Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Dream Machine ( Build your own PC ) -- Ignore unavailable to you. Want to Upgrade?

To: TraderAlan who wrote (13074)	1/9/2002 4:54:02 PM
From: Jon Tara	Respond to of 14778

Alan, I don't know of any reason why ZoneAlarm would reduce your bandwidth, unless it is just DAMN SLOW! I really do think you are better-off with an external wire-speed firewall, such as the Netscreen 5XP. (The 5XP is only 10BaseT, but that is still much faster than most Internet connections, and certainly faster than your quote stream.) I notice that both Symantec and Cisco have recently come out with competitive products in the same $500 range. I haven't used or reviewed either of thse products, though. Neither can do exactly what Zone Alarm does, though, so it is a disappointment is Zone Alarm is this slow. The external firewalls offer really excellent protection against incoming connections, and some protection against outgoing. It is a bit of a hassle to set-up outgoing, as it takes a while to home-in on what you need to let through, and sometimes you will have something not work and forget that you have a firewall that might be blocking something. In particular, some web sites use alternative ports (rather than the standard port 80) and this will not be let through unless you specifically configure those ports. (Unless you use the default "let any request from inside go through".) So, you can use an external firewall to only let the service requests out that you want - typically HTTP, HTTPS, POP, DNS, ping, etc. But it doesn't know - as ZoneAlarm DOES - which application on your computer is making the request. A smart trojan horse builder will use port 80 (HTTP) to "phone home".