Hello,
This is a mini-review of GlassWire Network Security Monitor.
Pros:
There is a lot to like about GlassWire's Network Security Monitor. It's a keeper in my book.
Simple and intuitive. As a basic network monitor it is excellent.
Anyone who wishes to monitor outbound connections, I highly recommend at least a "look-see."
GlassWire allows outbound connections, but notifies users when an app first initiates an outbound connection. The user can block the connection on the Firewall tab. Basically, it is a GUI extension for Windows firewall.
The basic firewall mechanism is "Allow" or "Block" from within the GUI; there are no permanent rules creation and re-configurations required. To block an app, the user simply selects the gray-colored flame icon next to the app entry on the Firewall tab which turns to red to indicate the app is "Blocked"; to un-block the app, the user simply de-selects the flame icon and it returns to grayed-out color to indicate "Allowed."
Neurotic security software enthusiasts (like me), weighed-down and over-worked by their many apps that require constant manual configuration changes, will immediately appreciate GlassWire's simplicity. Its On\Off app feature is perfect for basic network monitoring during malware testing.
Graphically, the user-interface is quite pleasing. Everything one would need to monitor their network is present and well-organized. The key feature being that one can closely monitor application remote address connections.
The way infos is presented to the user is clear, concise and makes sense. It's a snap to use.
If GlassWire added WHOIS and IP address verification it would be almost perfect. The next thing would be to add a means to block individual IP addresses; currently, once you "Allow" an app to connect to the network, the user essentially allows it to connect to any and all remote IP addresses (you can achieve this using the WFwAS interface if need be... but it's a rigmarole). Not really a huge deal, but us geeks likes our fine-grained control. If you absolutely require that much control, then BiniSoft's Windows Firewall Control will meet your needs, but it won't provide any graphics or summary tables. Alternatively, you can opt for NirSoft's CurrPorts and IPNetInfo...but those are best suited to advanced users.
BIG HINT: For now, if you want to clear out the Firewall app list, do the following:
1. Exit GlassWire GUI
2. End Task "GlassWire Control Service"
3. Delete C:\Program Data\GlassWire\glasswire.db
This will completely clear-out all GlassWire data. When you re-launch GlassWire it will be a completely fresh session. While I think this is unnecessary, and a bit of a rigmarole, it can be useful. It must serve a techie purpose if I actually bothered to figure this all out... right?
Just remember, after an app makes it very first outbound connect, there will be no additional notifications when it makes subsequent connects. Keep a close eye on the remote IP addresses in the Host column on the Firewall tab. Since you are very likely to expect activity there it should not be an issue. On the other hand, if you aren't paying attention, and a malicious script - for example - uses wscript.exe, cscript.exe, java.exe, cmd.exe to make a connect - it might be game over.
The lack of repeat notifications for apps is GlassWire's greatest weakness. Currently, the only way around this it to delete the glasswire.db file outlined above. Until GlassWire either enables the user to delete an app from the Firewall list - or - allows repeat notifications (I wouldn't count on it), there is no other way to generate subsequent notifications other than deleting the GlassWiare database file. Bummer.
There are some very minor GUI quirks on the Firewall tab. However, GlassWire is a "work-in-progress."
Bottom line on this one... it will meet the typical network monitoring needs of most any user. It's a winner.
You gotta try it out.
This is a mini-review of GlassWire Network Security Monitor.
Pros:
- Very polished, elegant user-interface.
- Outbound notification pop-ups are unobtrusive, yet demand attention.
- Learnability and ease-of-use are relatively high.
- User can block outbound connections by selecting the flame logo on the Firewall tab.
- Automatically resolves IP addresses.
- Comprehensive on-line help guide that is easy to understand.
- Quite a few advanced security features such as system file, device and various other monitors.
- User can configure remote server access.
- Freeware (currently).
- Can be a bit rough on resources (approximately 17.5 % CPU\40 MB RAM) on my moderately busy W8.1 AMD system; cycles from 0 to 20+ % CPU with short periods above 17.5 %. (Not a real issue due to short intervals of elevated CPU usage).
- Cannot create permanent firewall rules.
- Does not alert to individual remote IP address connects; cannot block individual IP addresses.
- No WHOIS or IP address verification query available in current version.
- Cannot save activity log.
- Currently no means to remove an app from the firewall list.
- Currently no means to re-organize or search the firewall list.
There is a lot to like about GlassWire's Network Security Monitor. It's a keeper in my book.
Simple and intuitive. As a basic network monitor it is excellent.
Anyone who wishes to monitor outbound connections, I highly recommend at least a "look-see."
GlassWire allows outbound connections, but notifies users when an app first initiates an outbound connection. The user can block the connection on the Firewall tab. Basically, it is a GUI extension for Windows firewall.
The basic firewall mechanism is "Allow" or "Block" from within the GUI; there are no permanent rules creation and re-configurations required. To block an app, the user simply selects the gray-colored flame icon next to the app entry on the Firewall tab which turns to red to indicate the app is "Blocked"; to un-block the app, the user simply de-selects the flame icon and it returns to grayed-out color to indicate "Allowed."
Neurotic security software enthusiasts (like me), weighed-down and over-worked by their many apps that require constant manual configuration changes, will immediately appreciate GlassWire's simplicity. Its On\Off app feature is perfect for basic network monitoring during malware testing.
Graphically, the user-interface is quite pleasing. Everything one would need to monitor their network is present and well-organized. The key feature being that one can closely monitor application remote address connections.
The way infos is presented to the user is clear, concise and makes sense. It's a snap to use.
If GlassWire added WHOIS and IP address verification it would be almost perfect. The next thing would be to add a means to block individual IP addresses; currently, once you "Allow" an app to connect to the network, the user essentially allows it to connect to any and all remote IP addresses (you can achieve this using the WFwAS interface if need be... but it's a rigmarole). Not really a huge deal, but us geeks likes our fine-grained control. If you absolutely require that much control, then BiniSoft's Windows Firewall Control will meet your needs, but it won't provide any graphics or summary tables. Alternatively, you can opt for NirSoft's CurrPorts and IPNetInfo...but those are best suited to advanced users.
BIG HINT: For now, if you want to clear out the Firewall app list, do the following:
1. Exit GlassWire GUI
2. End Task "GlassWire Control Service"
3. Delete C:\Program Data\GlassWire\glasswire.db
This will completely clear-out all GlassWire data. When you re-launch GlassWire it will be a completely fresh session. While I think this is unnecessary, and a bit of a rigmarole, it can be useful. It must serve a techie purpose if I actually bothered to figure this all out... right?
Just remember, after an app makes it very first outbound connect, there will be no additional notifications when it makes subsequent connects. Keep a close eye on the remote IP addresses in the Host column on the Firewall tab. Since you are very likely to expect activity there it should not be an issue. On the other hand, if you aren't paying attention, and a malicious script - for example - uses wscript.exe, cscript.exe, java.exe, cmd.exe to make a connect - it might be game over.
The lack of repeat notifications for apps is GlassWire's greatest weakness. Currently, the only way around this it to delete the glasswire.db file outlined above. Until GlassWire either enables the user to delete an app from the Firewall list - or - allows repeat notifications (I wouldn't count on it), there is no other way to generate subsequent notifications other than deleting the GlassWiare database file. Bummer.
There are some very minor GUI quirks on the Firewall tab. However, GlassWire is a "work-in-progress."
Bottom line on this one... it will meet the typical network monitoring needs of most any user. It's a winner.
You gotta try it out.
Last edited by a moderator:
