Best Free Firewall

 
In a Hurry?

  Go straight to the Quick Selection Guide
 

New - Poll Results for Best Free Firewall of 2009

Comodo Internet Security: 28.32% (79 Votes)

Online Armor Free: 21.51% (60 Votes)

PC Tools Firewall Plus: 11.47% (32 Votes)

ZoneAlarm Free Firewall: 8.60% (24 Votes)

Outpost Firewall Free: 8.24% (23 Votes)

Windows Firewall: 8.24% (23 Votes)

PrivateFirewall: 3.94% (11 Votes)

Sunbelt-Kerio Personal Firewall: 2.87% (8 Votes)

Introduction

No other freeware product causes as much angst to users, whether in installation or day-to-day use, as a firewall. To find a stable and high quality firewall for windows often involves a process of trial and error. Firewalls should protect while not being too intrusive or too complicated to handle. This article gives you a selection of the best free software firewalls available.

If you want to learn more about firewalls, visit these excellent sites: How Firewalls Work and Microsoft Security Firewalls FAQ. If you don't decide to use one of the firewall products in the article, at least remember to turn on the Windows firewall. Be sure to use only one software firewall at a time. But feel free to combine a hardware and a software firewall to improve protection. Additionally, most products highly recommend uninstalling other third-party software firewalls before installation (and disabling the Windows firewall if they don't).

Oh, and I always create a drive image or restore point before installing a new firewall since they are known to give your PC serious problems if they conflict with anything. I installed and uninstalled each firewall several times during testing and had no major problems, but I was careful to make sure each one uninstalled cleanly before installing another firewall (often with Revo/Zsoft Uninstaller and additional cleaning as needed with CCleaner/Autoruns, or with a fresh drive image or restore point).

Firewalls are increasingly useful to help you control the activities of Internet facing applications. Many users now leave their Internet on all the time, increasing their risk to malware. It's also becoming difficult to tell when applications connect online because they link so many of their features to Internet resources. Few programs stop to ask your permission. So I predict that firewalls will be ever more important for privacy and control.

I organized the article into two sections: (I) software firewalls for broad protection and greater user involvement; (II) software firewalls for basic protection and less user involvement.

Discussion

I. Best Software Firewalls for Maximum Protection and Greater User Involvement

The following personal firewalls provide excellent network protection. Each firewall comes with default settings and shouldn't require tweaking except for the needs of advanced users. I provide some configuration and usage details since a little extra information may help you better answer and minimize popup alerts.

Still, firewall products in this section seem to require a fair amount of time to learn their features. They all require user involvement and some knowledge of your software to reliably answer popup alerts. However, for the technically initiated who can cope with these annoyances, these are some outstanding free products. And they are not as bad as the User Account Control (UAC) in Vista since they have various features to limit the extent of action required by you.

Some products rely of lists of known safe applications (all) or safe vendors (Comodo, Privatefirewall) or valid digital signatures (PC Tools), some products can optionally give safe or trusted status to all your current files (Comodo, Online Armor), some have training or installation modes (all but PC Tools), and some have lesser configurations to reduce monitoring (esp. Outpost).

These techniques reduce popup alerts and user intervention to varying degrees, but they also reduce protection to some extent. Since firewalls are often praised for their level of protection at their maximum security settings, users may not have the degree of protection mentioned in the reviews below when they use methods to increase automation and reduce alerts.
 

Comodo FirewallIf full featured security is your criterion, then the Comodo Internet Security is the top contender. It has a robust and a very active HIPS or application monitoring feature called "Defense+", which matches or exceeds the security performance of pay products. Its Defense+ also provides image execution control (or a "memory firewall") that seems unique to Comodo. Comodo allows for much control and customization, with a plethora of additional settings to tweak for the curious or for the just plain paranoid. On the minus side, its Defense+ is initially talkative with popup alerts in some configurations, which may annoy or alarm users.

During installation, it gives you a choice between three levels of security. The "Firewall Only" mode is discussed in the next section; it disables intrusion protection against outbound malware threats. The default (or middle configuration) uses most Defense+ protection and monitors for common exploits, but it turns off some monitoring (right-click the tray icon > "Manage Configurations" > "Firewall Security" to switch to it at any time). The maximum configuration, "Proactive Security", uses all Defense+ monitoring and increases its aggressiveness (right-click the tray icon > "Manage Configurations" > "Proactive Security" to switch to it).

After installation Comodo automatically selects either "Clean PC Mode" or "Safe Mode". "Safe Mode" maximizes proactive protection to a high level and is the best mode for most users. But it relies on numerous popup alerts for applications not in its trusted vendors list (you can browse this list to see if you trust the vendors: go to the Defense+ tab > "Common Tasks" > "My Trusted Software Vendors"). When you answer "allow" and "remember your answer" to popup alerts for an application, Comodo creates a custom policy for it. Some of its policies are fairly liberal (the one for CCleaner gives it "allow" status for almost everything, but the one for some parts of OpenOffice are set mostly to "ask").

