Rating of firewalls. If you are in doubt with the choice ...

12.04.2019 Errors

Windows comes with a built-in firewall, but you can get advanced third-party protection for free. Then you ask, why pay for ZoneAlarm PRO Firewall 2017? There is one simple reason- the free version can be used for non-commercial purposes, therefore, to use the product in a business environment, you will have to purchase a paid edition. In addition, this version offers premium technical support, enhanced control over firewall settings and a new effective protection from phishing.

The annual ZoneAlarm PRO Firewall 2017 license costs $ 39.95 - that's the price you can buy a standalone antivirus. Moreover, the same price can be purchased with Check Point ZoneAlarm PRO Antivirus + Firewall. If you don't have stationary anti-virus protection, then this comprehensive product may be the best solution. Keep in mind that when you buy multiple licenses, the cost drops. For example, 5 annual licenses are available for $ 59.95.

With the exception of the anti-phishing protection provided by the browser extension, the main feature set is paid version does not differ from the capabilities of the free ZoneAlarm firewall. However, there are differences when considering additional security tools. There are three large panels in the main window of the program: Antivirus protection and firewall (Antivirus & Firewall), Web protection and privacy (Web & Privacy) and Data protection (Mobility & Data). Each panel represents 3 to 4 components, many of which are grayed out and inactive. For example, in the web protection and privacy panel, parental control, protection against keyloggers and spam filter are unavailable. The fully featured ZoneAlarm Extreme Security 2017 solution uses the same interface template, but all features are enabled.

Common functions

ZoneAlarm PRO Firewall 2017 includes all the features of the free ZoneAlarm Free Antivirus + 2017. For a detailed acquaintance with the functions of a free firewall, read its review on our website, and here we will only briefly list the capabilities of the product.

The ZoneAlarm firewall does an excellent job of putting system ports into stealth mode to protect against external attacks and control application access to the network. The component uses an extensive database to automatically grant permissions for known programs and to make decisions about unknown applications. If you set the maximum protection level, the firewall will notify the user about attempts to access the Internet by unknown programs and will rely on the user's decision.

However, in maximum security mode, OSFirewall's behavioral analyzer generates a large number of false positives. On the other hand, a similar component in Comodo Firewall 8 gave even more false positives when tested with an identical set of samples.

ZoneAlarm does not attempt to block exploits at the network level in either the free or paid version. However, none of the test attacks were able to compromise the security of the system. Moreover, it was not possible to find a programmatic way to disable firewall protection.

ZoneAlarm users get 5 gigabytes of cloud storage for backups from the company's partner, IDrive, and credit monitoring from another partner, Identity Guard. Built-in Identity Lock prevents unauthorized transfer of user data.

One of the differences between the products can be noticed when you select the Technical Support option from the help menu. In the free version, selecting this option would open a page containing links to community forums, knowledge base articles, and installation help. In the paid version, a premium support page opens with the message: “A Certified Professional can help you right now! Our experts will connect to your computer and fix the problem as soon as possible. ”

Advanced firewall

The firewall in the free version is called Basic Firewall, while in paid PRO version includes Advanced Firewall or Advanced Firewall. If free version allows changes to the settings for the trusted zone and the public zone, then the paid edition offers granular control over the network events that are allowed in each zone. If you are a beginner, you shouldn't change these settings. Only advanced users can safely manually configure network rules firewall.

Software control has received some additional functions. You can optionally enable Advanced Application Control, Advanced Interaction Control and Component Control. Be aware that enabling these modules will increase the number of toast alerts.

The main purpose of the advanced monitoring tools is to detect malicious programs that try to disguise themselves as legitimate programs or otherwise evade firewall protection. However, ZoneAlarm can notify you about the activity of trusted programs, so you need to analyze the situation in detail before blocking access. If you suspect that your knowledge is not enough to make a correct decision, it is better not to enable these functions.

Real-time anti-phishing protection

ZoneAlarm has a long history of anti-phishing protection. V previous years anti-phishing was supplied as part of the licensed toolbox. Free product users had to accept the installation of the toolbar, which automatically changed the browser home page and default search engine. The toolbar was dropped from the product line last year. Anti-phishing protection is now back, but only available to users of the paid version.

If a Trojan needs to deceive an antivirus for a successful attack, then for a phishing attack it is enough to deceive a user who, without suspecting anything, enters his personal data into a fake website. Fraudulent sites often include copies of financial sites, email services, and even online games... If you enter your username and password, an attacker can take over your account.

It is very important to note that nothing will happen if you do not enter data. A phishing attack is not a hidden download where a computer can become infected without the user's knowledge. ZoneAlarm does not check sites for phishing signs until you select the login or password field. At this point, the product starts scanning the page content. ZoneAlarm does not waste time checking for the presence of a resource in blacklists and does not perform heuristic analysis on all visited sites. This innovative solution that can be borrowed by other vendors.

