Poll
How much system resources could your security products consume at most?
Windows Personal Firewall Analysis
- What do we analyse?
- How do we analyse and what do we offer?
- Methodology reference
- Results of our analyses
- More about personal firewalls
- Design of ideal personal firewall
- Links
- Comparison of top five personal firewalls
- Introduction to Firewall Leak-testing
- Plague in (security) software drivers
- Leak-tests results
What do we analyse?
This page is outdated! Current information is available on pages of Firewall Challenge project.
This project is the flagship project of matousec.com. We have developed a brand-new methodology of analysing Windows Personal Firewalls.
Windows
When we say Windows we mean Microsoft Windows operating systems versions NT 4.0, 2000, XP and 2003 and we mean both Server and Workstation editions. We also plan to support Windows Vista in future projects. It is well known fact that older versions of Microsoft Windows operating systems are unsecure and there is no way how to protect users against possible threats on these systems. This is why we concentrate only on systems with NT kernel which implements the security well.
Personal Firewall
And when we say Personal Firewalls we talk about desktop security products which are commonly designed to enhance the security of operating systems by implementing process related security. Windows operating system with NT kernel implements user related security. This means that in common Windows system without personal firewall an administrator can create rules for various systems objects and then the decision of the operating system whether to allow or deny access to these objects depends only on the user account of the code that wants to access them. In a context of one user there is no chance to limit single process activities. On Windows systems with personal firewall installed the decision whether to allow or deny access to some object is divided into two parts. The first part is the same as before - the decision of Windows security based on user accounts. The second part is personal firewall security which usually allows users to control the behaviour and set rules for single processes. This possibility can be a great security improvement for many Windows users.
Problems of per-user security
It is the fact that many Windows users uses an automatic administrator account logon option. In such environment every malicious program run by an accident, because of ignorance or as the result of a hacker attack, can take control over the whole system. But if a personal firewall is installed the user may be alerted before any malicious activity happens. And it is not only the problem that is relevant to users who use automatic administrator account logon. Many Windows applications require to be run with administrator privileges. A good example for this are computer games. The problem is that many of these applications can be implemented not to have such requirements. Moreover, not only the administrator account is dangerous. Common user account can have an access to valuable documents and secret information. With only Windows security there is no chance to prevent sensitive data to be stolen when the malicious program runs. Personal firewalls usually implements rules that restrict Internet access only to a few applications that are allowed by a user.
User, Application, Desktop and Personal firewalls
There is no official term for what we call Personal Firewall. You can find people talking about Desktop Firewalls, Application Firewalls, User Firewalls meaning the same. Today there are many software products from various vendors that can be called personal firewalls. As examples we can take ZoneAlarm family of personal firewalls, Kerio Personal Firewall or Outpost Firewall. You can find many more examples of personal firewall products in our poll.