AV-Comparatives Firewall Test 03/2014

[Petrovic]

http://www.av-comparatives.org/wp-content/uploads/2014/03/avc_fw_201403_en.pdf

 

[ifacedown]

Is this on Windows 8/8.1? I am surprised about Online Armor's performance!

 

[wert33]

@ifacedown
"The test device is a Lenovo ThinkPad Twist running a fully up-to-date Microsoft Windows 7
Professional SP1 64-bit. The base image, without any third-party security software, is configured to"

 

[Petrovic]

win 7 sp 1

http://www.chip.de/artikel/Firewall...enpflichtige-Tools-fuer-Windows_32878576.html

 

[looda]

great for avg firewall I did not think it has such firewall

 

[Petrovic]

Windows firewall) a good choice

 

[Šovelén]

win 7 sp 1

http://www.chip.de/artikel/Firewall...enpflichtige-Tools-fuer-Windows_32878576.html

Comodo firewall in sixth place? +, +, -??? It will be something stupid ... Personally I find Comodo FW better than Bitdefender with ++, ++, +

 

[Petrovic]

Better windows firewall
This is quite enough

 

[thepierrezou]

Avg firewall in interactive was good

 

[Purshu_Pro]

I always knew windows firewall was great ever since i used it with Bitdefender AV+ 2013.

 

[looda]

but online armor is bad I don't believe it ??????

 

[viktik]

LOL

Emsisoft and comodo at lower position.

Something not right

 

[MalwareDetective]

LOL

Emsisoft and comodo at lower position.

Something not right

Fully agree ^^

 

[Nico@FMA]

Well one of the things that is also not right is: Symantec Norton Internet Security....really?
Another thing is that not every request should be blocked, just the harmfull ones.

Anyway to me AV test sort of lost all credibility, and this is not due to the ratings they give but more because some of the things i have seen and heard in the industry.

 

[XhenEd]

Fully agree ^^

Unless, the AV-Comparatives firewall test is a true firewall test, not a HIPS test.

 

[Jaspion]

I just bought a new laptop. This kind of thing is important, as I reckon some day I'll have to use it on some public connection. Could some of the most informed members please give us some headers regarding how the firewalls (or internet security suites) out there actually compare?

 

[Nico@FMA]

Unless, the AV-Comparatives firewall test is a true firewall test, not a HIPS test.

Well the info next to the + and ++ signs are a death give away.

 

[Nico@FMA]

I just bought a new laptop. This kind of thing is important, as I reckon some day I'll have to use it on some public connection. Could some of the most informed members please give us some headers regarding how the firewalls (or internet security suites) out there actually compare?

Well as i mentioned in my previous post the additional info says it all, a test is nothing more as a test and should be regarded as such.
It will by no means give ANY indication of how a protection is going to work on your system and network considering you got your own ABC properly taken care off.
Also this test it mentions access past your firewall in some cases if computer name and such is being used in the request.
This would be potentially dangerous, however not all these traffic requests are actually dangerous and the art of protection is to have your firewall ONLY to respond to real dangers.
If you want to invite a hacker then get yourself a noisy firewall that respond to every single request. trust me you will make a hackers day.
Some of the products listed here get low rating due to the fact that they allow some direct traffic, however if this traffic would be a true attempt to hack you then these products would kick in and stop it.
So the true art is to filter out the static requests and to block the real attempts.
Another issue from a home POV is that in order for traffic inside your network (behind router) to use your name, ip and other credentials would by default already mean that your hardware firewall inside the router has been busted and that your software firewall will not stop it anyway.
So really Jaspion if you make sure you got all the ABC's in one basket then any product above will keep you save.

Cheers

 

[Jaspion]

Well as i mentioned in my previous post the additional info says it all, a test is nothing more as a test and should be regarded as such.
It will by no means give ANY indication of how a protection is going to work on your system and network considering you got your own ABC properly taken care off.
Also this test it mentions access past your firewall in some cases if computer name and such is being used in the request.
This would be potentially dangerous, however not all these traffic requests are actually dangerous and the art of protection is to have your firewall ONLY to respond to real dangers.
If you want to invite a hacker then get yourself a noisy firewall that respond to every single request. trust me you will make a hackers day.
Some of the products listed here get low rating due to the fact that they allow some direct traffic, however if this traffic would be a true attempt to hack you then these products would kick in and stop it.
So the true art is to filter out the static requests and to block the real attempts.
Another issue from a home POV is that in order for traffic inside your network (behind router) to use your name, ip and other credentials would by default already mean that your hardware firewall inside the router has been busted and that your software firewall will not stop it anyway.
So really Jaspion if you make sure you got all the ABC's in one basket then any product above will keep you save.

Cheers

Thanks. But I'm curious though, why exactly is this test not realistic? For example, someone having write privileges to your disk, that's very malicious if the person behind it has bad intentions. So, what is it about this test that makes it irrelevant for real-life situations? Why can't this happen at a cyber cafe or airport, etc?

 

[Nico@FMA]

Thanks. But I'm curious though, why exactly is this test not realistic? For example, someone having write privileges to your disk, that's very malicious if the person behind it has bad intentios. So, what is it about this test that makes it irrelevant for real-life situations? Why can't this happen at a cyber cafe or airport, etc?

Well you are right it could be malicious, but ask yourself the question, if a program would get W-priv on your pc then this already means that your configuration itself already is bogus, because if you got your ABC's taken care off then such a event would not be happening by default and thats even without having a third-party solution.
My point here is that you do not need uber protection, you only need to have a solid config that includes the standard ABC practices, and proper all round solution and the odds that on a airport you are getting hacked are just as small as you win a 10000 dollar ticket from your local lottery. And if you take into account these small facts then any program in the list would do just fine with standard settings.
Most people are so focused on having the most sophisticated program with the most aggressive uber options that their focus does not allow them to maintain a proper basic framework. Most people have a suit that protects their computer and they trust that suit to do just that, but one needs to realize the firewall suit is just ONE modular addon to your pc and to the whole chain of security.
Now if your chain is sound and up to date then you really do not have to worry, if your chain is not sound and has false sense of security options added then ANY of the above programs will just as easy fail.

So what do you want me to say?