ZoneAlarm has been tested on five test systems. One was protected by ZoneAlarm, the other by Symantec Norton AntiVirus Basic, and three more relied on content filter protection from Chrome, Firefox and Internet Explorer.

This test used sites that were presented as fraudulent, that have not yet been analyzed and have not been added to blacklists. Typically, these sites are less than a few hours old. Since the set of sites is different for each trial, the difference in detection rate is used for the assessment.

Very few of the products we tested were able to outperform the protection provided by Chrome or Internet Explorer. Only a few were able to bypass Norton. The leader was Kaspersky Anti-Virus, which was able to detect 4 percent more threats than Norton. ZoneAlarm was also among better solutions and seemed to have the same detection rate as Norton and bypassed all three browser protections.

However, there is one drawback. This phishing protection extension is available only for Chrome. Until all major browsers are supported, the extension will not be able to protect all users

Great solution for advanced users

ZoneAlarm PRO Firewall 2017 review:

Dignity

extended firewall;
hiding system ports from external attacks;
control of application access to the network;
unique protection against phishing in real time;
successfully resists direct attacks;
cloudy backup storage and other useful additional functions.

Flaws

there is no protection against exploits;
certain knowledge and skills are required to work with a firewall;
phishing protection only works in Chrome;
Behavioral Analysis Component OSFirewall generates false positives in maximum security mode.

Anyone who has ever thought about the question "which firewall to choose?" Gartner(a well-known analytical agency).

At the end of June 2017. the next report on the state of the market was released Unified Threat Management (UTM) - Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) and in July 2017. Enterprise Firewalls - Magic Quadrant for Enterprise Network Firewalls... If you are interested to know who was among the leaders, how the situation has changed over the past year and what trends are observed, then welcome under the cat ...

UTM Market:

Let me remind you that by definition Gartner:

“Unified threat management (UTM) is a converged platform of point security products, particularly suited to small and midsize businesses (SMBs). Typical feature sets fall into three main subsets, all within the UTM: firewall / intrusion prevention system (IPS) / virtual private network, secure Web gateway security (URL filtering, Web antivirus) and messaging security (anti-spam, mail AV). "

That is, platforms fall under this definition. network security targeted at small companies (Small) and slightly larger companies (Midsize) (under small companies (Small and Midsize Business), Gartner counts companies with 100 to 1000 employees). UTM solutions usually contain the typical today functionality of a firewall, an intrusion prevention system (IPS), a VPN gateway, a web traffic filtering system (URL filtering, streaming antivirus system for web traffic), and a mail traffic filtering system (filtering spam messages and an anti-virus system for mail traffic), and of course we must not forget about basic system routing and support for various WAN technologies.

It is interesting that, judging by the predictions of Gartner, the market for firewalls until 2020. will remain in about the same state as now. In 2022. according to the predictions of Gartner, class solutions will begin to enter into everyday life in SMB Firewall as a Service (FWaaS), i.e. cloud firewalls, where client traffic will be tunneled, and the share of new installations on the SMB market will be more than 50%, compared to the current share of 10%. In addition, 2022. 25% of SMB segment users will use their firewall as a monitoring tool and an intermediary broker to provide inventory and control of the use of SaaS resources, as a tool for managing mobile devices or enforcing security policies on end-user devices (currently, less than 2% of users use this functionality on firewalls). FWaaS solutions will be more popular for distributed branch structures, this decision will use 10% of new installations, up from less than 1% today.

Insofar as UTM solutions focused on relatively small companies (by the standards of Gartner), it is clear that having received all the functionality out of one box, the end customer will somehow be content with compromises in terms of performance, network security efficiency and functionality, but for such customers it is also important that the solution was easy to manage (management through a browser as an example), the solution administrator could be trained faster due to the simplified management, so that the solution contains at least basic reporting tools built-in, for some customers it is also important to have localized software and documentation.

Gartner believes that the needs of SMB customers and Enterprise customers are very different in terms of Enterprise needs for the ability to implement more sophisticated management policies, advanced network security capabilities. For example, Enterprise customers with a distributed branch structure often have branches that can be the same size as the entire SMB segment. However, the criteria for choosing equipment for a branch, as a rule, are dictated by the choice of equipment at the head office (usually the branches are selected equipment from the same vendor that is used in the head office, i.e. Low End Enterprise-class equipment), since the customer needs to have confidence in ensuring compatibility of equipment, and in addition, these customers often use a single management console to ensure the manageability of the branch network (where there may not be appropriate specialists) from the head office. In addition, the economic component is also important, a corporate customer can receive additional discounts for "volume" from manufacturers of internetwork solutions, including solutions for a branch network. For these reasons, Gartner considers solutions for distributed branch structures of Enterprise customers in squares of solutions for the Enterprise segment (NGFW / Enterprise Firewall, IPS, WAF, etc.).

Separately, Gartner singles out customers with a distributed network of highly autonomous offices (a typical example is a retail network, where the total number of employees can be more than 1000 people), who, like a typical SMB customer, have rather limited budgets, a very large number of remote sites, and usually small IT / cybersecurity staff. Some UTM vendors even specifically focus on solutions for these customers more than traditional SMB.

UTM as of June 2017:

But what happened a year ago, in August 2016:

The list of leaders in the UTM market still has the same familiar faces - Fortinet, Check Point, Sophos. Moreover, the situation is gradually heating up - the positions of the leaders are gradually being pulled up to each other. Juniper has gone from being a pursuer to being a niche player. SonicWall improved its positions a little.
What does Gartner think about the leaders of the UTM-segment market separately:

It is a representative of the UTM market leaders, SMB solution is represented by an enterprise-class firewall (Enterprise), which is quite easy to manage and has an intuitive graphical interface(GUI).

The headquarters are located in Tel Aviv (Israel) and San Carlos (USA). Check Point is a network security vendor with over 1,300 R&D employees. The product portfolio includes SMB and Enterprise class firewalls (Security Gateway), a dedicated endpoint security solution (Sandblast Agent), a mobile device security solution (Sandblast Mobile) and virtual firewalls (vSEC for private and public clouds). The current line of SMB class firewalls includes families 700, 1400, 3100, 3200, 5100, 5200, 5400, 5600, all devices were introduced in 2016/2017.

3. Sophos:

He is a representative of the UTM market leaders. It continues to increase its market share due to its ease of use, good functionality of the Security component, and successful integration with its own endpoint protection solution. A frequent visitor to the shortlists of an SMB customer, as well as for distributed networks of autonomous offices.

The headquarters is located in Abingdon (Great Britain) and employs more than 3000 employees worldwide. The product portfolio contains a mixture of network security solutions and endpoint protection solutions. The Sophos XG line of firewalls contains 19 models and was last updated in the 4th quarter of 2016, as well as the outdated Sophos SG line in the portfolio. Sophos UTM solutions are available as virtual applications with integration with IaaS platforms - AWS and Azure. Endpoint security solutions include Sophos Endpoint and Intercept X. The integration solution between Sophos UTM and Sophos Endpoint is called Sophos Synchronized Security. The vendor's portfolio also includes solutions for protecting mobile devices and ensuring data encryption.

Enterprise Firewall Market:

In 2011. Gartner has introduced a new definition for the Enterprise Firewall market - Next Generation Firewall (NGFW):

“Next-generation firewalls (NGFWs) are deep-packet inspection firewalls that move beyond port / protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall. An NGFW should not be confused with a stand-alone network intrusion prevention system (IPS), which includes a commodity or nonenterprise firewall, or a firewall and IPS in the same appliance that are not closely integrated. "

Then it was an innovation, around which there was a lot of controversy. Several years have passed, a lot of water has flowed under the bridge, and now in 2017. Gartner no longer considers this to be any special advantage, but simply states the fact that all the leading players in this market have acquired this functionality for a long time, and now they differentiate themselves from other vendors in terms of functionality.

According to Gartner forecasts by 2020. Enterprise-class virtualized firewalls will occupy up to 10% of the market, up from 5% at the moment. By the end of 2020. 25% of firewalls sold will include cloud integration security brokers to connect to cloud services ( Cloud Access Security Broker, CASB), integrated by the corresponding API. By 2020 50% of new firewall installations will use outbound TLS inspection, up from less than 10% currently.

According to Gartner, the Enterprise Firewall market consists primarily of solutions for protecting corporate networks (Enterprise Networks). The products included in these solutions can be deployed as a single firewall, as well as in large and more complex scenarios, including branch networks, multi-layer demilitarized zones (Multitiered DMZs), in traditional deployment scenarios in the form of a "large" firewall in the data center, and also include the ability to use virtual firewalls in the data center. Customers should also be able to deploy solutions inside public cloud infrastructures Amazon Web Services (AWS), Microsoft Azure, and the vendor should have Google Cloud support in its roadmap for the next 12 months. Products must be able to be managed with highly scalable (and granular) controls, have a strong reporting system, and have wide range solutions for the network edge, data center, branch network and deployment in infrastructure virtualization and public cloud. All vendors in a given market segment must support fine-tuning and control of applications and users. The functionality of Next Generation Firewall is no longer an advantage, but a necessity. So Gartner crosses out the term she invented, because given functionality is considered quite common and absolutely necessary in the Enterprise Firewall market. Essentially, Gartner considers NGFW and Enterprise Firewall synonymous. Manufacturers working in this market focus and build a sales strategy and technical support for large companies (Enterprises), and the functionality they develop is also focused on solving the problems of large companies (Enterprise).

Gartner says its research shows NGFWs are gradually continuing the trend of replacing standalone IPS devices at the network perimeter, although some customers say they will continue to use dedicated Next Generation IPS (NGIPS) devices in a Best of Breed strategy. Many enterprise customers are interested in cloud-based Malware detection solutions as a cheaper alternative to stand-alone sandbox solutions ( Sandboxing Solutions).

