excerpted from Scot's Newsletter -- 5-29-2001....
REVIEW: SYMANTEC'S NORTON PERSONAL FIREWALL **SFNL Top Product!**
-------------------------------------------------------------------
In the last issue of SFNL I introduced this review with some initial
comments:
scotfinnie.com
I've spent two weeks testing Norton Personal Firewall 2001 v.3.0 on a
couple of different PCs. I've run all the official SFNL firewall
benchmarks and then some. To find out about the SFNL benchmarks, see this page on the website:
scotfinnie.com
There's good news and not quite so good news about this product. First of
all, a wider of variety of users will be comfortable with its interface.
What's more, there's a very real potential for ZoneAlarm users to
misconfigure that firewall because that product's interface doesn't
provide as clear just-in-time explanation and help. Misconfiguration is
also less likely to happen with Norton Personal Firewall because it has
three types of automatic configurations that should go a long way toward
helping you to protect your computer, even if you don't know a lot about
firewalls.
When an application attempts to access the Internet, you train Norton
Personal Firewall just as you would with ZoneAlarm. A dialog pops up
asking you to decide whether to give the application access. In most
cases, there's an automatic option that you can select. You can even opt
to have the program automatically make educated access decisions for you
based rules about applications Symantec compiled in advance. I've got
mixed emotions about this functionality. On one hand, I recommend that
experienced users steer clear of it. But if you know little about
firewalls and the Internet, you might be better off using this feature
than making uninformed guesses. In the early going, you'll see a lot of
warning dialogs when applications like your browser, email program, FTP
client, and so forth reach out to the Internet. The decisions you make on
these dialogs definitely affect your overall level of security.
The second automatic feature is the application scan. This routine
automatically scans your entire PC for programs that are capable of
accessing the Internet, and then you can make automatic or manual
decisions about what access they should have. This isn't just a
convenience feature, either. It's a key part of your outbound protection.
The third automatic feature is the Security Wizard, which literally steps
you through the process of configuring and managing the firewall.
ZoneAlarm's wizard pales by comparison to this Norton routine, which
really gets the job done.
Another great automatic feature of Norton Personal Firewall 3.0 is called
Auto-Block. I had to disable this feature in order to do the
port-probe-scan portion of my benchmark testing. When Norton Personal
Firewall's intrusion-detection technology detects a port scan, it
automatically shuts down all access to the scanning party for 30 minutes.
I also liked the fact that Norton Personal Firewall automatically
integrated with Norton SystemWorks 2001, which I run normally on all my
machines. It also integrates with standalone Norton AntiVirus 2001.
Although not as robust in this area as ZoneAlarm, Norton Personal Firewall
is also able to setup ranges of restricted or trusted IP addresses, which
lets it provide a semblance of the "local zone." ZoneAlarm does a much
better job of this, but at least Norton offers some basic options in this
area.
Norton Personal Firewall has built-in controls for managing spyware and
Trojan horse programs, and it offers both logging and alerts on potential
scans, intrusions, and attacks. The product also comes with one year of
free firewall updates via Symantec's LiveUpdate online updating tool. The
Norton product is also capable of blocking Java and ActiveX applets, at
your option. There are also built-in privacy controls. You can upgrade
this product to Norton Internet Security or Norton Internet Security
Family Edition to add additional protection and features. For more
information about what these three different products offer, see this
webpage:
symantec.com
-- The Rub --
I said up top there's also some not so good news too. Norton Personal
Firewall did a nearly excellent job of protecting two PCs in my benchmark
tests, but not an excellent job. Plain and simple, ZoneAlarm does a little
better, and I judge it to be excellent at protection. There were two areas
where Norton Personal Firewall fell down. Firstly, it gave up a half-notch
more susceptibility on the Security Space test than all the best hardware
and software firewalls I've tested over the last six months. Let's be
clear that this is a small incremental difference, not a large one. It
literally boiled down to one more UDP port being accessible to hackers
than ZoneAlarm and others allow. But any difference is at least somewhat
meaningful.
Secondly, I had trouble initially with GRC's LeakTest. Something I did in
configuring Norton Personal Firewall or some program I installed, probably
afterward, is what likely caused the problem. I worked with Symantec to
figure it out, and while haven't figured out the source of the problem,
after about 45 minutes Norton Personal Firewall did successfully and
repeatedly block LeakTest. The software firewall passed all my other
standard benchmark tests with flying colors.
Symantec has made the best of the AtGuard firewall it purchased. But I
believe Zone Labs' security technology to be a touch better. ZA doesn't
need an automatic-blocking feature to prevent intrusions. For me, to
protect better out of the box. It's a close call, but right now I have to
side with ZoneAlarm.
Norton Personal Firewall is nevertheless a very good product that has
improved very rapidly over the last year. It's rate of improvement is much
higher than ZoneAlarm's. I find ZoneAlarm no more difficult to use, and
perhaps even a bit easier to use now that I know both programs. Still,
nine out of 10 people who've never used either product would choose Norton
Personal Firewall 2001 3.0 as the easier of the two to learn. And because
of its many well-crafted automatic features, I would recommend NPF to a
wider range of less experienced users. If and when my mother asks which
firewall to get, I'll probably recommend Norton Personal Firewall.
I plan to continue using ZoneAlarm Pro 2.6. I just like it better. And
ZoneAlarm is still a reigning SFNL Top Product. But sometimes there's room
for two top products in a category, and I think this is a perfect example.
Because Norton Personal Firewall 2001 3.0 does everything right, and
especially because it's easy to use and so may be better suited to some
people, it earns SFNL Top Product status.
* SFNL Top Product - $42.95, Norton Personal Firewall 2001 3.0, Symantec
Corp., 800-441-7234. Note: There's a $20 rebate on NPF:
pcconnection.com
Norton Personal Firewall 2001 3.0:
symantec.com
Symantec:
symantec.com
Key Features:
symantec.com
Lowest Price -- PC Connection, $42.95:
pcconnection.com |
