Subscribe to the Free Print Edition!
Celebrating 25 Years

GCN Home > January 22, 2001 issue

Three personal firewalls repel the invaders

Broadband provides more access for field offices and telecommuters, but also requires multipronged security plan

BY SEAN GALLAGHER | SPECIAL TO GCN

Broadband is a two-edged sword for network administrators who must keep field offices, industry partners and telecommuters connected to agency headquarters LANs.

Digital subscriber line and other always-on connections, combined with virtual private networking software, are relatively easy and cheap to set up. At the same time, they expose the remote systems to attacks that internal networks are better equipped to resist.

It isn’t practical for administrators to try to construct a firewall for every temporary office and telecommuter. Fortunately, a new generation of desktop security software makes it possible to protect such systems on an individual basis.



Personal firewalls are cost-effective. Even for a fair-sized office, their license fees probably would run less than a dedicated firewall appliance.

I tested three of the latest products: Sygate Technologies’ Personal Firewall 2.1, Network Ice’s BlackIce Defender 2.1 and Symantec’s Desktop Firewall 2.0.

Team players

All three can control or block any network traffic coming into or leaving a PC, but they’re most secure when used in conjunction with antivirus software and a generous dose of common sense.

Although each of the tested products could thwart the various port scans and Trojan attacks I threw at them, Sygate Personal Firewall turned out to be the best overall choice for administrators looking to deploy a flexible yet centrally controllable security product. It received the Reviewer’s Choice designation.

Symantec Desktop Firewall would make a good standalone choice, and BlackIce Defender also was a solid product but with some interface flaws. Its unique security approach might inspire more paranoia among users than necessary.

My test platform for the review was a 200-MHz Gateway E3200 Managed PC with 64M of RAM and Microsoft Windows 2000 Professional, representative of the desktop power in an average small office.

The Sygate entry, formerly known as Sybergen Secure Desktop, could provide tight security in a relatively small footprint. Its resource requirements were modest: Microsoft Windows 9x, Windows Millennium Edition, NT 4.0 with Service Pack 3 through 6a, or Windows 2000; 10M of free storage; and an installed TCP/IP stack.

More news on related topics: Product Reviews



GCN Popup