Unlike the UTM market, the corporate firewall market does not imply that NGFW solutions should contain all the functionality to protect the network. Instead, Gartner sees in enterprise firewalls the need to specialize specifically in NGFW functionality. For example, enterprise-class branch firewalls require support for a high degree of granularity for blocking network traffic, which must go in the product base, an integrated service approach to processing network traffic is required, product management must be highly integrated, and not look like a hastily compilation of different engines into one product. ... The level of protection and ease of configuration of enterprise-class firewalls for branch networks should not be inferior to solutions for the head office.

In 2017. Gartner pays Special attention solutions for ensuring the termination of TLS sessions to ensure that outgoing traffic is scanned for threats, such as downloading malicious code, controlling botnets. In a way, the ability to inspect outgoing TLS traffic brings NGFW closer to DLP solutions in a lightweight version, since decryption and subsequent inspection of outgoing TLS traffic allows you to make sure that sensitive data is not sent out. However, some customers using this feature may experience significant performance degradation when activating this feature due to the high cost of decrypting TLS.

Some progressive customers are planning, and some are already taking advantage of the Software Defined Networking (SDN) paradigm and leveraging micro-segmentation capabilities in a virtualized data center. These customers are looking at vendors with support for various SDN solutions, as well as their plans for further development towards SDN. Solution vendors are incorporating increasingly automated approaches to orchestrating firewall policies to provide the flexibility and business benefits that the SDN paradigm promises.

Let's look now at current situation with Gartner square by market Enterprise Firewall as of July 2017:

But what happened a year ago, in May 2016:

The list of long-standing leaders of the Enterprise Firewall market is Palo Alto Networks, Check Point. This year, Gartner moved Fortinet from Challengers to the Leadership category as well. Passions are heating up - the positions of the leaders in this segment are also getting closer to each other. Cisco was unable to become a leader this year either, remaining in pursuit. But Huawei is surprising, which of the niche players was quite confidently placed in the section of the pursuers.

What does Gartner think about the leaders of the Enterprise Firewall market separately:

1. Palo Alto Networks:

It is one of the leaders in the Enterprise Firewall market, and is also a pure Security vendor, based in Santa Clara (USA, California), with over 4,000 employees. Produces firewalls since 2007, in 2016. revenues exceeded $ 1.4 billion.The solution portfolio includes enterprise-class firewalls in physical and virtualized executions, solutions for protecting end nodes (Traps and GlobalProtect), solutions for collecting, aggregating, correlating, real-time threat analytics to support defensive measures (Threat Intelligence , AutoFocus), SaaS security solutions (Aperture). The manufacturer is actively working on integrating solutions into a unified network security platform.

Palo Alto Networks recently released version 8 of the PAN-OS operating system with enhancements for WildFire and Panorama, new SaaS security functionality, and user credential protection. A firewall model has also been released entry level PA-220, PA-800 Series mid-range devices, the PA 5000 Series firewall line (new models 5240, 5250, 5260) has also been updated, which has been released since 2011.

Representative of the Enterprise Firewall market leaders. The portfolio of products for the Enterprise market contains a large number of solutions, including NGFW firewalls and solutions for endpoint protection, cloud and mobile solutions network security. Check Point's flagship products are Enterprise Security Gateways (Enterprise Network Security Gateways include the 5000, 15000, 23000, 44000, and 64000 families). Cloud security provided through vSEC solution for private and public clouds, there is also SandBlast Cloud solution for SaaS applications. Endpoint security solutions include SandBlast Agent and solutions for mobile protection- Check Point Capsule and SandBlast Mobile. Also released SandBlast Cloud solution for scanning mail traffic in Microsoft Office 365. In 2016. become available models 15400 and 15600 for large corporate customers, as well as 23500 and 23800 for data centers.

Recently, new Hi-End platforms 44000 and 64000 were presented, vSEC was released for Google Cloud, and a new software version R80.10 was released with improvements for the management console, improved performance and SandBlast Anti-Ransomware, which provides protection against malicious software of the Ransomware class. Also introduced is the new Check Point Infinity network security architecture that integrates the security of networks, clouds and mobile users.

Also Check Point has been expanded cloud solution Malware protection that can be integrated in front of SaaS email services. Check Point offers numerous software blades that extend firewall capabilities, including Advanced Mailware Protection (Threat Emulation and Threat Extraction), Threat Intelligence Services - ThreatCloud IntelliStore, and Anti-Bot. Check Point supports its firewalls in public clouds Amazon Web Services (AWS) and Microsoft Azure, solutions are available for integration with SDN solutions from VMWare NSX and Cisco Application Centric Infrastructure (ACI).

Check Point's solution should be shortlisted by an enterprise customer for whom price sensitivity is not as important as granularity of network security functionality, coupled with high-quality centralized management for complex networks... It is also a good candidate for customers using hybrid networks of on-premise hardware, virtualized data centers, and clouds.

