No nonsense firewall... & a rant.

[MGCJerry]

I've recently moved to windows 7, and the windows 7 firewall sucks as bad as the XP version did. No oversight at all. When I used XP I used the last version of Sygate Personal Firewall and it was great. No toolbars. Checked with *me* whether or not if something could talk over the wire. Didn't bog down the machine, just sat there handling traffic and nothing else, what a firewall should do.

SPF doesn't work on Windows 7. Does anyone know of a decent replacement that shares similar functionality? Zone Alarm got the boot after 10 minutes. ZA Toolbar... Home page changes... C'mon... And it threw a fit when I changed settings to non-defaults (for starters: no security for LAN, but high for WAN... ZA didn't like it).

Does a no nonsense firewall exist anymore?
* Lets me decide what talks and what doesn't, inbound or outbound. I hate talkative firewalls that talks to some random server across the internet if abc.exe can access LAN/WAN. Firewalls are (or were) designed to limit traffic, not add to it.
* No toolbars. Sorry I don't need stinking toolbars.
* Options. Let me in there and change the rules.
* No security suite. I just want a firewall. You know network traffic manager. Nothing else
* No nonsense "You are not protected" chicken little running in circles screaming when I change a setting.
* Free or paid, but the user (me) needs to be able to control the firewall and its rules so the firewall can do as its told.

I would prefer to sit there and click allow, block, allow always, block always, etc for the first week than deal with the idiocy above....

*Sigh* My old age is showing... Get off my LAN *shakes cane*

 

[criccio]

Subbed just to see what comes of this. I honestly had no idea people still used (or cared about) software firewalls.

 

[cortexodus]

Based on your description, it sounds like you're not dealing with your LAN at all, just the machine you're running firewall software on. The last time I ran something like that, I used BitDefender.

If you want to protect your LAN, then I think you would need something on the edge. Maybe look into setting yourself up with a pfsense box?

 

[Hurin]

If I'm understanding your primary concern, you don't feel like you have full control over the Windows Firewall. Is this because sometimes Windows will open up some ports without your knowledge and/or applications will create profiles for themselves on it?

If so, I think you might like the Windows Firewall more if you start configuring it via your local computer policy. You can enable, set up your inbound and outbound rules, and then tell it to not allow local configuration changes. The only firewall rules that will ever be enabled at that point are the ones you've specified and/or created. Logging can also be enabled in the same place.

With that in place, I think the Windows firewall may fulfill all your other criteria. If you're not on a corporate network (where group policy is already likely set), then you can set your own group policy. Just search for "group policy" in the search box on the start menu.

--H

 

[MGCJerry]

I'm looking strictly for firewall software for my workstation. Windows firewall still lets all kinds of crap talk, that in my opinion doesn't need to be talking over a wire. I see you can still dig into the windows firewall rules manually but jeez you have to do some digging.

There's already a crappy edge device provided by our ISP.

I also suspected that firewall only software would fall to the wayside and/or be integrated into full security bloatware. I haven't looked for firewalls since Blackice was the leader, and that's when I found SPF and haven't looked since. Not bad for nearly one and a half decades.

I'll keep looking though, but all I'm finding is simplistic firewalls that don't give me much confidence or a fully fledged security suite.

Edit
Didn't see your post Hurin. Yes, you are correct. I didnt feel there was much control and the auto-create rule thing is not my idea of "security". I did find the options to tweak the firewall but my god. Who is the idiot who created that interface? I'll kick these options around to lock down the network traffic a lot more. I did see a number of software to "improve" how firewalls rules are established. BTW, I hid the "search box" because I'm more accustomed to running commands than 'searching' for an application, and its already in my start menu.

 

[Hurin]

Some follow up. . . be sure to right-click everything inside the Local Group Policy Editor firewall area. . . there's always more settings hidden away somewhere.

Also, once all set up, I've found one particular area helpful. . . it's sometimes confusing when trying to determine which rules are active, enabled, disabled, enabled for this profile, or enabled for another profile (etc.). If you ever want to see exactly what's active on a firewall at any given time, go to Control Panel > System and Security > Windows Firewall > Advanced Settings (on the left) > Monitoring > Firewall

That will show only the currently active firewall rules.

Might upload some screenshots to give a better sense of what I'm rambling on about when I get home (edit: did it from work. heh).

--H

 

[Hurin]

I have gotten used to the interface over time. Creating rules is now pretty simple via group policy. There are a lot of pre-created rules. Or you can create them from scratch. I've got a couple servers that are clean with only a rule for Remote Desktop locked down to a small IP range enabled. Our workstations are pretty chatty though (but locked down to the local subnet). I can't think of anything I would want to do that I can't get done with the built-in firewall and group policy. Then again, I'm not exactly doing all that advanced stuff.

 

[Hurin]

Sorry for the flood of posts. . . just wanted to clarify, if you use group (local) policy to configure the firewall and say "no" to the "apply local firewall rules" setting, you will still be able to create rules in the standard firewall control panel. . . which might give you the impression that they are applying. But if you look closely under the monitoring area specified above, you'll see that they aren't actually doing anything anymore. That's sorta a group policy thing. It overrides, but isn't super loud about doing so. There will be a yellow banner at the top of the main firewall control panel page though specifying that "some settings are being managed by your system administrator."

 

[MGCJerry]

No problem with the flood of posts, its valuable information. I'd give rep if I could. I've been kicking around the rules in group policy and I think this is doable. Clunky, but doable especially since it seems there is a huge lacking in no nonsense firewalls. Its still not notifying me when something is blocked so I cant review. So I'll be troubleshooting connection issues for a bit while I tweak the rules.

Thanks Hurin. I think we can mark this as resolved.