw@comcast.com:

> What would be your suggestion for additional security?
> "Iceman©" <iceman@cool.net> wrote in message
> news:c52gvj$2o5n4b$1@ID-132761.news.uni-berlin.de...
>>
>> "David" <Researcher01@ComcastNOMAIL.Net> wrote in message
>> news:HbidnWk49ryeLOndRVn-hA@comcast.com...
>> > How would you rate Sygate Personal Firewall Pro' 5.5?
>> > Good/Bad/Comments etc. apprecciated....
>> >
>> > David W
>> >
>> >
>> Pretty good but I wouldn't relay only on Sygate to secure my system.
>>
>>
>
>

http://www.petri.co.il/block_ping_ [...] _ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

If you have the O/S, then you can use it to supplement a router or host
based FW on the machine.

From a link I read and can be applied even on the PC as far as I am
concerned -- layered defense.

<snip>

Configure IPSec Policy

You should seriously consider setting an Internet Protocol Security (IPSec)
packet-filtering policy on every Web server. This policy provides an extra
level of security if your firewalls are breached. Multiple levels of
security technology are often considered a good practice.

In general, you should block all TCP/IP protocols other than those you
explicitly want to support and the ports you want to open. You can use the
IPSec administration tool or the IPSecPol command line tool to deploy IPSec
policy.

<Snip>

http://www.mvps.org/winhelp2002/hosts.htm
http://www.snapfiles.com/get/hoststoggle.html

If you have one that can be harden, then harden the O/S.

http://www.uksecurityonline.com/index5.php

Of course, you could put it behing a NAT router that cost as much as Sygate
is not a bad option either, even for a single machine.

http://www.homenethelp.com/web/explain/about-NAT.asp

Duane

Archived from groups: comp.security.firewalls (More info?)

SPF is the best at providing you with complete details for any
installed application trying to access the Internet, as well as the IP
address that is being accessed. For example, with Eudora's email
utility you can select to install the ad version for free and SPF pro
will actually inform you when Eudora is trying to access your pop
server to retrieve your mail and also separately when trying Eudora is
trying to access Eudora's ad server (which you can actually block with
eventual consequences). Most other firewalls will only ask you once if
you want to allow an application to have access to the Internet.

As for protection from external threats, SPF along with a hardware
firewall and some other protection tweaks/tools (e.g., www.grc.com,
Ad-aware's adwatch) is the best bet.

> How would you rate Sygate Personal Firewall Pro' 5.5? Good/Bad/Comments
> etc. apprecciated....