Only registered users can participate in the survey. Come in, please.

What is the most best firewall (Firewall) for Windows - this question torments many Internet users, paid or free, software or hardware. This question can be answered immediately and almost unambiguously: the best firewall ( Firewall) this is a hardware but, very, very best firewall ( Firewall) this is the one that is adjusted with straight hands ...

As previously mentioned, the best firewall ( Firewall) is a hardware device, the prices for which sometimes reach 50-70 thousand cu. but, today's topic will be a brief analysis of software firewalls ( Firewall) for Windows in terms of reliability / performance ratio ...

Firewall (Firewall) an important element in your PC's security arsenal. Unfortunately, the standard firewall ( Firewall) for Windows does not provide the desired functionality and blocks or allows only incoming connections, and all outgoing connections are allowed by default, although the reliability of the built-in Windows firewall (Firewall) without doubt.

The most popular firewalls today ( Firewall) for personal PCs it is:

It is necessary to determine what is the decisive factor for you when choosing - usability or reliability / performance ?! Above given list of the most common firewalls (Firewall) for Windows, in the order of their preference by our citizens. We will not delve into the details of each product, but consider only the highlights of the first two ...

Agnitum Outpost Firewall Pro

Agnitum Outpost Firewall Pro development of domestic programmers and is the most preferred firewall ( Firewall) among ordinary ordinary domestic users who almost never look at " Task Manager". Agnitum Outpost Firewall Pro more convenient to use and provides more extensive information about the ongoing network events around your PC ..

Easy to use and provides good statistics about what is happening on the network, but usability does not mean reliability / performance! The convenience of use " Agnitum Outpost Firewall Pro"costs the user an overuse of system resources and in some places in the regular BSOD... So for example the combination NOD32 v4.0 + Outpost Firewall 2.x caused regular BSOD, Outpost Firewall older ones are more gluttonous of system resources, and especially when downloading large files through a fast network connection and from servers with good feedback!

The versions " Outpost Firewall"above the 6th in which the process" acs.exe"while downloading large files over a fast network connection and from servers with good impact it devours from 15 and before 50% system resources, and sometimes even higher! And here it does not matter setting the rules or disabling all additional opportunities- devours system resources ( CPU + Memory) in spite of everything and even in an idle state ( CPU 8-15%) !!! In version " Outpost Firewall 7.5"named" Performance Edition":)) "acs.exe"when idle, it behaves less aggressively, but the time it takes to download large files over a fast network connection and from servers with a good return eats everything from 15 and up to 50%

Version " Outpost Firewall 4"not so gluttonous, but, often crashes were observed when changing user accounts and not only! No offense to the company's programmers" Agnitum"but, they are still very far from such products as" Comodo Firewall Pro", "Comodo Internet Security" or " Checkpoint Firewall-1"! How not cool, but Western developers are making great strides in the field of software than domestic ...

Comodo Firewall Pro

After a long wandering in search of the best firewall ( Firewall) my choice finally settled on " Comodo Firewall Pro 3.14"which is different from" Outpost Firewall"remarkably suppresses attempts of incoming connections and does not wildly devour system resources - in an idle state it uses no more 0-2% CPU and 3-4 MB... In addition, when completely turned off or dropped " Comodo Firewall Pro 3.14"which is unlikely, there is no network access, which cannot be said about" Outpost Firewall".

The program is able to independently analyze each potential threat and, if necessary, issue an appropriate warning. Wherein " Comodo Firewall"recognizes over 10,000 different applications in various categories ( for example, “safe”, “spyware”, “adware”, etc.).

"Comodo Firewall"also has proactive protection, proactive protection includes HIPS ( Host Intrusion Prevention Systems) - a system for repelling local threats. The task of HIPS is to control the operation of applications and block potentially dangerous operations according to specified criteria.

Main characteristics " Comodo Firewall Pro":

- Full constant control and protection of your personal computer from Internet attacks, Trojans, hackers, malicious scripts and other unknown threats.
- Free updates - Comodo Firewall Pro will inform you about the availability of updates and, after your consent, will install them.
- Full control over the activity of programs on the Internet.
- Control over software updates.
- Tracking traffic in real time gives you the ability to instantly respond to potential threats.
- Simple, intuitive multilingual interface ( including Russian).
- Free for home and other network users.

"Comodo Firewall Pro"by default, it does not provide statistics on all blocked incoming connection attempts, but with the creation of certain rules and proper configuration, you can get these statistics. My choice is definitely in favor of" Comodo Firewall Pro 3.14"and I think that it will remain unchanged ... Why version 3.14, and not 4.x or 5.x? - Yes, because in version 3.x the most basic functions are concentrated without unnecessary" bells and whistles "and it is less demanding on resources rather than 4.x or 5.x? ...

