Advice Request Why some vendors tend to rely on Windows Firewall?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Al-Faqir

Level 8
Thread author
Verified
Jul 24, 2018
379
There's an increasing tendency among a wide range of Security Vendors to using Windows firewall. Trend Micro, Emsisoft, Avira, and F-Secure are on that list. Emsisoft had their own Firewall until it was discontinued in October, 2017. F-Secure did the same and is now relying on Windows Firewall. Trend Micro have there Firewall Booster component and, though it runs separately from Windows firewall and activating it does not activate Windows Firewall, it is not sufficient alone. We still see some big names in Antivirus industry like Kaspersky, Norton, Mcafee, Bitdefender, and Dr.Web still develop their own Firewall module. Third-party firewalls are easier to configure unlike the complicated Windows firewall. My question is if Windows Firewall is sufficient enough and offers great protection as some vendors claim, why do some companies still develop their firewall modules? Isn't this a waste of resources? Moreover, some programs are able to allow themselves through Windows Firewall like uTorrent for instance. If a malicious programs tries to modify Windows Firewall or even turning it off, will, if I may say, Trend Micro, Avira or F-Secure detect such behaviour?
 
D

Deleted Member 3a5v73x

If a malicious programs tries to modify Windows Firewall or even turning it off, will, if I may say, Trend Micro, Avira or F-Secure detect such behaviour?
Fabian some days ago confirmed that Emsisoft would block malicious behaviour of turning off Windows Firewall, I haven't seen that with my own eyes, but sounds great! Not sure about your other mentioned AV vendors.
 

Al-Faqir

Level 8
Thread author
Verified
Jul 24, 2018
379
Fabian some days ago confirmed that Emsisoft would block malicious behaviour of turning off Windows Firewall, I haven't seen that with my own eyes, but sounds great! Not sure about your other mentioned AV vendors.
That would be great from Emsisoft, indeed. I am connected to Public networks most of the time (translating documents outdoors.). Waiting for other members to share their thoughts regarding the matter. Thank you @davisd
 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
Windows Firewall is sufficient enough and offers great protection
no its not great.
some IS suites have ids and advanced protection in place (like Eset or Symantec endpoint)while windows firewall only cover basic! if windows firewall is enough why Entperise use UTM/next creation firewall? because they know the windows firewall is bad.
Avs rely on windows firewall because they are lazy! TrendMicro removed firewall from home products but they offer IPS for enterprise!
Intrusion Prevention | Trend Micro
do they believe in windows firewall? no! they just don't want to mess with home users.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Emsisoft feeds us bs, like that WF is good enough, but as it was pointed above, it is not worth maintaining just to keep a few users happy.
A firewall provides an ultimate protection, but it requires an user to understand the basics, even a simple firewall, which is just allow/block.
People do not want a firewall, it is as annoying as HIPS, they want install and forget. Most people fail to understand the purpose of the firewall.
How many "real" people do know, who use a firewall? I mean not security focused, I do not know a single one. It has phased of a security industry.
Windows Firewall is a joke (no self-protection, no GUI, no prompts), but there is no viable alternative, I have to use it as it is, until it gets removed too.
 
Last edited:

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
sometimes firewall is the last line of defence... I cant listen talking about that the windows firewall is good end enough

For me Firewall and HIPS is definite 1st line of defense/ ok meaby 2nd if you consider builded SRP inside system or other tools on forward ^^
Second is Isolation and virtualization because can limit access/zone from infection.
3rd is Backup
and last is detection and deleting so av and other scanners are mine last hope which i mostly i dont believe at all^^

ALWAYS PREVENT than cure because for cure can be to late..
Depend on infection :D
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
I'm using Windows Firewall as a background aspect program, until I can find a Firewall which has great synergy with Forticlient. Comodo Firewall definitely is not one that works well with it. However I am thinking about looking at TinyWall!

~LDogg
 

KonradPL

Level 5
Verified
Well-known
May 1, 2018
229
I`m using MKS_Vir with max setting (so a have good av, data backup by safestorage and onedrive and secure browser for banking) and manualy harden windows 10 Pro.
For example I turn off all setting in windows privacy section. Turn off SMB 1, SMB direct, powershell 2.0 and internet explorer.
Turned off in gpedit script execution. And other ##### like camera, cortana, remot access etc.
 

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
I'm using Windows Firewall as a background aspect program, until I can find a Firewall which has great synergy with Forticlient. Comodo Firewall definitely is not one that works well with it. However I am thinking about looking at TinyWall!

~LDogg
You can try SpyShelter Firewall use windows firewall mechanizm but add myself system to control and work on it.
But you can yet try FortKnox :D or NetLimiter is bandwtich monitor but with advanced mode is even more detailed than casual firewall.

I use Gather NetLimiter with SpyShelter FW
 
D

Deleted Member 3a5v73x

Windows Firewall is a joke (no self-protection, no GUI, no prompts)
Self protection is non existent, that's true, but what do you mean by not having prompts and gui? It's not like it's hard to make rules, it's just a bit more complicated than turning on a computer. Once someone spends some time tinkering with WF settings, it's good as it gets and it's the most well integrated and stable in the system than any 3th party ever will be, why many forget that fact? For home, most likely non-targeted users, WF is efficient enough anyway. I give props to any AV suite droping their Firewall module for home user products, it's just not needed and if example like Emsisoft BB can even intercept any malicious altering with Windows Firewall settings or even tries to turn it off, its a win-win.
 
Last edited by a moderator:

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
SpyShelter Firewall in auto high secure mode is a good opton with secureaplus?
Yes casue some windows process are not trusted in SS even by auto mode cause they are mostly used to infect your system like explorer.exe.


SSFW have yet other interesting function which you cant find in other HIPS casue is not tradic HIPS with Firewall it more HIPS-anti-keyloger
You can block access from reading your keyboard/camera for specific process and other thinks / you can limit acess for programs and they will not able to write files in folder which you dont added.
Key encryption - encrypt buttons between apps so keyloger cant steal your text. good for banking and cover login and pass for webiste but also work great for games...

See more detail on Features | SpyShelter Anti-Keylogger
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
You can try SpyShelter Firewall use windows firewall mechanizm but add myself system to control and work on it.
But you can yet try FortKnox :D or NetLimiter is bandwtich monitor but with advanced mode is even more detailed than casual firewall.

I use Gather NetLimiter with SpyShelter FW
What's Fortknox Firewall like anyway? Reckon it can be as good or better than Tinywall? Need something that's great with Forticlient!

~LDogg
 

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
i also wanted to test fortknox casue some peoples tell about it nice coments but some this peoples can be casual bulk talkers with out abuse for them i just know how peoples can be sometimes .....

That why i can cant comment this software till i dont test it by myself... but by screens its look like very advanced/detailed firewall with myself firewall engine
 

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
i also wanted to test fortknox casue some peoples tell about it nice coments but some this peoples can be casual bulk talkers with out abuse for them i just know how peoples can be sometimes .....

That why i can cant comment this software till i dont test it by myself... but by screens its look like very advanced/detailed firewall with myself firewall engine
Fair enough man! Thanks for letting know about Fortknox. May do some digging and looking into it to see if it's any good.

~LDogg
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top