In the more liberal "Clean PC Mode", Defense+ automatically treats all applications on your drive as safe (but if any malware is currently hidden on your drive, it too would be considered safe). Applications still receive some minimal monitoring for Comodo's two protected lists ("my protected registry keys" and "my protected COM interfaces") and for running as an executable, or more/less monitoring depending on their custom policy. And new files get sent to a list of files "waiting for your review" in the "Summary" page. Files listed for review will be considered possibly unsafe and will provoke popup messages, as if in Safe Mode, until their custom policies are made.

Comodo limits the frequency of alerts by automatically treating some programs as safe and allowing some applications to access the Internet. You can additionally automate the behavior of Defense+ by one or more of these methods for treating applications as safe:

  • Have it "remember your answer" to all popup alerts when an application first runs, which works for some applications (because some custom policies set this way are close to "trusted" status). But if an application still nags you, click "More Options" in the alert and use the drop down box to select "trusted" or "blocked" (etc.), if available, or set an application to trusted manually ("Defense+" > "Advanced" > "Computer Security Policy" > "Edit..." > "Use a Predefined Policy"), which finally ceases popup alerts and most intrusion prevention for that application.
  • Add files to the lists of "My Own Safe Files" or "My Trusted Software Vendors" in the interface (see the "Defense+" tab), which is most helpful for "Safe Mode" or "Paranoid Mode".
  • Use the "Clean PC Mode" (right-click the tray icon and select it under the "Defense+ Security Level"). But make sure to scan and remove any malware first.
  • You could also browse these guides on minimizing Defense+ alerts: How to Tame Comodo Defense+ Without Disabling It and Comodo Forum Help.

Alternatively, see this mini guide for an example of how to maximize some of its basic settings. Comodo nicely allows you to quickly increase or decrease protection with its different modes, configurations, and settings.
 

Online Armor FirewallA solid contender is the free version of Online Armor Free. It has outstanding leak-test and HIPS performance (the HIPS feature is mostly in its "Program Guard"). It has a unique feature called "run safer" that allows you to selectively set risky applications (web browsers, office software, readers/viewers, instant messengers, email or news programs, multimedia software, download managers, etc.) to run as if under a limited user account (go to "Programs" tab > uncheck "Hide Trusted" > highlight a program and click "Run Safer"). It minimizes popup alerts over time with its automatic list of safe programs, your on-demand scans with its safety check wizard, and your responses to popup alerts -- especially in cases where you tell it to remember your decisions and have it treat programs as trustworthy.

Though its Program Guard also relies on user input and user interpretation to answer its numerous popup alerts (especially if you don't want to trust a program); this may be quite a challenge for average users. And it now makes it mandatory to enter an email during installation. Some users also reported compatibility problems with other security software recently (Avira, GeSWall). That said, it provides excellent proactive security and often scores very high in reader polls.

In an effort to reduce user involvement even further, it has a safety check wizard that gives you an option to trust all programs currently on your PC or to run the wizard to scan for safe applications (you can always run it again later by visiting the safety check wizard in the interface). If you decide to automatically trust everything on your PC, it liberally gives applications more access to function and therefore gives you very few popup alerts initially, but be sure to carefully scan and remove any malware first (not recommended for average users).

Otherwise, run the wizard and have it search your PC for known programs to allow/block/ask. In this case, Online Armor relies on you to respond to numerous popup alerts for unknown programs. In my testing, you receive about as many alerts as Comodo's "Safe Mode" (with its default safe vendors list or with manually adding to its safe lists). Online Armor has a couple restarts and a short two minute learning phase during installation, and you can use its learning mode to create automatic rules at any point later, say, for a trusted online game that gets constantly interrupted by firewall alerts. It also allows you to easily "check mark" applications as installers in initial popup alerts about them; I found this to be the easiest method for handling installers of all tested products.

For the curious or paranoid user, it uses excellent popup messages when it automatically allows a program to connect online and, optionally, when it automatically trusts a program/process to run (these alerts don't require user action and they can be enabled/disabled in the interface with "Options" > "Firewall", and "Programs" > "Options"). For example, I noticed a message when it auto trusted a key logger test (Zemana, which it failed initially), but after I set the tester to untrusted, it gave very informative and detailed security alerts (and then it passed the test and logged the tester in the interface under the "Key Logger" tab, but it only logged the key logger after the test was untrusted). You can even close both its tray tools from its right-click context menu. They are not needed for the firewall and HIPS components to continue running and protecting.
 

Click for PC Tools Firewall ScreenshotAlso a solid performer in the personal firewall class is PC Tools Firewall Plus. It provides a HIPS-like component through its "enhanced security verification," which alerts the user about possibly malicious behavior. It relies on a list of known programs and a check for valid digital signatures to significantly reduce the frequency of popup alert messages, so it will mainly ask you about unknown programs, programs connecting online, and programs requiring more access. It seems more liberal and user friendly in its default settings than previous versions, giving me fewer popup alerts for common tasks like opening and working on a well known word processor.

I did notice many popup alerts when programs update or connect to the Internet, at least initially, and it lacks an installer or training mode (installing new programs makes me want to disable the firewall temporarily). So it still expects a high learning curve to respond to alerts (like with all top firewalls, a high level of familiarity with your PC's software and your firewall's features helps you reliably answer popup alerts -- mindlessly clicking them away not included!). In any case, it nearly matched Comodo's overall degree of protection in the Matousec tests, so obviously it has an excellent HIPS in performance.