According to the matousec.com website, Comodo's products continue to occupy the first positions among the test participants: http://www.matousec.com/projects/proactive-security-challenge/results.php

Truth in " Comodo Firewall Pro"there are no such useful features as blocking active elements and the statistics are poor, but this drawback in favor of saving system resources can be compensated for by the" Firefox "browser and the" AdBlock "+" NoScript "plugins, and if necessary, we will collect statistics with other programs ...

wipfw

wipfw is analogous to the ipfw console firewall, but only for windows. Has more features than the standard firewall from Wndows XP. Can limit the number of connections from a specific IP address or range of IP addresses. It is possible to identify packets by the set flags SYN, FIN, etc.

The majority of users, when deciding the issue of computer security, limit themselves to installing a commercial or, at the same time, believing that this is quite enough for "one hundred percent" protection. However, this is not quite true.

The Internet is full of dangers and in most cases it is through the network that malicious applications penetrate the computer, and then, nesting themselves, begin to transfer personal data of an unsuspecting user to the network or use the computer to spread spam or as a proxy server.

Therefore, it is so important that a good firewall or, as they say, a firewall is installed on each computer in addition to. In that small overview we bring to your attention seven best free firewalls: Ashampoo Firewall Free, PC Tools Firewall Plus, Emsisoft Online Armor Free, ZoneAlarm Free Firewall, Filseclab Personal Firewall Professional Edition, Outpost Firewall Free and Comodo Firewall. It's up to you to choose.

Ashampoo Firewall Free

First on our list is Ashampoo Firewall Free. Like most programs developed by the company, this firewall has a convenient and colorful interface with support for the Russian language and a built-in wizard.

To use the program, you must go through a simple registration procedure on the manufacturer's website. In this case, a free code will be sent to the user's mailbox, which can be used to register the Ashampoo Firewall.

Immediately after installation, the wizard will offer to configure the program by choosing one of two modes: “Simplified” and “Expert”. In most cases, it is recommended to use expert mode.

The program has five main modules or sections. In the "Rules" section, you can configure connection parameters for programs using the Internet. The “Statistics” and “Journal” modules are purely informative. Here you can view data about all connections and events.

The "Configuration" module is intended for internal settings of the firewall itself. The Utilities section contains four additional tools, namely a process manager, a utility for clearing your browsing history, and a pop-up blocker.

Ashampoo Firewall Free works like this: when an application for which there are no established rules tries to establish a connection, the firewall notifies the user about this, offering to create a new rule for this program, that is, to allow or block its access to the network.

If you disable this function (learning mode), the dialog will not be shown, and all applications for which no rules have been set will be blocked automatically. You can also use the "Block all" option. In this case, the firewall will block all connections without exception.

PC Tools Firewall Plus

Next, we advise you to pay attention to the excellent firewall called PC Tools Firewall Plus. Simple, free, with support for the Russian language, this firewall is one of the most reliable and effective, according to numerous user reviews. PC Tools Firewall Plus protects the system from unauthorized data transfer by Trojans, keyloggers and others malware and also prevents them from entering the computer.

It also supports flexible management of network traffic, creating your own rules, protecting settings with a password, hiding the presence of a PC on the network. The program is easy to install, does not require registration and system reboot as in the case of Ashampoo Firewall.

Connection parameters are configured manually. It is advisable to do this immediately after installing the program, since by default PC Tools Firewall Plus marks some applications as unverified and therefore may partially block their work. The firewall user interface has six main sections.

The Applications module is intended for managing programs and creating rules for them. You can make a list of checked ports and IP addresses in the "Profiles" section, and if you want to analyze network traffic you can switch to the "Work" section. In the general settings, you can adjust the level of protection, configure filtering, full screen mode, and set a password to protect the PC Tools Firewall Plus itself.

Emsisoft Online Armor Free

The third place on our list is occupied by free firewall from Emsisoft GmbH under the name Online Armor Free. The program has a fairly impressive set of protection tools against all kinds of network threats, as well as blocking malware that uses the Internet. Online Armor Free includes four main protection modules: firewall, web filter, proactive protection and anti-keylogger.

Firewall and web filter provide reliable protection from information leakage from the user's computer, and also suppress attempts of unauthorized access to the system by malicious scripts.

The proactive protection module allows you to control the behavior of programs and, if necessary, restrict their activities.

Online Armor Free automatically scans the system for potentially dangerous applications and marks them accordingly. The firewall uses updated online databases to determine the security level of applications installed on the system.

Online Armor Free has a fairly simple and user-friendly interface with Russian language support. The main menu is located on the left side of the working window, on the right side the program status, the date of the last database update, and last news from the developer's site. Online Armor Free supports creating rules for programs, controlling ports and devices, creating lists of ignored domains, controlling autorun suspicious applications, as well as control of authority to change the HOSTS file.

Also, firewall features include protection against spam, keyloggers, cookie blocking, site classification and protection against forced address changes. home page Internet Explorer, Opera and Firefox browsers. Additional features of the application include support for virtual desktops, subnet scanning, as well as disabling HIPS and setting a password on the GUI.

