Considering Mcafee Desktop Firewall - should I invest in it? 2

[humour]

Why am I posting this here? > I posted the same question in the Mcafee forum and got no response. I am hoping someone here has tried both products Mcafee Firewall & ZA and perhaps has an opinion they can share?

Are they equivelent or roughly equivelant products? ZA & Mcafee?

I want to protect 40 nodes....
I want something easy to configure and use..

Why would I choose on over the other?

Any responses greatly appreciated.

 

[viol8ion]

http://www.firewallguide.com/software.htm

Here are some good reviews of the top contenders.

When in doubt, deny all terms and defnitions.

http://www.wuli.com

 

[GuidoZ]

I'm not a big fan of McAfee anything - just IMHO. I've seen far to many compatibility troubles arise from McAfee being installed. Personally, I'm a big fan of ZA Pro. It does what it should, is easy for almost anyone to use, and it's well made.

ZA is hands down winner for that question, but that's just in my book. =) Did I mention I'm an Internet security professional by trade?

P.S. viol8ion had good advice - check out some comparisons and see which suits you better.

 

[viol8ion]

I agree, I am not a fan of McAfee or of Norton. Both try to do too much and end up buggering your system, im my experience.

I prefer ZA for a firewall if you are not planning on running an external firewall, which is really the best bet as far as system resources are concerned.

When in doubt, deny all terms and defnitions.

http://www.wuli.com

 

[GuidoZ]

Again, excellent points viol8ion. There simply is no substitue for a hardware firewall. If you have access to an older machine you can use (even a 486 would work just fine, but a P75 or so is better) you can use a Linux firewall called SmoothWall. Little to no Linux knowledge is needed for configuration (all done thru a web interface), however knowledge can help if you need to make complicated ipchains or rule sets. There is also extensive support online along with forums.

More info can be found here:

http://www.smoothwall.org/

~ GuidoZ

 

[humour]

Thanks for the information guys.

I am using a Linksys router and have enabled the firewall features it provides and tested it using different security test sites. (

http://www.dslreports

and

http://www.grc.com.)

However I have a followup question pertaining to the recommendation about a hardware firewall or Smoothwall.

The reason why I want desktop firewall protection is NOT to protect me from an outside threat via the internet but rather to protect me from a threat on my side of the firewall.

If something does get through, via email, diskette, CD or a remote user hooked up via an VPN what protection will a hardware firewall offer. The threat is now on the friendly side of my firewall. I recently got hit with a worm despite my firewall, it quickly spread to other PC's on my internal LAN (mainly because I was not up-to-date with Windows seecurity patches).... My hardware firewall didn't and I think can't help me once somthing on my internal lan.

Is it true that DESKTOP Firewall protection WILL help me with this?

I guess I can summarize my concern in one question.

With a STRONG hardware Firewall for my internal Lan (basically on my gateway) do I STILL need Desktop FIREWALL Protection, Y/N? If so why (is it not because of internal threats).

By the way, I do have anti-virus on all my desktops and servers, but I am still being advised that a desktop-firewall is also required. Agree/Disagree & Why?

Waiting with baited breath for a response, thanks a ton in advance.

 

[viol8ion]

Generally it is recommended that you NOT use ZA with an external firewall. It can cause some strange behavior. However, I know of several people that do this without problem.

In lieu of ZA, I too use the Linksys firewall with good results. I also run AVG's free antivirus, and run spybot S&D weekly. INHO, AVG kicks Norton's or McAfee's butt in being a lean and excellent AV product. It checks incoming emails and has actually detected trojans that McAfee missed on my girlfriend's computer. With this complement of apps, you should be fairly well protected.

Of course, the best security is common sense. Do not openany attachments from people you don't know. And don't open any attachments from people you do know unless you are expecting them, or know they are clean.

I refuse to use Outhouse Express on my computer and recommend a real email client that does not allow trojans, worms and indecent scripts to just automatically run. Mozilla has an aexcellent, free client that is a world more secure than any Microsoft product.

I also refuse to surf the net with Internet Destroyer, preferring instead Mozilla, or using the Avant skin for IE which locks down a lot of the inadequacies.

Hope this all helps.

When in doubt, deny all terms and defnitions.

http://www.wuli.com

 

[GuidoZ]

Once again I must agree and stress everything said by viol8ion! I run the same software suite (AVG and Spybot SD along with a LinkSys), and urge the use of alternate products (Mozilla line is a fine choice).

As for your firewall question, the answer is YES. A hardware firewall (if configured properly AND supportive) can and will protect "friendly" threats. SmoothWall is an excellent choice for this, as you can have different "zones" within it, allowing each a different set of rules and security. In order to properly set it up for what you would like, you'll have to get a bit down and dirty with the ipchains and rules. Some Linux knowledge would be nice if you have it, but if not, no worries. Pop by the forums and extensive support available online and you'll get answers on EXACTLY how to set it up.

I'd start listing links for you, but you'll find it more helpful to just search Google and pick thru the results. You can also see links to some help from the SmoothWall.org website. I do think you'll find it surprisingly nice as a software/hardware firewall once setup. (The web cache and proxy available also saves some time if multiple computers are behind it, not to mention the lovely IDS with Snort built right in.) I currently use my LinkSys 4-port router as a simple switch now.

~ GuidoZ

 

[2cornflakes]

viol8ion / GuidoZ
Trying to understand the whether it's do or dont use ZA with a hardware/external firewall.
Are your definitions of the term external/hardware firewall the same?
It looks to me like viol8ion is refering to linksys and saying dont, GuidoZ is refering to a linux box and saying do.
If I'm misunderstanding can you help me out? thanks.

 

[viol8ion]

Linksys, Linux boxes with firewalls... any external hardware device is an external firewall. They are the same.

The opinions vary greatly on whether to run ZA along with an external firewall. I have done so without conflict, others have experienced problems. You won't know unless you try. Just remember that uninstalling ZA completely can be a hassle, so if you try to run it and see bizarreness, it will be a pain to delete ZA to find out if that is the problem.

The accepted procedure is to not run two firewalls simultaneously.

When in doubt, deny all terms and defnitions.

http://www.wuli.com