We believe that whatever protective advantages desktop firewalls once had over Windows Firewall are now minimal, if not negligible.
@Fabian Wosar Doesn't this translate to the fact that sophisticated s/w Firewalls can offer some more protection (at higher levels of stack?) than what the home NAT routers basically do? I'm not talking about stuff like HIPS that were added to make FWs more interesting after hitting a saturation level.
I would like to know about the users
connecting to the Internet through their laptops/desktops via mobile hotspot instead? WinFW? Uh, lets say it's fine for me to configure it all. Fine for everyone?
Connection attempts from the outside in are blocked by the Windows Firewall by default, and connections from the inside out are prevented by Emsisoft’s multi-layer real time protection, and the Behavior Blocker in particular.
The BB always has blocked suspicious outgoing connections. Even before the firewall was in the picture. That isn't going to change.
If I am not wrong, the
parameters (local and remote) considered for blocking suspicious connections via the BB and the FW won't be the same set. If so, that makes a difference and a potential compromise for some users depending on their external stimuli and the effectiveness of the BB except when rogue digitally signed (valid) apps are automatically trusted. Correct me if I'm wrong.
While some of our more technically minded users might have appreciated the freedom to tweak settings to their heart’s content, it has to be said the majority of our customers are (understandably!) not familiar with the technical intricacies of firewalls and were not always confident when using the software.
I wonder how many non-techies play with the advanced settings like the Firewall advanced settings when they've no idea about what it is. If an amateur or an experienced user is experimenting, they have clear notations and online guides. Will they select "allow" for all apps just for the sake of trying? Not many? Probably a few? Well losses due to such configuring can be possible with just any such apps. With other AVs, with WinFW .. so should that module just be removed for all customers? Your call.
You may still want to use your Windows Firewall Control program for other features. Ours just makes it more resilient, but doesn't add the convenience features that a lot of the other frontends offer.
For the apparently few customers looking for a complete suite with ease of configuration, dropping FW is a tradeoff for sure. A small percentage of a big number of users is still a considerable number to not care (not in literal sense) about their needs. I'm not sure if every Emsisoft customer knows what the Windows FW lacks that Emsisoft FW offered and how to simply configure advanced settings w/ or w/o alerts for granular control.
I'm not saying that we cannot achieve a great protection with WinFW. But there have been differences.
In the end, it's Emsi's business and looking at redundancies and potential opportunities are your own decisions at Emsisoft and I acknowledge that. Next, simply put: there's no complete suite offering now but a strong AM.
The few options (like enabling/disabling auto trusting of valid digitally signed files, notify when new programs are auto-trusted..) were made for the advanced users with a caution needed and a few AVs do provide the former option right now with least issues found during usage.
However looking at how such options were totally ditched because of some user confusions, instead of trying to fine-tune/recalibrate various thresholds of detection or how the decisions were taken in case of diff kinds/reputations of non-auto-trusted digitally signed files (in whichever way it can be practical, through say understanding based trial-error..) that
might have helped improvise it and tackle instabilities as I read on the Support forum. I do not feel certain about what offerings will be retained in Emsi subscriptions ahead.
