Best Free Firewall For Use With avast! Free Version

[n01clueless]

I have Comodo Internet Security free with Defense+ but obviously without their antivirus. I haven't been with Avast for long but so far it works just as well with Comodo as Avira did, and that was very well, and Comodo is nowhere near as complex as some people would have you believe. I'm anything but an expert (hence my username) but I find it quite straightforward. I used Gizmo Freeware's set up instructions and I get very few pop ups, occasionally for a new program it doesn't recognize but that's about it.

[willy.w]

i used avast free.
now i use avast pro.

i combine it with  sunbelt personal firewall 4 (free version).
it work great. no conflict.

just need some  setting in 'network security' in spf4.

and work fast in my old pentium IV.

 

[SHARKY7SHARKY]

I just about fell asleep with that very dragged out review   did you happen to notice what he has running on his system ? MSE, AVG,THREATFIRE and COMODO and god knows what else that couldn't be seen   
 
  Logged 
 
If you drag the slider & skip the boring bits, it is a bit dragged out.

His also got yahoo messenger,I thought that was for kids.
Someone needs to tell him about Skype.

[CraigB]

i used avast free.
now i use avast pro.

i combine it with  sunbelt personal firewall 4 (free version).
it work great. no conflict.

just need some  setting in 'network security' in spf4.

and work fast in my old pentium IV.

 

Sunbelt firewall is going to be discontinued as of the 31st of december 2011 http://www.sunbeltsoftware.com/Home-Home-Office/Sunbelt-Personal-Firewall/ so theres not to much point in in advising anyone to use this firewall anymore since the advancement of the product will come to a holt.

[Dch48]

I previously had recommended the PC Tools Firewall Plus but I have found that it doesn't work right with Windows 7 64 bit. It wasn't even creating rules for some of my apps and after reporting it at their forums was told that parts of it were not fully 64 bit compatible as yet. I have returned to using the Windows Firewall for now. The Windows 7 flavor is the best one yet.

[Corsair]

I previously had recommended the PC Tools Firewall Plus but I have found that it doesn't work right with Windows 7 64 bit. It wasn't even creating rules for some of my apps and after reporting it at their forums was told that parts of it were not fully 64 bit compatible as yet. I have returned to using the Windows Firewall for now. The Windows 7 flavor is the best one yet.

The Windows 7 firewall is very good. Most people do recommend it. The Windows XP one, however, is to be avoided.

There are certain things Windows 7 improved on security wise. So usually when I see people recommend using Windows Firewall, etc, they are talking about Windows 7. This applies to system tools as well (De-fragmentation is one example - Windows 7 great, Windows XP not so great).

Unfortunately, this distinction isn't always made clear on some review sites.

[DavidR]

The one thing the windows 7 firewall has improved, is outbound protection is still disabled by default and it still isn't very user friendly for your average user, it is rules based and they need to create the rules.

So unless they a) enable the outbound protection and b) are familiar with firewall rules creation, then the win7 firewall isn't very good.

[Dch48]

This is a quote from a technet article about the value of outgoing filtering:

There is a very simple fact about outbound filtering that its proponents fail to take into account. The usual argument from the host-based firewall vendors is that if a system is compromised, whether by a worm or by an interactive malicious user, outbound filtering will stop the worm from infecting other systems or will stop the attacker from communicating out. This is not true.

http://www.brighthub.com/link/header.aspx?u=http%3a%2f%2ftechnet.microsoft.com%2fen-us%2fmagazine%2fcc510323.aspx&p=5935&returnUrl=%2fcomputing%2fsmb-security%2farticles%2f5935.aspx

[DavidR]

Well you will excuse me for not believing or taking this all at face value. Why the h*ll would Microsoft go to all the trouble and expense of having added outbound protection to Vista and Win7 firewall when it doesn't work.

They could have left it just the same as the XP firewall which didn't have any outbound protection, disabled or otherwise.

This article if anything just shows how much of a pain in the ass rules creation can be and if it doesn't work why bother.

There is also something wrong on that page as a) I can't find your quoted text and b) it appears to be incomplete, tails off to an untidy end in mid sentence (firefox 5.0.1). Edit same problem on IE8.

[Dch48]

Well you will excuse me for not believing or taking this all at face value. Why the h*ll would Microsoft go to all the trouble and expense of having added outbound protection to Vista and Win7 firewall when it doesn't work.

They could have left it just the same as the XP firewall which didn't have any outbound protection, disabled or otherwise.

This article if anything just shows how much of a pain in the ass rules creation can be and if it doesn't work why bother.

There is also something wrong on that page as a) I can't find your quoted text and b) it appears to be incomplete, tails off to an untidy end in mid sentence (firefox 5.0.1). Edit same problem on IE8.

Yes, you have to view the page in compatibility mode of IE to see the whole thing. I didn't mention that because I didn't know if it would be a problem in other browsers as well.

I decided to try the free version of Windows 7 Firewall Control and I must say I like it a lot. It provides full two way filtering with none of the annoying HIPS or HIPS like junk of other firewalls. It was just what I was looking for. It's a little annoying to have to tell it what to do on first access of every program, but after that it works very well and does not seem to have any impact on the system at all.

Also, they told me at the PC Tools forum that the reason why rules were not being created for some apps was because of the way the Web Shield in Avast works. They told me to disable the Shield which I am absolutely not willing to do. I can't recommend their product for 64 bit systems at all unless they fix the issue in a future update.

[Corsair]

Well - I've gone with avast! free 6 with Comodo Firewall installed as Firewall Only (so not using Defense+).

Seems to be the best working combination.

Just a note here:
I installed avast! free first. Then – after it was all setup and running (read below) – I first disabled all the shields permanently. Then I turned off the avast! self defence in the settings. This would then let me end the avastui.exe process via task manager. I also went to "Services" and stopped the avastsvc.exe service.

Once this was done I installed Comodo Firewall as Firewall Only then rebooted when asked.

On reboot – I then setup Comodo Firewall (described below).

Only after Comodo Firewall was setup did I re-enable the avast! shields and turn avast! self defence back on.

I have avast! on pretty much default settings (have not changed heuristics at all) except that I have:
- Selected the "Load avast! services only after loading other system services"
- Gone through the shields and selected the option to scan for potentially unwanted programs (PUP)
- Gone through the actions for the shields and made it for viruses: repair, move to chest, delete ; for PUP & Suspicious: ask, repair, move to chest
- Added comodo to exclusions under settings and file system shield
- Gone through the shields and selected the "All Packers" option

For Comodo Firewall installed as Firewall Only:
- Firewall Settings > General Settings: Set to Custom Policy and selected the options to "create rules for safe applications" and "enable IPv6 filtering"
- Firewall Settings > Alert Settings: Unticked the "this computer is an internet connection gateway" option
- Firewall Settings > Advanced: Selected "Protect ARP Cache", "Block Gratuitous ARP Frames", "Block Fragmented IP datagrams" and "Do protocol analysis"
- Ensured that, under the Network Security Policy > Application Rules, that avastsvc.exe, avastui.exe and avast.setup are "Trusted Applications".
- Opened, ran "check for updates" etc, and closed every program on my machine in order to create the rules.
- When prompted – added my network to the "Network Zone" and selected the option to allow other machines within the network to communicate with my machine.

I think doing this will allow general hassle free operation. Its the setup I plan on going with for my parents, sister and fiancee.

[gdiloren]

I uninstalled Comodo FW after last July's failure of some critical Windows Updates. Seems D+ never sets to null anyway. Then, it's a suite, it installs evrything skeleton. I prefer ZA FREE FW without toolbar.

[Dch48]

Well - I've gone with avast! free 6 with Comodo Firewall installed as Firewall Only (so not using Defense+).

Seems to be the best working combination.

Just a note here:
I installed avast! free first. Then – after it was all setup and running (read below) – I first disabled all the shields permanently. Then I turned off the avast! self defense in the settings. This would then let me end the avastui.exe process via task manager. I also went to "Services" and stopped the avastsvc.exe service.

Once this was done I installed Comodo Firewall as Firewall Only then rebooted when asked.

On reboot – I then setup Comodo Firewall (described below).

Only after Comodo Firewall was setup did I re-enable the avast! shields and turn avast! self defense back on.

I have avast! on pretty much default settings (have not changed heuristics at all) except that I have:
- Selected the "Load avast! services only after loading other system services"
- Gone through the shields and selected the option to scan for potentially unwanted programs (PUP)
- Gone through the actions for the shields and made it for viruses: repair, move to chest, delete ; for PUP & Suspicious: ask, repair, move to chest
- Added Comodo to exclusions under settings and file system shield
- Gone through the shields and selected the "All Packers" option

For Comodo Firewall installed as Firewall Only:
- Firewall Settings > General Settings: Set to Custom Policy and selected the options to "create rules for safe applications" and "enable IPv6 filtering"
- Firewall Settings > Alert Settings: Unticked the "this computer is an internet connection gateway" option
- Firewall Settings > Advanced: Selected "Protect ARP Cache", "Block Gratuitous ARP Frames", "Block Fragmented IP datagrams" and "Do protocol analysis"
- Ensured that, under the Network Security Policy > Application Rules, that avastsvc.exe, avastui.exe and avast.setup are "Trusted Applications".
- Opened, ran "check for updates" etc, and closed every program on my machine in order to create the rules.
- When prompted – added my network to the "Network Zone" and selected the option to allow other machines within the network to communicate with my machine.

I think doing this will allow general hassle free operation. Its the setup I plan on going with for my parents, sister and fiancée.

It's not quite that easy to install the Firewall only without D+. You are given three options when installing it called something like ,maximum protection, normal protection, and enterprise strength firewall only. Only the last one, enterprise strength, will give you the firewall without D+. However, even using the firewall only installer, all of the other components of the Comodo Internet Security suite do get installed as well, they're just turned off. Even the AV, with a rather large database file, gets installed.

I'm really liking the free version of Windows 7 Firewall Control. You get a popup, choose to block or allow incoming,outgoing,or all, and that's it. You can also set it to allow everything while ,say, installing something, and then go back afterwards and edit the rules that were made to your preference.

[Dch48]

Well you will excuse me for not believing or taking this all at face value. Why the h*ll would Microsoft go to all the trouble and expense of having added outbound protection to Vista and Win7 firewall when it doesn't work.

Simply because there were too many criticisms because it wasn't available. It's need is still in debate. It does work but is easily circumvented by malware. That's the point.

[DavidR]

Because something can be circumvented is hardly a reason not to bother installing a 3rd party firewall or using outbound, after all AV and other security applications can be circumvented, should you bother with them or should they give up too