But one very surprising difference was the ease of installation and configuration. In fact, I didn't have to do anything; no searching for or adding programs -- it just installs and starts protecting your PC. But, of course, this means a few extra popup alerts will appear initially (especially when programs go to connect online) if you have many unknown applications or if you disable, say, its feature to automatically allow applications with valid digital signatures. As with all of the top firewalls, the automatic allow features (which are in the interface under "Settings" > "General") may be a security concern since they seem a bit permissive (acting similarly to Online Armor/Comodo when set with lists of clean/safe/trusted applications). For example, it fails the Zemana key logger test when it's set to automatically allow programs with valid digital signatures.

Additionally, it has an interesting "Full Screen" mode or game mode that suppresses all alerts (by allowing all alerts or blocking all alerts) while, say, you play an online game. And it supports password protection for its settings and for shutdowns. Like Comodo it has automatic updating and it's an excellent unrestricted freeware product, but it does have an "Upgrade Now" link to its commercial security product. The program looks and feels user-friendly, with a simple setup and simplified alert messages; still, it's not quite for average users. Recently many users reported major problems with it preventing them from connecting to their Internet, but the newest version fixed this bug.
 

Outpost Screenshots Outpost Firewall Free is a good choice for users who want highly flexible protection without sacrificing usability. It was obviously made with average users in mind, judging by the care taken to simplify alert messages and make it easy to adjust intrusion prevention (or HIPS) monitoring. For example, it remembers your responses to popup alerts without the need to set "trusted" rules (like in Comodo/Online Armor), and like Online Armor it notifies you when it automatically allows an application to access the Internet (especially helpful during the learning phase).

The free version lacks many extras of the pay version, however, such as automatic updates and the ability to break active connections. I also didn't like the advertisements for its commercial version and the occasional news updates, which popup when they download (requiring user intervention). This being so, I saw a few user reports of satisfaction with how it works and this is probably because of the extra care taken to reduce user involvement and limit outbound monitoring to a reasonable level.

The HIPS component is called "Host Protection" in the interface. It provides four default levels of protection, which can be easily set with a slider and additionally customized item by item by advanced users. The default "optimal" setting only monitors the "most dangerous activities" (such as memory injections, driver loads, and a healthy list of system critical features -- auto starts, shell extensions, and internet settings) instead of all program activities. But these "optimal" settings lack protection from keyloggers, direct disk accessing, DNS API request monitoring, etc. You can check the types of reduced monitoring in "Settings..." > "Host Protection" > "Customize...". I believe the intention of the "optimal" level is to acclimate users to the firewall and provide more outbound protection than the windows firewall. After you get used to the firewall or find some spare time, you can increase its protection to try it out.

The installation asks whether you want to train the firewall for a week (using its Auto-Learn mode and Rules Wizard). In this mode, it sets rules automatically for known safe applications. I'm not a fan of this week long feature (it's initially unchecked during the installation), and you can easily switch to it at any later point, say for an hour while you start using a new, trusted program (right-click the tray icon and select the "Rules Wizard" under "Firewall Policies", then click "Enter Auto Learn Mode..." to turn it on). In my testing it greatly reduces protection during the time the firewall trains, but if you're present while programs connect online, you can monitor its allow messages or check its application rules in "Settings..." > "Application Rules". But for some strange reason it doesn't display application rules for applications you allow yourself after the learning phase. One technical advantage over Comodo is that the self-protection component works well in all its levels of protection, whereas self-protection in Comodo depends largely on having Defense+ enabled (this becomes more important in their lesser configurations).
 

Next to be reviewed: Privatefirewall, which is also effective against outbound threats, but is ineffective at self-protection from malicious attacks (see quick select for more details).


II. Best Software Firewalls for Basic Protection and Less User Involvement
 

Some users (of many degrees of experience) prefer to avoid advanced firewalls that employ a constant "security guard" that question them daily. The following alternatives accommodate the use of your favorite active security programs, such as other HIPS software, active anti-malware, or browser protection (virtualization, isolation, rights reduction).
 

Firewall Only ("Set it and Forget it Options")

The built-in Windows firewall is a common choice since it passes all inbound tests and it doesn't have popup alerts. It lacks proactive security against outbound malware intrusions, but some users are simply unprepared to reliably handle the numerous popup alerts of the best firewalls on the market. And users who click "allow" to each and every popup alert will not have the level of protection they think they have. If you're fairly sure malware isn't on your computer and you don't want the other features of a third party firewall, then the Windows firewall is actually a practical and useful solution.

You could marginally increase security with the alternate configurations below or with the default "no popup" settings of Sunbelt-Kerio. But Windows firewall doesn't require installation, so it's the least likely to crash your PC or conflict with your other programs.
 

Nearly "Silent" Firewall Configurations

If you disable or reduce program monitoring in the following firewalls, they still provide excellent inbound protection, marginal outbound filtering, and more features than the built-in Windows firewall. They make it easier to filter access to the Internet, view network activity, and quickly upgrade security with a click. These alternate configurations make some of the very best firewalls act just like ZoneAlarm Free.

Most of the firewall configurations below will ask you whether unknown programs should have access to the Internet, but they will not worry if you start OpenOffice Writer to compose your next poem. They did alert me when some of my other lesser known programs tried to go online for updates, but the alerts settle down quickly once the firewall has a good list of rules for your Internet-bound software. They seem to remember your responses to Internet access alerts in a simple, straightforward way. Additionally, all of them have a list of programs they automatically allow. For example, I noticed that none of them asked whether Firefox should be allowed to connect online.

Select the appropriate installation options or settings to reduce the proactive monitoring components in these firewalls:

  • Outpost Firewall Free: Comes with reduced monitoring in its default settings, the top choice for this section if you can put up with the ads. And you can further reduce or disable intrusion protection if it becomes too much of a nag -- right click the tray tool > "Settings..." > "Host Protection" > and select "Low" on the slider (to disable anti-leak protection). Also in "Host Protection", you could select "Customize..." to manually configure proactive monitoring.
  • Comodo Internet Security: Right-click its tray icon > set "Defense+" to "disabled", or select the "Firewall only" configuration during installation. Or you could manually reduce its Defense+ monitoring in the interface Defense+ tab: "Advanced" > "Defense+ Settings".
  • Online Armor Free: Right-click its tray icon > uncheck the "Program Guard". It's a very lightweight and attractive option for this configuration if it doesn't conflict with your other software.
  • PC Tools Firewall: Uncheck "Enhanced Security Verification" (the application monitor/filterer) in "Settings" > "Filtering Settings", or during installation (click "Advanced" to uncheck it).
  • Privatefirewall: In the interface > "Process Monitor" tab > move the slider to "Off". It will still alert you to some programs starting for the first time since that doesn't count as a process (of a running program).
     

Cautions

Though these less proactive choices will lose you important protection from malware running on your PC, such as root-kits, keyloggers, Trojans, viruses, adware, or spyware. The additional security layers below help to safeguard against malware and prevent it from harming your PC, or from making outbound connections to steal your personal information or to take control of your PC.

I highly recommend using secure DNS providers (OpenDNS or Comodo SecureDNS), site safety advisers (WOT), software update monitors (Secunia PSI), and, especially, browser protection (Sandboxie, GeSWall) to avoid malware problems in the first place. And our site has related articles that cover other security essentials: anti-virus software, anti-spyware software, HIPS software, etc.

Other Firewalls

Several other free firewalls were brought up in comments here or noted from other sources. As they are not rated in this review, I am listing some of them here with brief descriptions and links to their sites for ease of reference.

Additional Options for Simplicity and Basic Protection: I recommend the firewalls in section II, but if they don't work for you one of these might. No complete test results exist for the proactive components of these firewalls, but in general they aren't as good as the max security modes of the firewalls in section I. Loosely ordered from best to worst all around:

  • Sunbelt-Kerio Personal Firewall. Pros: Simple setup, silent "no popup" mode, lightweight on memory, automatic updates, built-in help, optional behavior blocker, and more features than windows firewall. Cons: Loses its HIPS, some logging, and password protection after 30 days. It has many advertisements for its full commercial version. Some users experienced system crashes in the comments recently and in the past, but I had no problems with it in my testing. Details: XP, Vista, 32-bit only, 5.71 MB.
     
  • ZoneAlarm Free Firewall. Pros: Simple setup, easy to use, game mode, built-in help, automatic updates, and more features than windows firewall. Cons: It has a huge download size, lacks any options for extra proactive security, and only displays traffic activity in the tray icon. It initially gave me trouble by blocking my Comodo SecureDNS (I was able to easily fix it through the log section). The installation has pre-checked nags and there are many advertisements for its commercial products in the interface. Details: XP (32-bit), Vista & Windows 7 (32/64 bit), 32.3 MB.
     
  • Windows 7 Firewall Control. Pros: Simple setup, safe to install (uses Windows filtering platform and doesn't install third-party kernel drivers), very light and works without the tray icon, built-in help, more features than Windows firewall. Cons: Fails GRC stealth test (it set many ports to closed on my system, so it passed other inbound testing sites), popup alerts/settings may not be for average users, doesn't auto allow known safe applications, doesn't display network activity, and bans editing system application rules in the free version. Details: Vista, Windows 7, 32/64 bit versions, portable version (32-bit only), 1.11 MB.

Firewalls Compatible with Older Versions of Windows:

Related Products and Links

General Firewall Sources and Information:

TSA Security Advice and Guides:

TSA Security Software Articles:

Find more free software at The Editors' Choice List: Our Selection of the Best PC Freeware!

Have Your Say

You are invited to share and discuss your views in our freeware forum. To post in the forum you need to register first but that's quick and immediate. Alternatively, anyone can leave a comment at the bottom of this page. You can also help us by rating this review at the end of the article.

Vote for the Best Free Firewall of 2009 (see the results; closed for practical purposes).

Quick Selection Guide

Comodo Internet Security    Rating 9 of 10  Gizmo's Top Pick

Pros   Its Defense+ HIPS performance exceeds commercial products and leads the class, it includes an excellent "memory firewall" feature, and it allows you to quickly switch between Defense+ security modes and configurations. Includes automatic updates. Installation can automatically configure your PC to use the Comodo SecureDNS (but you can do this without installing CIS).
Cons   It was the heaviest on memory resources of all top picks. The automatic installation mode popups are very annoying and much better handled in Online Armor. It also comes with an optional antivirus that bloats its download size to 3 times the other products. You get 3 pre-checked nags/options during installation. I didn't find Threatcast very active or helpful at all as of yet.
Developer Home Page   http://www.personalfirewall.comodo.com/
Download link   http://www.personalfirewall.comodo.com/download_firewall.html
File Size   39 MB   Version 3.13   License Type Unrestricted Freeware   Installation Requirements Windows XP (SP2), Vista, Windows 7
64 Bit version available   64-bit version available (use the download link and select 64-bit Windows from the drop down box)
Info  

The "Clean PC Mode" and some automatic custom policies may be risky for users without other security layers. Requires a heavy learning curve to reliably answer popup alerts (it helps to know your PC's software and your firewall's features).

Additional Features of Interest (as Found in its Interface): Installation mode/training mode, auto updating, built-in help and tips, parental control with password protection, extra themes and languages, and a stealth ports wizard. Purges old or unused firewall/Defense+ policies or unused files (safe files, files waiting for review, etc.). Displays balloon messages for instant logging events.

To learn more visit its forum, online help, change log, or download the CIS User Guide.

Online Armor Free    Rating 9 of 10

Pros   Excellent proactive security performance. Includes a "run safer" feature to reduce rights for specific risky applications, a helpful security wizard to minimize popup alerts, and the ability to monitor key logger activity and host files. It handles the installation of new programs better than any other tested product. You can also close its tray icons to save memory and it still functions fully.
Cons   It doesn't have automatic updates or a built-in help. It's mandatory to enter an email during installation, and it has a pre-checked option to send it anonymous information. I also noticed an advertisement popup for its commercial product (but I could check to disable them). Windows Vista gave me two security warnings during installation: "Windows can't verify the publisher of this driver software" (details: some OA drivers don't have a valid digital signature it seems, but OA is a safe application to install obviously).
Developer Home Page   http://www.tallemu.com/product_overview.html
Download link   http://www.tallemu.com/downloads.php
File Size   11.22 MB   Version 4.0   License Type Restricted Freeware   Installation Requirements Windows XP, Vista, Windows 7 (32-bit only)
Info  

Some users report compatibility problems with other security software recently (Avira, GeSWall). It has a quite liberal auto trust list and an even more liberal trust everything option that seems risky for users without other security layers (be very sure to scan and remove malware before using this option). Requires a heavy learning curve to reliably answer popup alerts (it helps to know your PC's software and your firewall's features).

Additional Features of Interest (as Found in its Interface): Set passwords, protect programs (right-click > "Advanced options"), key Loggers tab/Hosts tab, and multi desktop support.

To learn more visit its online help, forum, and blog.

PC Tools Firewall Plus    Rating 8 of 10

Pros   Provides excellent proactive security performance comparable to Comodo. The installation and initial setup is amazingly easy, the popup alert format is fairly simplistic, and the full screen or "game mode" works nicely to prevent popup alerts. Includes default profiles to quickly personalize network rules. Automatically updates.
Cons   Doesn't have an installation/training mode, so installing new programs can be frustrating. Some network profiles may not get perfect GRC stealth results, such as "home" for me (but it passed all my other inbound tests). It fails the Zemana key logger test in its default settings (but it passes the test when I disable "automatically allow applications with valid signatures"). Minimal built-in help, and doesn't break active connections. You also get a pre-checked option to install a Spyware Doctor evaluation during installation.
Developer Home Page   http://www.pctools.com/firewall/
Download link   Use home page link above.
File Size   10 MB   Version 6.0   License Type Unrestricted Freeware   Installation Requirements Windows XP (32-bit only), Vista, Windows 7
64 Bit version available   64-bit compatible (designed for both 32-bit and 64-bit)
Info  

Older versions have given users major problems recently, so make sure to download the newest version. Its list of known programs in combination with allowing programs with valid digital signitures is somewhat permissive, which seems possibly risky for users without other security layers. Requires a heavy learning curve to reliably answer popup alerts (it helps to know your PC's software and your firewall's features).

Additional Features of Interest (as Found in its Interface): Advanced network options for experts, with three default settings to modify (Home, Public, Work). Updates automatically, many language options, password protection, and full screen mode.

To learn more visit its online help, change log, and forum.

Outpost Firewall Free    Rating 8 of 10

Pros   Proactive security (at max settings) compares with Online Armor. Highly flexible protection, simplified alert messages, and includes a full screen mode.
Cons   It fails tests for protection against malicious logouts or system shutdowns. The free version lacks automatic updates and the ability to break active connections. Displays annoying news advertisements. And I found that the installation hangs a little, so you have to be patient.
Developer Home Page   http://free.agnitum.com/
Download link   http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html
File Size   16.63 MB   Version 6.5   License Type Restricted Freeware   Installation Requirements Windows 2000, XP, Vista
64 Bit version available   64-bit version available (see here and click "Outpost Firewall Free x64 Version")
Info  

It comes with reduced HIPS monitoring (lacking anti-key logger protection for example) and asks users whether to do an initial week long learning phase during installation, which seems risky for users without other security layers. Requires a heavy learning curve to reliably answer popup alerts (it helps to know your PC's software and your firewall's features).

Additional Features of Interest (as Found in its Interface): Built-in "Help", full screen mode or entertainment mode.

Privatefirewall    Rating 7 of 10

Pros   Effective proactive security and stealth, one of the lightest of all tested firewalls on memory, simple setup (no nags or ads!). Easily choose between 3 network profiles. Has a unique "email/system anomaly detection" feature, which trains over 7 days by default.
Cons   Ineffective self-protection, fails a leak test (see echo2), and fails some tests for prevention of malicious system shutdowns. It doesn't have an automatic installation mode (but it has a training mode in "Settings" > "Advanced"). The tray icon flashes for log events instead of network activity per se. No update feature. Lots of information/clutter in the main menu.
Developer Home Page   http://www.privacyware.com/personal_firewall.html
Download link   Use home page link above.
File Size   3.23 MB   Version 7.0   License Type Unrestricted Freeware   Installation Requirements Windows 2000, Server 2003, XP, Vista, Windows 7 (32/64 bit*).
64 Bit version available   *Partially 64-bit compatible, but without the process monitor
Info  

Requires a heavy learning curve to reliably answer popup alerts (it helps to know your PC's software and your firewall's features).

Additional Features of Interest (as Found in its Interface): Built-in help and tips. Auto trusts safe vendors. Able to block outbound email automatically. Network options for experts, with three default settings to modify (Home, Public, Work).

To learn more visit its feature list and online support (change log, user guide, tutorials).

Editor

This software category is maintained by volunteer editor cyberlightning

 

The reviews holistically draw from the listed inbound tests (and other listed tests and articles above), Matousec testing results (since they can modify their tests and detect tactics a product might use to trick the tests), personal usage experiences (user friendliness, frequency of alerts, alert clarity, behavior/reliability during tests, etc. -- some of these seriously effect protection quality since many of the products rely on user responses), community experiences (wiki edits, forum user experiences, and, especially, the comments section below), installation/uninstallation/compatibility issues, memory use of active components as measured by Process Explorer, and comparison of features/settings of interest. All of my testing is on Vista (SP 2, 32-bit) of late.

Tags
best free firewall, software firewall, firewall for XP/vista/Windows 7, firewall reviews, windows firewall, Comodo Firewall/Comodo Internet Security, Online Armor Free, PC Tools Firewall Plus, Outpost Firewall Free, Privatefirewall, Sunbelt-Kerio Personal Firewall, ZoneAlarm Free Firewall
4.313515
Average: 4.3 (185 votes)
Your rating: None

I installed Comodo Pro on my new Win 7x64 hp laptop, after removing Norton's Interent Security, and it continually freezes the screen when the alert box pops up. Heck of a time getting rid of it too. Works fine on my older HP Xp laptop. Anyone else with this problem?

Have been using PCtools for a while now (on win7 & XP) on 'normal' user mode with 'Enhanced Security Verification' checked. it has been good. installation was easy. v few alerts, and those few that did come up were justifiable eg of one was whether or not to allow 'internet meter lite', another was re sophos free rootkit scanner. applications etc are easy to configure post installation if you want. no apparent slowdowns or conflicts. v impressed overall. was using ZA (never again!) on a few pc's so was wanting something with minimal user interaction. so far, pctools has been ideal.

Can anyone tell, does outpost firewall has anti phising capabilities...

thanks

You can achieve this by switching to safer DNS servers like OpenDNS or Comodo Secure DNS.

http://www.opendns.com/start/
http://www.comodo.com/secure-dns/

Switching to a safer browser will also help considerably. SRWare Iron for instance has a phishing and malware protection option.

Thanks a lot for ur quick response and also thanks for the links...

No problem. I should have included a link for Iron too, so here it is:

http://www.srware.net/en/software_srware_iron.php

Don't be put of by the default interface if you've never tried this one before because different themes are available. No where near as configurable as Firefox of course, but that's maybe why I like it. There is an an-block script which works fine, and you can use WOT to rate sites via a link which you just drag to, and run from, your bookmarks toolbar.

If you need specific help, especially with system configs if you decide to swap DNS servers then please post in the forum because from there we can provide individual assistance.

http://www.techsupportalert.com/freeware-forum/general-computer-support/

Thank u very much sir,

Whatever software i use, i select from your reviews itself...

I was using Sunbelt personal firewall as recommended by you (not facing any problem), but since it went down in your reviews, i experimented with Comdo Firewall and Outpost firewall. they didnt give any problem but they show the details of blocked attacks time to time which can frighten a novice user like me.

Somewhere i read that sunbelt/kerio does the same thing without frightening users and saving all attacks count to their log files...

I wish to go back to sunbelt/ kerio again....I dont use internet for risky browsing like free games, musicor crack downloads,...will u recommend me using Sunbelt firewall.

thanks in advance

Ultimately, the firewall which will work best for you is the one you can understand the easiest. Most have very similar performance when it comes to traffic filtering, the differences and complications arising from their other features for which most of the alerts are generated. Windows own firewall is more than adequate for the net usage you describe although if you were happy with Sunbelt/Kerio before then I see no reason why you should not return to it. You can always add WinPatrol as a lightweight HIPS partner. It will give you some alerts but they are well explained and easy enough for most folks to deal with.

http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/WinPatro...

Again thank you very much sir.

This site is one of the most useful websites..

With the Giveaway of the Day Should i uninstall avast 5 Our can i use the antivirus that comes with it , along with it. Witch one is better.

In reference to the upcoming Giveaway of the Day,Does anyone know which antivirus Online Armor++ uses? What about the antimalware component? Finally, I assume my Avast 5 would need to be uninstalled if using OA++? Thank You

I suggest you ask GOTD. Often the programs in question are specially butchered or otherwise restricted for their various offers. This may or may not be the case with Online Armor but we would certainly have no knowledge of any restrictions or other conditions which they may be applying to this one.

"Often the programs in question are specially butchered or otherwise restricted for their various offers." - MC

I find this statement disturbingly malicious. Is this a fact from your personal experience? Or, just a pigment of your imagination?

The reverse of this is saying that everything they publish is exactly the same as it would have been had you bought the program. This has not been my personal experience or that of others who have posted as such in their comments. This is not a criticism of GOTD. These are no different to special offers published here or anywhere else. I'm just advising that potential users should read the attached comments, registration requirements and/or EULA's before deciding if the software meets their requirements.

It is using Emsisoft's asquared. Quite frankly, and this is my personal opinion, I don't recommend it. I have two (2) active full licenses of the antivirus which are valid until November of this year. I ditched it after a little over a month's use. 2 malwares made their way onto my laptop and 3 nasties onto the desktop. I revert back to Avast 4.8 which is for me, the best free proactive solution out there. When the Avast V.5 was finally released, I was happy.

For me, for the average person, go with the protection with the minimal user interaction.

Avast 5
PCtools Firewall Plus
PCtools Threatfire

This is all you need.

According to their webpage here :

http://www.tallemu.com/products-online-armor-plus-plus-overview.php

it included "dual Emsisoft/Ikarus Dual Antivirus and Antimalware engine!"

I used to use Comodo but for some reason it starts up with Windows, like every other one it seems, even when I do not need it. For folks like me who still have a dial-up connection this is a major inconvenience due to the resources the firewalls utilize as well as being loaded into memory.

Who makes a firewall that will activate only when the user chooses to activate it?

Firewalls are designed to protect your network whether you are connected to the outside world with it or not. This is why they start during the Windows boot process. Additionally, most modern firewalls now have HIPS components which are also designed to provide offline protection, memory injections being one of them, and therefore need to be started with Windows. Unless you have a very old computer with a weak memory, the resource usage of Comodo should never be an issue considering the small amount it uses.

If your computer really is this resource use limited then I would suggest switching to Ubuntu (Linux). Consumption will be less overall than with Windows, you won't need an AV and something like Firestarter you can switch on and off to suit.

Stand alone pc's, like I have, don't need a firewall to load when Windows starts; The firewall is only needed when I connect to the internet. Also the programs I use are not Linux compatible, Mac yes but not Linux.

I should add that I you have an issue with Comodo where I can't get the registration process for the forum to work; they do not want to help. They will only send an email stating to register with the forum. Free firewall with horrendous customer service.

Just asking. Are your PC's in anyway compromised because of these observations?

Midnight Cowboy. Please remove the picture of John Wayne from your profile in the forums. It is offensive to me. Thanks.

I like MC's John Wayne Pic! Maybe it's a Trooper thing, dunno...

Nobody forced you to look at the picture! I was under the impression, that this was a forum for computer security, not about personal beliefs (what someone finds "offensive"). Keep those opinions to yourself!!!

I find many things in life offensive, but thanks for asking.

I have an issue with firewalls and currently am running Windows firewall.

Outpost free was mysteriously adding stuff I didn't authorize even though I have the auto-create rules disbaled.

Verson 4 of Online Armour somehow unloads items running in my system tray. Version 3.5 did not.

I cannot understand Comodo at all.

PC Tools changes my graphics card setting everytime I boot up. Where do I turn?

I am slightly confused.
The review says PCTools is 64-bit compatible.
However on pctools site the system requirements for Firewall clearly says "Designed for Windows 7 (32/64bit), Vista (32/64bit) and XP (32bit)"

Thanks for the question,

The installation requirements in the product details note the website information as you quote it.

But I can add a note to exclude XP from the 64 icon in the next update.

I am thinking about switching from Outpost Free to PC Tools Firewall. The reasons:1)PC Tools has self-update;2)PC Tools has the HIPS feature scoring higher on Matousec. That said I have two doubts:1)does the latest version of PC Tools detect USB networks?2)it seems that this firewall doesn't have the chance to create preset rules like Outpost does..it just pops up with the choice between "Allow" or "Deny".I don't want a simplicistic "all-or-nothing" mode but on the other side I am not good at makimg rules.
Thanks!

Have used Zonealarm Free for awhile on a few pc's, mainly due to its so called ease of use/avoiding lots of alerts. But, now it has become 'nagware', and having read about zonealarms bad attitude in their forum (link below), and of course its poor performance! have decided to try something else ie Pctools firewall free. what a revelation! installed pctools with default settings for 'normal' user and it works great (so far!). was expecting numerous alerts, but have only had a couple of alerts so far, which were expected. no noticeable internet slow down either. it's also easy to configure, including alerts re applications etc. there are advanced settings, but so far nothing has needed to be changed. bye-bye zonealarm!

can any one tell does free version of SPF protect the traffic out of computer or not?

Thank u very much Rizar....by SPF i meant Sunbelt personal firewall...

So, Sunbelt/Kerio it is then. The older free version is also still hugely popular if yhou're interested. Version 2.1.5

There's actually a very good tutorial here for setting up the rules.
http://www.urs2.net/rsj/computing/kerio/index.html

If you Google for Kerio Blitzen ruleset then you'll find some more choices if you want to go this deeply with it.

These things are always of some interest because the configurations can be applied to other firewalls too.

one last qs ...

which one will you recommend...Free version of Sunbelt firewall 4 with no pop up mode or kerio 2.15 firewall with the settings mentioned in the tutorial...

thanks

There are opposing views as to how effective these older programs are. To my mind, until IPV6 becomes the dominant protocol they will continue to filter your network traffic as effectively as when they were made. Where some of them do fall down though is in their other capabilities which are likely not up to modern software standards. These centre around the firewall's ability to prevent the kind of attacks replicated by leak tests and of course self protection. There are many good discussions about this on Wilders with contributions from general users and networking experts alike.

http://www.wilderssecurity.com/

I suggest you enter (for example) Kerio 2.1.5 into their search field and take a look at some of the experiences being shared there. This might help you then to form a more balanced opinion about if you want to use an older style program and if so which one.

Thanx a lot for the link..

Is the Kerio firewall on default settings recommended for a "newbie" as far as security, and understanding of the firewall as far as pop ups and asking permission for various functions and programs?

This is just my personal opinion but (especially if you have Vista or W7) I would be more inclined to stick with the Windows firewall and then build a knowledge of third party software firewalls from here and other places first, rather than installing one and trying to learn it from there. All of these alternative firewalls produce alerts which require a response, it's only the nature and number which varies between them. Again, just a personal opinion, but after you become a bit more familiar with your computer and have read a little about what firewalls do I would maybe visit Outpost Free first, but only if you decide to move away from Windows.

Yes. It defines each of its outgoing filtering features narrowly, so even after it loses its HIPS, it still has NIPS (network intrusion prevention), custom filtering, and the optional behavior blocker. It just won't have much proactive security at all.

Well, mine is for Sunbelt so take your pick.

If we are talking about Sygate Personal Firewall then it does have excellent outbound protection. There are however two issues to bear in mind. First it grants automatic server rights (incoming connections) to everything approved so you will need to un-tick this option individually for every application listed (see advanced settings). Second, Sygate contains a well known loopback issue which in itself is of no consequence unless you are using an AV like Avast! which uses a proxy net connection. Others like Avira which don't use a proxy are fine otherwise to varying degrees you will lose control of outbound connections through Sygate. Unless you use Avast! or another proxy based AV then don't let this put you off. Sygate remains a top class effective solution and will remain so until IPV6 becomes the dominant net protocol which is still some way off.

Buy a Router, Seriously.

I agree, router's do make a difference in security...

http://www.theregister.co.uk/2010/01/06/web_based_firewall_attack/
NB. this link provides a link to the 'hackers' website, caution required.

If configured properly!

You said it!

I had to uninstall ZoneAlarm free firewall from my Vista machine last winter after it updated around Christmastime and began messing up Firefox and my internet access. There's lots of stuff online about this; apparently, ZA claims it's the fault of Firefox or other programs. Having waited until now to allow for new updates, I tried ZA again. No luck: within less than an hour all the old problems were back, and they disappeared when ZA was uninstalled, this time permanently. All I can say is ZA on Vista is a no-go.

ZA had that ff prob in xp as well, and their new browser security toolbar is known to cause probs. ZA is a no go in general imo! including their paid ones! there are much better firewalls out there, including the free ones described in this article!

In PC tools firewall, What is the default setting for Enhanced Security Verification?
I tweaked the settings and now I forgot the default one.
Please help

it is tick (that means ON)

This might seem out of place, but does anyone know how effective Hotspot Shield is? I recently got to know this app by browsing in AlternativeTo.net. Here's the link: http://www.anchorfree.com/.

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <b> <address> <blockquote> <br> <caption> <center> <code> <dd> <del> <div> <dl> <dt> <em> <font> <h2> <h3> <h4> <h5> <h6> <hr> <i> <img> <li> <ol> <p> <pre> <span> <strong> <sub> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <tr> <u> <ul> <tr>
  • Lines and paragraphs break automatically.
  • [node:123] - insert full text (themed by theme('node'))
    [node:123 body] - insert node's body
    [node:123 teaser] - insert node's teaser
    [node:123 link] - insert link to node
    [node:123 collapsed] - insert collapsed node's body
  • You may use [view:viewname] tags to display listings of nodes.

More information about formatting options