ZoneAlarm Free Firewall

If the lack of the Russian language does not bother you, you can pay attention to the ZoneAlarm Free Firewall - a very peculiar firewall in terms of design, designed to protect PCs when working in global and local networks.

The application has a lightweight interface with a minimum of settings. Control is maintained custom programs(access list), Internet traffic tracking, email attachments checking, detailed logging, blocking pop-up windows and banner ads.

In addition, the program implements the function of controlling cookies, so that you can restrict the transfer of confidential information to the viewed websites. The user can set the level of protection independently. You can download the ZoneAlarm web installer for free from the developer's website.

During the installation of the package, in addition to the firewall, a number of additional protection tools are also installed - Web Identity Protections (web lock), Identity Protections (personal identification) and Online Backup (backup). After installing the firewall, a computer restart is required.

Filseclab Personal Firewall Professional Edition

Filseclab Personal Firewall Professional Edition is another free, convenient and very simple firewall. The program supports creating individual rules for programs using a step-by-step wizard, filtering network access, viewing connections in real time, maintaining logs, and monitoring traffic. Filseclab Personal Firewall reacts to attempts by “dubious” or new applications to open a connection with a pop-up window prompting you to create an appropriate rule.

The program uses three main security levels, each of which is marked with a corresponding color: green, yellow and red. In addition, for each level, it is possible to create personal rules. Filseclab Personal Firewall has a fairly simple interface divided into seven sections.

The "Status" section displays the traffic volume and the number of transmitted packets; “Monitor” displays listening ports and application connections.

In the Rules section, you can set rules for specific application or domain.

The rest of the sections are for informational purposes only. There is no Russian language in Filseclab Personal.

Outpost Firewall Free

The next firewall, Outpost Firewall Free, is perhaps one of the simplest and most undemanding firewalls to the system. In this respect, it is akin to the standard Windows firewall, which, as a rule, is constantly present in the system, does nothing :).

Outpost Firewall is a fairly easy-to-use program designed to protect against external intrusions, as well as unauthorized data transfer by applications installed on the user's computer. Unlike other firewalls, Outpost Firewall Free requires almost no preliminary configuration.

The application supports monitoring of all incoming and outgoing connections, tracking software activity in real time, expandability using plug-ins. In the event of a threat or network activity of “dubious” programs, Outpost Firewall will notify the user about this by suggesting to allow or block the application that has declared itself.

Outpost Firewall Free has a very simple user interface that is not burdened with unnecessary features. Unfortunately, there is no Russian language.

However, this is not so important - the program is simple enough that even a novice user can figure it out. A few settings allow, if necessary, to adjust the level of protection (up to complete blocking of connections), as well as create exception rules for various programs and services.

Comodo Firewall

And finally, we suggest you briefly familiarize yourself with one more free firewall Comodo Firewall. This powerful, feature-rich program with an impressive set of tools comes bundled with Comodo Antivirus, Comodo Defense and the Dragon web browser, but can also be installed separately.

The firewall provides complete protection against hacker attacks, Trojans, malicious scripts, keyloggers and other types of Internet threats. The application supports monitoring of incoming and outgoing traffic, working with ports, hiding a computer on the network, controlling software and driver updates

Additional functions of the firewall include maintaining a detailed log of events, integration into Windows Security Center, fast switching between modes (from the system tray), protecting the system during startup, detecting unidentified files, viewing active processes and launching applications in a special sandbox (Sandbox).

With such a solid toolbox, Comodo Firewall has a simple Russian-language interface focused on the inexperienced in network settings user. All the tools and functions of the application are distributed among four modules, with a corresponding description for each option.

Plus, the program is equipped with a system of interactive dialogs (pop-up windows), written in an extremely simple and understandable language for a novice user.

Outcome

Choosing a good firewall can seem like a daunting task. And to make this work easier, let me give you some free tips. First, when choosing a firewall, pay attention to the opinion of experienced users and software testers. As a rule, a really good firewall leaves a lot of positive feedback.

Secondly, a good firewall should not enter into unreasonable conflicts with system drivers, popular applications and antiviruses, as well as be able to work with the Windows Security Center.

Updatable databases are also highly desirable. In addition, a good firewall cannot be disabled so easily from the Task Manager (this can be done with Filseclab Personal Firewall).

Thirdly, the firewall should not slow down the system in any way. For example, in this regard, the ZoneAlarm firewall is seriously inferior, since it is quite demanding on system resources and can slow down the work of a weak machine.

Also, before the final choice, it is advisable to test the firewall using a special program 2ip Firewall Tester. Everything else, such as the presence of the Russian language, user-friendliness of the interface, external design, is of secondary importance.

If you used a personal computer in the 90s, you probably thought that firewalls were needed for organizations, but not for ordinary users. It took the ZoneAlarm team several years to convince consumers of the need for reliable network protection using a firewall. ZoneAlarm Free Firewall has been evolving all this time, and its interface has been changing. The product remains a great choice for users who want more options than Windows built-in protection offers.

The program is installed instantly and starts working immediately. The main window is designed in gray, green and blue tones and contains three large panels: Antivirus, Firewall and Identity & Data. Antivirus panel is grayed out - it is assumed that the user can use the solution with any preferred antivirus, for example, the free AVG AntiVirus Free or Panda Free Antivirus. When installing the product, you can optionally choose to install ZoneAlarm Free Antivirus + Firewall 2017.

Protection against hacker attacks

ZoneAlarm hasn't received major changes since the previous release, which means it's still effective against network attacks... During testing, port scans and other types of web attacks were carried out, but the product reliably parried them. ZoneAlarm successfully turned all system ports into stealth mode, making them invisible to attacks coming from the Internet.

ZoneAlarm invented the concept of a firewall protection mechanism against direct targeted attacks. During testing, it was not possible to terminate the program processes or in any way interact with Windows services - all attempts showed the message “Access denied”. Disable protection by manipulating system registry also failed.

Intrusion Prevention is a feature associated with firewall technologies, but it is not entirely true. When attacking the test system using 30 exploits generated by the CORE Impact tool, ZoneAlarm did not react in any way. However, the attacks failed to compromise the security of the system because security patches were installed on it in a timely manner.

By comparison, Symantec Norton AntiVirus Basic blocked two-thirds of the exploits at the network level, ensuring they couldn't reach the target system. Kaspersky Internet Security coped well with this test - the product blocked about half of the exploits.

ZoneAlarm assigns networks to a Public Zone or Trusted Zone. By default, the security level is raised to the maximum level when connected to public network... The user will be able to connect to the network, but other devices on it will not be able to communicate with user device... A medium security level is set in the trusted zone, and it becomes possible to exchange files and send documents for printing.

Application control

Windows' built-in firewall effectively blocks external attacks. The main reason for choosing a third-party firewall is to get an application control function that allows you to prevent unwanted use of the network and the Internet by applications.

V early versions ZoneAlarm users had to decide for themselves which programs can access the Internet. Multiple pop-up requests confused users. Allow or Block? Who knows! In recent years, the company has added a cloud-based database of famous applications. ZoneAlarm can now automatically set the appropriate network permissions for almost any program you use.

If you go through the settings in detail, you will find a slider that sets the security level for application control. Available values are disabled (off), minimum (Min), average (Med) and maximum (Max). The default is Medium - in that mode, ZoneAlarm does not screen all programs. The product detected an attempt to access the Internet by a self-written browser and automatically allowed access.

When the maximum security level was set, ZoneAlarm began to respond to all unknown programs and display a request for permission or blocking access. This mode safety had other notable effects. So the behavioral analysis component of OSFirewall moved to enhanced mode work and notify about a wide range of actions that may indicate malicious activity, but may also be signs that a safe program is running.

When trying to install 20 old PCMag utilities, ZoneAlarm displayed at least one alert for each application. One of the utilities being installed caused four warnings to be displayed. A similar feature in Comodo Firewall 8 generated even more alerts.

Protection of personal information

On the Identity & Data page in ZoneAlarm you will find additional ways enhancing security. For starters, you can activate the 5 gigabyte cloud backup storage offered by ZoneAlarm partner IDrive. The same storage can be obtained directly from IDrive.

Another ZoneAlarm partner, Identity Guard, offers a free one-year data protection subscription. After registering and entering data, the service warns about various events, for example, data verification or potential account hijacking. You can access the data theft assistance service.

Identity Lock offers a completely different approach to protecting personal data. The user simply adds sensitive data to special safe... ZoneAlarm allows you to save 15 different types of data, including credit card numbers, passwords for online stores, and even your mother's maiden name. It is also possible to use a different category.

For each object, you can set one-way encryption, otherwise the data will be at risk. You should also leave activated options data protection for the Internet and email.

If you set the Identity Lock to a high level of protection, the function will block data transmission from your computer until you visit a web resource that you personally identified as trusted. Personal information is replaced with asterisks. In medium security mode, Identity Lock displays a warning and prompts you to prohibit transmission. During testing, there were cases where data was sent despite attempts to block the transfer. In addition, Identity Lock cannot protect data transmitted to sites protected by the HTTPS protocol.

Easy win

Earlier in the segment of third-party firewalls there was serious competition, but systematic improvement Windows firewall weakened this struggle. Paid firewalls were in a particularly disadvantageous position, the demand for which dropped sharply with the advent of free and effective system protection.

ZoneAlarm remains PCMag's Editor's Choice in the third party firewall category. The product shares the title with Comodo Firewall 8, which, nevertheless, has not been updated for a long time. If you want to get advanced features of firewall protection, then feel free to choose these solutions.

ZoneAlarm Free Firewall 2017 Review: