Best Free A-V and Firewall Combo by Resources/Protection

[AtlBo]

Keeping protection in mind, what is the best combination of free a-v and firewall in the two mentioned regards? This is for someone else, whose licence for ESET (a-v and firewall) is about expire. I use 360 TS and Comodo, which I would say is as good as it gets with these two considerations. I would recommend this, but I am seeking opinions, because this person might not like 360, being that it is from China. The system is a P4 2.8 GHz/2 GB RAM running XP, so resource usage is important, but high protection value is also important in this case.

With the firewall, configuration of the connections is important too. Comodo is OK with this, but it's not exactly the easiest when it comes to blocking connections. That said, the information on the alerts is OK, so I guess it's more or less on par with the best pay firewall elements of internet security packages in this regard.

One other thing. ESET's firewall does things like notice when an IP is sniffing around ports for an opening. The ESET firewall is really pretty darn good with these types of monitorings. Comodo is not going to do this, nor any of the other free programs I have seen. The PC's owner has mentioned that he likes this feature of ESET, so I was wondering if anyone has noticed this from any of the free IS programs.

 

[leguan]

Panda free + Comodo firewall,..............very light

 

[Stas]

Avast Free + Comodo Firewall or PrivateFirewall

 

[Circe]

Comodo Firewall is enough if tweaked, but if you need an AV then would I recommend Windows Defender.
Comodo Firewall ( @cruelsister 's tweak) + Windows Defender, Just my opinion.

 

[Parsh]

Hey @AtlBo, to get the best of lightness and effectiveness

• Bitdefender free as the AV will do great.

It can be complemented with (ignoring CFW as per our mutual understanding)

• TinyWall - (free) for lightness and tight rules.
• ZoneAlarm FW - (free) unless you've tried, you should not ignore this one IMO. It is moderately light, it has a superb process monitor to stop malicious behavior and network attacks, stealth mode on network as expectedfrom a good FW and identity protection. It can be set to alert for connection requests and it has its cloud recommendations too. I'm sure he won't regret the combo.

Spoiler: ZA FW

The paid version has a Two-way FW with more advanced detection, termination and stealth features.

• Private FW - You know about this one. If your colleague is a Pro, this one will be the best control with a decent usage. It has IDS, process and resource control etc. But it's support has ended now. You might not want to continue with this.

You'll not have to look further. Neglecting Private FW, one combo is totally light (TinyWall), the other is moderately light with more overall controls (ZA FW).

 

[AtlBo]

Thanks for the comments.

@Parsh, I thought about recommending Private Firewall, but it doesn't allow for whitelisting of scripts. So the only way to see scripts is to leave cmd.exe and the other script running processes set to "ask" and then look at each instance of each script. This is very inefficient, because I have to look even at the ones that I would otherwise blanket approve. I guess an option could be to add NVT EXE Radar Pro. Not sure the idea of three programs would be ideal though, considering only one is being replaced. At any rate, PF is pretty archaic, even if the internet connection controls are OK.

ZA sounds really interesting. Also, the owner of the PC mentioned Bitdefender, so maybe that is a confirmation, considering it was the resources issue that him looking into BD. I think it has a firewall, but I'm not sure about this. I don't think I have seen any mention of its effectiveness if it does have one.

I'll mention BD and Zone Alarm.

@leguan...thanks for the heads up on Panda. PC owner has a Panda licence for the pay version. He was looking into alternatives for it and mentioned BD. I still think he's going to miss that port monitoring/port sniffing alerts from ESET. Pretty snappy feature I have to say.

 

[Evandro]

Forticlient Antivírus Free + Comodo firewall,..............Very light!
Best Free Webfilter!

 

[DJ Panda]

I'd say Avast Free and Windows Firewall. You do not really need much tweaking and from my time with it, does well. Keep in mind there is no best, it is up to the user to decide what fits their needs or wants

 

[RoboMan]

Nowadays, you'll come to notice every software gives the same results when talking about free antivirus. They all offer a decent level of protection (real time protection and detection ratio/heuristic). To be honest, i'd recommend any free antivirus, they are all kind-of-lightweight. Personally, Avast, Panda or BitDefender. I'd even say let them be custom. Complement with Comodo Firewall and do the tweaks here. Depending the ammount of alerts and protection, you can help him tweak the software. There are as well plenty of guides to maximizing CFW protection level. Maybe even disable HIPS and install VoodooShield, i do not know the level of alerts your contact desires.

 

[AtlBo]

Anyone have any experience with Avira as far as resource usage goes? It would be nice if the a-v protection angle could at least match ESET's a-v element. I have heard Avira detection is good, but I haven't seen test results lately. Maybe it will come down to BD or Avira for low resources. I like avast too, but it isn't the lightest in my experience. Seems to have gotten much better over the last 5 years though.

There are as well plenty of guides to maximizing CFW protection level. Maybe even disable HIPS and install VoodooShield, i do not know the level of alerts your contact desires.

@RoboMan...yeah thanks. I have the hang of CFW now, so I should be able to get him through that OK. The only trouble is it's a new set of alerts with the sandbox. Then the "Unblock" element of the program is a little bit weird. I mean a process may be blocked in two ways but then unblocking it causes CFW to blanket trust the file, even if you still want, for example, the internet connection blocked. So have to go over to the Firewall settings and change the entry to block. I guess there are still some little messy things with CFW.

VoodooShield is a great idea. For some reason the PC owner seems to like a tiny exe monitor (can't recall the name) for blocking exes, but it doesn't monitor scripts. Maybe I can talk him into VS or NVT ERP at least. CFW has that feature now, but there isn't support for whitelisting specific scripts with wildcards.

 

[Parsh]

Anyone have any experience with Avira as far as resource usage goes? It would be nice if the a-v protection angle could at least match ESET's a-v element. I have heard Avira detection is good, but I haven't seen test results lately. Maybe it will come down to BD or Avira for low resources. I like avast too, but it isn't the lightest in my experience.

For Avira free, I can say that it is not as light as BD free for sure.
In terms of protection, its signatures and especially its heuristics are strong but behavioral detection isn't that impressive. The advanced cloud tech is not found in the free version of Avira. You can find some latest video reviews here at MT.
I'll recommend to stick with BD free as the first preference.

 

[AtlBo]

I'll recommend to stick with BD free as the first preference.

Thanks for the info @Parsh. Looks like BD might be the best for this situation.

 

[Parsh]

Thanks for the info @Parsh. Looks like BD might be the best for this situation.

And what BD lacks (except FW) is provided by ZoneAlarm FW to a great extent.
I just made an EDIT -
Instead of 'Tinywall', I had mentioned 'Private FW' in my first post.
So 'Private FW' made its appearance twice. Corrected now