Best Free Firewall Protection

Other Language?
  Read this article in Spanish
In a Hurry?

  Go straight to the Quick Selection Guide

Introduction

 

Firewalls help monitor your system's communications between your network and the Internet, to help prevent intrusions and attacks. They are particularly useful for controlling the activities of Internet facing applications.

No other freeware product has more of a reputation for causing user angst than a firewall. To find a suitable product may involve a process of trial and error. A firewall should protect while not being too intrusive or too complicated to handle. In this article we give you a selection of what we think is the best free firewall software available today. Our recommendations are made taking into consideration both editors' and site visitors' opinions and comments.

Firewalls come in two flavours; software based and hardware based. Software based firewalls reside on your machine, running in the background in order to keep a watch on things. To avoid potential conflicts only install one (third-party) software firewall. You can improve protection, however, by using a hardware "firewall" (such as a router) and a software firewall in conjunction. Modern routers usually have a built-in firewall, helping to filter out content before your machine; consult your router documentation for more details.

Basic firewall protection is critical for securing your PC. Simple firewalls (like the default Windows firewall) limit access to your system and personal information, and silently protect you from inbound threats. We review basic third-party firewalls that have marginally better security than the Windows firewall, such as simpler features for monitoring programs that request outgoing Internet connections (we call this "outbound protection"). The default Windows firewall has only limited outbound protection; other third party applications generally offer greater customizability.

Proactive firewalls have the most extended protection, including HIPS or program monitoring (HIPS Explained), and watch for malicious behavior before malware gets a chance to take control of your PC or turn it into a botnet drone. They seek to achieve stronger "2-way" protection, preventing programs from broadcasting your personal information to the Internet.

Some kinds of malware are best detected by their behavior, so a proactive firewall (or firewall/HIPS combo) is a solid second layer of protection next to your antivirus program. It's an excellent option for high risk users (check out our Security Wizard to see if this includes you). However, it's plausible to argue that a good resident antivirus will stop some malicious threats before they get a chance to make it to the Internet anyway. Many of the top antivirus programs are starting to provide behavioral blocking and extended scanning of network activity.

Nevertheless, it is important to use basic or proactive firewall protection, antivirus software for active protection, and safe practices from our "most important advice of all" (Security Wizard) in order to minimize the risk of malware on your PC.

You can "upgrade" (for free!) your security by reading the documentation and learning about proactive firewalls or HIPS programs, or using other protection like least-privileged user accounts and/or Sandboxie or GeSWall. This information, and more, is available on various part of our website.
 

Review Index

Additional Tips/Precautions

  • Before installing new resident security products, including antivirus and firewall programs, you may want to make a full drive image. By creating a full drive image you are able to restore your entire computer back to a previous state in the event your system becomes completely unresponsive. Drive imaging allows you to recover from unintentional conflicts as well as severe malware infections. Everyone's system is unique and may have old, latent drivers that may be incompatible with whatever you are installing, causing problems with your system. Windows Vista (Ultimate) and Windows 7 have a built in "Complete PC Backup and Restore" feature, or you can use a free drive imaging program
  • To cleanly uninstall your (third-party) firewall before installing a new one, you may consider using ZSoft Uninstaller to analyze before and after the installation. If you haven't used it on your current firewall, try Revo Uninstaller (or other vendor or Windows uninstaller), check for leftover services and drivers with Autoruns, and restart your computer.
Basic Firewalls

 

Discussion

The built-in Windows firewall is a common choice since it passes all inbound tests (both stealth and open port) and doesn't have many popup alerts. It doesn't require installation (it comes built-in with modern versions of Windows), so it's not likely to conflict with your other programs. And many average users may not reliably handle the popup alerts of the best firewalls on the market (especially at their max settings).

If you scan clean for malware, don't want/need the additional features of a third-party firewall, and are a relatively low risk user, then the Windows firewall could be a practical and useful solution.

Alternatively, you can replace the Windows firewall with a basic third-party firewall for easier control of outbound protection and additional features. Most simple two-way firewalls ask you to allow or deny Internet access for unknown programs. Many automatically allow trustworthy apps and remember your decisions to become silent over time.

First, you can convert a proactive firewall into a basic two-way firewall, making some of the best free firewalls behave with similar silence and protection as ZoneAlarm. Select the following one-click configurations to set them (see the proactive section for more on them):

  • Online Armor Free: Right-click its tray icon > uncheck the "Program Guard". It's a user friendly option for this configuration if it doesn't conflict with your other software.
  • Comodo Internet Security: Right-click its tray icon > set "Defense+" to "disabled". Or select the "Firewall only" configuration during installation. Make sure to enable rule creation in 'firewall behavior settings' (so you can modify program rules later).

Second, additional third-party firewalls behave similar to the basic configurations of proactive firewalls above. ZoneAlarm, for example, has made a comeback with fewer popups and lighter resource use.

 

 

Basic Firewall Reviews

ZoneAlarm Free Firewall  is a well-established inbound/outbound OS firewall solution suited for users of every level of experience. ZoneAlarm protects systems from intrusions as well as program access to the web. ZoneAlarm features an easy-to-understand user interface. Users can adjust security settings for their needs to allow for file/printer sharing, public networks, and even turn off the firewall if ever needed. Simple controls in the form of visual slide bars make setting up this firewall a snap. ZoneAlarm offers to help users setup initial program access with a first-run scan of installed software and allows/denies accordingly. This first scan does not always offer accurate access to programs.

Users will have to interact with this firewall for a time after installation to make sure programs needing LAN or internet access are granted proper permissions. Popups are very simple in format offering Deny, Accept, and a checkbox a user can check to make ZoneAlarm remember the decision. Novice users should be able to easily identify the name of the program asking for web access so they can make the appropriate decision.

The Program Control will allow users to set ZoneAlarm for Low, which is a learning mode and no OS firewall protection and limited popups. Or users can choose Medium, which will make programs ask for permission to access the trusted and internet zones. The high setting is not offered in the Free version of ZoneAlarm. The Smart Defense Advisor will help reduce popups by offering settings for programs asking for access, based on the decisions made by other users worldwide. Users can choose whether or not to participate in ZoneAlarm's community defense program. Users can set programs access manually at anytime by going to ZoneAlarm's Program Control and selecting Programs.

Internet Zone controls are divided into the Trusted Zone, used for the local network to share files, printers, etc., and the Internet Zone for communication to/from the web. A simple 3-position format allows users to choose from "No protection" (firewall is off), Medium (Allows file/printer sharing), and High (will allow users to connect to a network but will not allow anyone else to connect to your system). The medium setting is recommended for home networks with more than one system, and for users whose modem requires this setting. The high setting is most recommended for single-system web access (only one computer at home and modem does not require a home network setting), and for public areas such as cafes, restaurants, and hotels (etc.) with wifi.

ZoneAlarm Free offers basic two-way defense, stealth mode, and anti-phishing protection. However, it lacks HIPS or program-to-program protection.

It is worth noting that there have been many negative comments about the latest version of the software, at least from the visitors on our site. Most notably, many features have been removed, and may be regarded as a step down from previous versions. Perhaps something you may want to take into account when choosing a firewall product.


 

Windows 7 Firewall Control Windows 7 Firewall Control is a good choice for those intending on using the Windows built-in Firewall. Despite its name, the program is compatible with Windows XP and higher. In a nutshell, Windows7FirewallControl allows the user to configure the Windows firewall to block or allow applications from connecting to the internet; it adds better outbound protection configuration to the built-in Firewall. It is based on the Windows Filtering Platform (which is what the built-in firewall is also based on), so unlike most other firewalls it does not install any third party drivers. The user interface is clean and simple, reflecting what this program does (ie. block or allow application access - nothing more).

There are three modes a user can choose from; Normal, DisableAll, or EnableAll. DisableAll disables all applications regardless of program settings, while EnableAll allows all application access (essentially equivalent to switching off the firewall completely). Unless needing to test something specifically, the Normal Mode is the recommended one - applications/programs are allowed or denied access depending on the rules set.

Under the Normal Mode, when a program tries to access the internet for the first time (upon installation of W7 Firewall Control) a window pop-ups with information on what the application is, the publisher, etc (assuming default program settings). You can then allow or disallow access, either permanently or as a one-time basis. Selecting the former option will add the settings permanently to the Programs list, while with the latter option you will have to deal with the pop-up window again on the next launch.

In addition to the window pop-up for new programs, activities that take place (ie. blocked/allowed traffic, etc) are logged and shows up in the bottom right corner of your screen. Both the pop-up window and log activity notification dialogue can be turned on or off at the user's discretion.

That's basically all there is to it. It may get a bit annoying when you first starting using it, since you will have to define the initial rules for all your applications (ie. allow or disallow them); this includes everything from Internet Explorer to your antivirus program. Nevertheless, Windows7FirewallControl allows much greater and easier control over the built-in firewall than what the operating system offers.


 

Tinywall 2.0 TinyWall is a lightweight firewall solution that works with the built-in Windows Firewall. With no pop-ups to annoy the user, it can be an ideal set-and-forget solution. The installation package is very small, weighing in at just over 1 MB. Installation is a breeze, though there is no option for the user to select where to install the program. After installation, it starts running quietly in the background, as indicated by the tray icon. All the program features can be accessed by clicking once on the tray icon; there is no 'main window' interface. From the pop-up menu, the user can also view and select, among others, the operating mode, total network activity, adding application/process exceptions, and accessing the Firewall Settings dialog.

The Firewall Settings dialog is where the user can manage General settings, such as password protecting the application. An application exceptions section also allows the user to specify applications that are allowed to communicate with the network. There is also a 'Detect' feature where the program will try to detect known applications, or the user can elect to manually add applications. Furthermore, TinyWall is able to recognize associated processes with the same application. For example, if you have a program that has more than one process, adding the first process will result in the program also offering to whitelist the second related process as well. Needless to say this is very useful for those applications that have more than one process.

It should be noted that when adding an exception to the list, the default settings are 'Unrestricted UDP and TCP traffic'. Depending on the nature of the program it may be necessary to restrict it to 'Outgoing only' to offer maximum security.

The special exceptions tab allows the user to specify more advanced settings; specifically, allowing the user to select which system services to allow/block. It is recommended to leave it as is unless there's something you really want to change.

The maintenance tab rounds out the Settings dialog, allowing the user to import/export settings, check for updates manually, and a link to visit the vendor's webpage.

A small, lightweight firewall, TinyWall is a solid choice for those looking for a reliable, low-resource firewall program that does not interfere with the user's computer usage.

Firewalls with Strong HIPS Protection

 

Discussion

The following personal firewalls provide excellent network and HIPS protection. Each firewall comes with default settings and, depending on the users' needs, may not require much adjustments.

Firewall products in this section require more time to learn than basic firewalls, in order to get the most out of them. Since firewalls are often praised for their security effectiveness at their max settings, users will likely have lower protection than mentioned by independent testing sources like Matousec. All of the product vendors seek to provide user friendly features, sometimes incorporating reduced levels of protection in their default settings (by decreasing some HIPS monitoring).

 

Proactive Firewall Reviews

Comodo Firewall is a solid choice for users seeking a full featured security suite. This latest release is suitable for both lightly-skilled users (still must have knowledge of installed programs) and technically advanced users. Its robust and active HIPS (or application monitoring feature), called "Defense+", matches or exceeds the security performance of pay products. Comodo allows for much control and customization for the curious or the paranoid.

Comodo includes a "memory firewall" (against buffer overflow attacks) and a light sandbox component to limit the way unknown applications and new software installations affect your computer. The use of sandbox protection limits the negative effects of malware. It maintains a lengthy list of known safe applications, but if an unknown application attempts entry through the firewall, Comodo will deny the application and ask the user what to do. The new release contains user friendly features by default while allowing experienced users to maintain control over ports, protocols, and configurations.

During installation the user has three firewall installation options to choose from:  Firewall Only, and Firewall with Optimum or Maximum Proactive Defense (ie. the Defense+ feature as mentioned earlier). After installation Comodo automatically selects "Safe Mode", which generates numerous popup alerts for applications not in its trusted vendors list (you can browse this list to see if you trust the vendors: go to the Defense+ tab > "Common Tasks" > "View My Trusted Software Vendors"). When you answer "allow" and "remember your answer" to popup alerts for an application, Comodo creates a custom policy for it. Some of its policies are fairly liberal.

In the more liberal "Clean PC Mode", Defense+ automatically treats all applications on your drive as safe (but if any malware is currently hidden on your drive, it too would be considered safe). Applications still receive some minimal monitoring for Comodo's two protected lists ("my protected registry keys" and "my protected COM interfaces") and for running as an executable, or more/less monitoring depending on their custom policy. And new files get sent to a list of files "waiting for your review" in the "Summary" page. Files listed for review will be considered possibly unsafe and will provoke popup messages, as if in Safe Mode, until their custom policies are made.

Comodo limits the frequency of alerts by automatically treating some programs as safe and allowing some applications to access the Internet. You can additionally automate the behavior of Defense+ by one or more of these methods for treating applications as safe:

  • Have it "remember your answer" to all popup alerts when an application first runs, which works for some applications (because some custom policies set this way are close to "trusted" status). But if an application still nags you, click "More Options" in the alert and use the drop down box to select "trusted" or "blocked" (etc.), if available, or set an application to trusted manually ("Defense+" > "Advanced" > "Computer Security Policy" > "Edit..." > "Use a Predefined Policy"), which finally ceases popup alerts and most intrusion prevention for that application.
  • Add files to the lists of "My Own Safe Files" or "My Trusted Software Vendors" in the interface (see the "Defense+" tab), which is most helpful for "Safe Mode" or "Paranoid Mode".
  • Use the "Clean PC Mode" (right-click the tray icon and select it under the "Defense+ Security Level"). But make sure to scan and remove any malware first.

The following guides by Gizmo's Freeware also contain many useful information about Comodo's settings: How to Install Comodo, How to Tame Comodo Defense+ Without Disabling It, and MC's Mini Tutorial.


 

Online Armor FirewallA solid contender is the free version of Online Armor Free. It has outstanding leak-test and HIPS performance (the HIPS feature is mostly in its "Program Guard"). It has a unique feature called "run safer" that allows you to selectively set risky applications (web browsers, office software, readers/viewers, instant messengers, email or news programs, multimedia software, download managers, etc.) to run as if under a limited user account (go to "Programs" tab > uncheck "Hide Trusted" > highlight a program and click "Run Safer"). It minimizes popup alerts over time with its automatic list of safe programs, your on-demand scans with its safety check wizard, and your responses to popup alerts -- especially in cases where you tell it to remember your decisions and have it treat programs as trustworthy.

Run the wizard and have it search your PC for known programs to allow/block/ask. In this case, Online Armor relies on you to respond to alerts for unknown programs. For the curious or paranoid user, it uses excellent popup messages when it automatically allows a program to connect online and, optionally, when it automatically trusts a program/process to run (these alerts don't require user action and they can be enabled/disabled in the interface with "Options" > "Firewall", and "Programs" > "Options"). For example, I noticed a message when it auto trusted a key logger test, but after I set the tester to untrusted, it gave very informative and detailed security alerts (and then it passed the test and logged the tester in the interface under the "Key Logger" tab, but it only logged the key logger after the test was untrusted). You can even close both its tray tools from its right-click context menu. They are not needed for the firewall and HIPS components to continue running and protecting.


 

Outpost Screenshots Outpost Firewall Free is a good choice for users who want highly flexible protection without sacrificing usability. It was obviously made with average users in mind, judging by the care taken to simplify alert messages and make it easy to adjust intrusion prevention (or HIPS) monitoring. For example, it remembers your responses to popup alerts without the need to set "trusted" rules (like in Comodo/Online Armor), and like Online Armor it notifies you when it automatically allows an application to access the Internet (especially helpful during the learning phase).

The free version lacks many extras of the pay version, however, such as automatic updates and the ability to break active connections. The HIPS component is called "Host Protection" in the interface. It provides four default levels of protection, which can be easily set with a slider and additionally customized item by item by advanced users. The default "optimal" setting only monitors the "most dangerous activities" (such as memory injections, driver loads, and a healthy list of system critical features -- auto starts, shell extensions, and internet settings) instead of all program activities. But these "optimal" settings lack protection from keyloggers, direct disk accessing, DNS API request monitoring, etc. You can check the types of reduced monitoring in "Settings..." > "Host Protection" > "Customize...".

The installation asks whether you want to train the firewall for a week (using its Auto-Learn mode and Rules Wizard). In this mode, it sets rules automatically for known safe applications.


  

Private Firewall A former commercial product, Private Firewall is now unrestricted freeware. It is a proactive multi-layer security solution, offering behaviour blocking technology alongside standard firewall protection. Using Behavioral-based Monitoring, it features zero-hour virus, spyware, and malware protection, process and application security, and registry protection, just to name a few. It is definitely a feature-packed firewall/HIPS solution.

 While there is a decent help file available, the user interface can be a bit confusing and overwhelming. There are many configurable settings, and sorting through them may require some time. To help out with that there is a information menu on the right of each screen which explains what each section is for. Training mode allows all actions within a 180-second interval, which is ideal for installing or running programs for the first time. On the first run after installing however, Private Firewall still managed to disable Panda Cloud Antivirus, the antivirus software on my test system, even with Training mode activated. Adding Panda Cloud Antivirus to the allow list seemed to solve this minor issue.

It is also possible to set different security levels for the Internet and the Network. Various levels of protection (High, Low, and Custom) can be separately specified for Internet Access and Network Security (ie. file and printer sharing). This is useful for, say, when one needs to access the internet via a network they don't quite trust. In addition, there are three profiles you can choose: Home, Office, and Remote. You can set appropriate settings for each one and easily switch between them as needed; this is particulary useful for portable computers which connect to many different networks. Another useful feature is that it is possible to block all outbound email; simply click the 'Block Outbound Email' icon in the main user screen and all outbound email should be blocked.

Overall, Private Firewall is a very effective firewall; it ranks among the top products on Matousec. A number of members at our forum speak highly of the developers of Private Firewall, and the software is trusted. However, the graphic interface and usability is slightly tailored for the more advanced users. Beginner computer users may want to consider another firewall instead, but if you are comfortable with the basics of Windows & firewall software, you should definitely consider Private Firewall.


 

AVS FirewallAVS Firewall differs from other regular ones in that it comes with additional protection modules; namely a registry defender, a banner blocker, and parental control options – it is something like a suite. The firewall itself does not have as many configurable options as some of the firewalls listed on this page, but the standard selections are still there – off, which turns off the firewall; custom, which allows you to set your own connection rules; and high, which blocks all connections.

Each section of the program is displayed clearly; navigation is through the menu on the left. Alerts are generally clear and straightforward, as is configuration.

The registry defender protects the registry from being modified, with the option of only protecting select categories. The parental control limits the list of websites that can be accessed, but you must manually add each website to be trusted, ie. You cannot block specific websites; you can only allow certain websites. The anti-banner component blocks undesirable web page content including ads, flash banners, pop-ups and the like. All three of these additional modules can be disabled independently as desired. AVS Firewall also comes with a monitoring utility so you can check the size of network traffic which is sent and received by each application.

During installation of this firewall, the installer automatically installs the AVS Software Browser; there is no option to opt-out of installing this, but the program can be removed separately after installation with no effect on the actual firewall program. The installer also has a pre-checked option to install AVS Registry Cleaner, and it is recommended that it is unchecked so the installer does not install it.

Despite trying to bundle in a few additional programs by the vendor, AVS Firewall itself is a decent firewall program.  It has some additional features not found in your everyday firewall program, though most of those features can be found in other third party programs.

 

Other Firewalls for Windows 95-2000

The following firewall software are for older versions of Windows. While still available, they are no longer supported by the vendor and may contain bugs or stability/security issues that will not be addressed by the vendor.

Related Products and Links

 

Related to Firewalls

Security Guides

Security Products

Inbound Vulnerability Tests

Outbound Vulnerability Tests

Learn More

Quick Selection Guide - Basic Firewalls

Windows 7 Firewall Control
4
 
Runs as a stand-alone program on a user's computer
Simple and effective; uses Window's built-in firewall platform so no third party kernel drivers are needed. Very small footprint. Three modes to choose from (Normal, EnableAll or DisableAll). Great for complementing Windows' built-in firewall
May be a bit annoying to use at first since the user must configure the initial rules for all their applications; no training mode. The dialog box that pops up to allow/disallow a particular program has a lot of information, some of which may not be too user friendly to beginner computer users. Online manual could be more comprehensive.
4.1.21.93
1.43 MB
32 and 64 bit versions available
Feature limited freeware
A portable version of this product is available from the developer.
Windows XP, Server 2003, Vista, 7, Server 2008

Despite its name, this program works with system Windows XP and higher

TinyWall
4
 
Runs as a stand-alone program on a user's computer
Lightweight basic firewall; simple yet effective. Non-intrusive program with no pop-ups. Ability to recognize associated processes when whitelisting programs. This program could be a good choice for those not familar with computers, as it does not require advanced knowledge to use.
No user dialog; everything is accessed from the pop-up menu. Not necessarily a bad thing, but may be different compared to what most are used to. Cannot select where to install the program. Requires .NET framework
http://tinywall.pados.hu
2.0
1MB
32 and 64 bit versions available
Unrestricted freeware
There is no portable version of this product available.
Windows 7, Vista
ZoneAlarm Free Firewall
3.5
 
Runs as a stand-alone program on a user's computer
Solid inbound firewall, stealth mode, user friendly, customizable settings, anti-phishing protection, and hosts file lock.
Inadequate HIPS or program monitoring protection. No High setting for program access in Free version. In spite of available automatic update option, updates almost always must be performed manually. Help file designed for commercial version. New version (v10) has received negative feedback from our visitors
9.2.106
44.8
32 bit but 64 bit compatible
Free for private use only
There is no portable version of this product available.
Windows XP (32-bit), Vista, Windows 7 (2 GB RAM, 2 GHz, 100 MB disk space)

To learn more visit its service and support page

Quick Selection Guide - Firewalls with HIPS

PrivateFirewall
5
 
Gizmo's Freeware award as the best product in its class!

Runs as a stand-alone program on a user's computer
Effective proactive security and stealth, one of the lightest of all tested firewalls on memory, simple setup (no nags or ads!). Easily choose between 3 network profiles. Has a unique "email/system anomaly detection" feature, which trains over 7 days by default. Quick to respond to queries / feature requests.
No automatic installation mode (but it has a training mode in "Settings" > "Advanced"). The tray icon flashes for log events instead of network activity per se. Program may be more suitable for advanced users due to slightly complex user interface.
http://www.privacyware.com/
7.0.25.4
7.7MB
32 bit but 64 bit compatible
Unrestricted freeware
There is no portable version of this product available.
XP & Server 2003 (32-bit), Vista, Windows 7 (128 MB RAM, 300 MHz, 10 MB disk space)

Additional Features of Interest (as Found in its Interface): Built-in help and tips. Auto trusts safe vendors. Able to block outbound email automatically. Network options for experts, with three default settings to modify (Home, Public, Work).

To learn more visit its feature list and online support (change log, user guide, & tutorials).

Comodo Firewall
4
 
Runs as a stand-alone program on a user's computer
Its Defense+ HIPS performance exceeds commercial products and leads the class, it includes a "memory firewall" feature, and it allows you to quickly switch between Defense+ security modes and configurations. Includes automatic updates. Installation can automatically configure your PC to use the Comodo SecureDNS (but you can do this without installing CIS).
No built-in help. Despite not installing the AV component, the AV files are still placed in the Comodo program folder. Possible problems when uninstalling program; remants of the program are sometimes left
6.0.260739.2674
88 MB
32 and 64 bit versions available
Unrestricted freeware
There is no portable version of this product available.
Windows XP (SP2), Vista, Windows 7 - 152 MB RAM, 400 MB disk space

Additional Features of Interest (as Found in its Interface): Installation mode/training mode, auto updating, built-in help and tips, parental control with password protection, extra themes and languages, and a stealth ports wizard. Purges old or unused firewall/Defense+ policies or unused files (safe files, files waiting for review, etc.). Displays balloon messages for instant logging events.

To learn more visit its forum, online help, and/or release notes.

Outpost Firewall Free
3.5
 
Runs as a stand-alone program on a user's computer
Proactive security (at max settings) compares with Online Armor. Highly flexible protection, simplified alert messages, and includes a full screen mode.
It fails tests for protection against malicious logouts or system shutdowns. The free version lacks automatic updates and the ability to break active connections.
http://free.agnitum.com/
2009 - v6.51
16.63 MB; 98.81 MB for Security Suite
32 and 64 bit versions available
Feature limited freeware
There is no portable version of this product available.
Windows 7, Vista, XP - 450 MHz CPU, 256 MB RAM, 200 MB free disk space

Newer versions and 64-bit version are part of the Outpost Free Security Suite - includes additional software components which may conflict with existing software.
64-bit version (98.81 MB v7.1) available here: http://download.cnet.com/Agnitum-Outpost-Security-Suite-Free-64-bit/3000... *Warning: Downloads from Cnet (Download.com) now require the use of a proprietary installer.

Reduced HIPS monitoring (lacking anti-key logger protection for example)

Additional Features of Interest (as Found in its Interface): Built-in "Help", full screen mode or entertainment mode.

Online Armor Free
3
 
Runs as a stand-alone program on a user's computer
Excellent proactive security performance. Includes a "run safer" feature to reduce rights for specific risky applications, and the ability to monitor key logger activity and host files. It handles the installation of new programs better than some other tested products.
It doesn't have automatic updates or a built-in help. It's mandatory to enter an email during installation, and it has a pre-checked option to send it anonymous information. May have problems installing unless all remnants of similar programs have been removed from the receiving computer.
http://www.online-armor.com/
5.1.0.1331
30 MB
32 bit but 64 bit compatible
Free for private use only
There is no portable version of this product available.
Windows XP (32-bit), Vista (32-bit), 7; 512MB Ram, 50MB Disk space

64-bit version only for Windows 7; XP 64bit and Vista 64bit are not supported

Additional Features of Interest (as Found in its Interface): Set passwords, protect programs (right-click > "Advanced options"), key Loggers tab/Hosts tab, and multi desktop support.

To learn more visit its forum, and blog.

AVS Firewall
3
 
Runs as a stand-alone program on a user's computer
Has additional features not found in standard firewalls (registry defender, banner blocker, parental controls). Clear and straightforward navigation. Easy to configure
Parental control only allows you to add trusted sites; you cannot specify specific sites to block. Installer automatically installs AVS Software Browser which is not necessary for the firewall program, and has pre-checked option to install the vendor's Registry Cleaner. Firewall itself is not as configurable as others
2.1.2.241
22.9MB
32 bit only
Unrestricted freeware
There is no portable version of this product available.
Windows 7, XP, 2003, Vista

Have Your Say

Your opinion matters! If you've used one of these firewalls before, or know of another outstanding freeware firewall, let us know in the comments section below. For a more comprehensive discussion, please visit our forum.

Editor

This software category is maintained by volunteer editor Tim; registered site visitors can contact Tim by clicking here 

Tags
best free firewall software reviews Windows firewalls HIPS

Back to the top of the article

Share this
4.29684
Average: 4.3 (475 votes)
Your rating: None

Comments

by crosenblum on 1. January 2013 - 9:14  (104141)

First off, huge fan of this site, long time reader, 1st time commenting.

I am like many of you still stuck on WinXP for reasons of finances +hardware support issues.

I have tried and used many different firewall's, over the years, and recently been using CheckPoint's Free AntiVirus + Firewall Product.

The interface is well designed, reasonably easy to use, and to figure out, except I can't figure out how to turn on the "learning mode". Although I am knowledgeable enough to manually setup permissions for different applications, services etc.

My current main complaint is the high memory or cpu usage that vsmon.exe has, and maintains, using around 244 to 250 mbs of ram according to the Task Manager. Which has started to affect the usability of other applications.

My 2nd complaint is that the installer doesn't add a tray icon, for immediate access, had to run that manually, then make the setting to run at windows startup.

I am not saying that ZoneAlarm is a bad product, just not a good fit for older hardware perhaps or perhap's it's a WinXP issue. And maybe it's just not practical to create new software for older OS's or hardware, and I can understand that.

Also, I picked this combo package, because I had read somewhere that MSE is not as accurate in it's heuristics anymore, so therefore a stronger antivirus software selection was mandated.

I tend to pick software, that allows command-line options, so that I can create batch files, to run as scheduled tasks, to keep my pc maintained and secure, without having to manually go do updates and scans.

In that case, can anyone recommend, a good free firewall, that is lightweight but tough security? Thank you kindly.

by MidnightCowboy on 1. January 2013 - 10:26  (104143)

Learning mode for ZA is controlled using the high/medium security settings. See the userguide linked from this page:

http://www.zonealarm.com/security/en-us/support/technical-support-zoneal...

MC - Site Manager.

by DaveJohnsonGB on 5. January 2013 - 22:46  (104252)

I used to put Comodo on every PC I have ever used. Sadly the last time I was helping out a friend I realized that now comodo adds in a bunch of different software and it doesn't give you the options to not install it. You can still delete Geekbuddy and Dragon after the fact because the standalone firewall has no dependencies. I will never use their software again and I highly encourage people to do the same. Even the standalone firewall has no access to all the basic functions an IT professional would need. If you want a piece of software that you have no idea what its doing then this is the firewall for you. I'm still searching for something new but in the mean time I'd rather go unprotected than having this crap running on my PC.

by MidnightCowboy on 6. January 2013 - 0:45  (104254)

What are the missing "basic functions"? MC - Site Manager.

by Teo on 14. January 2013 - 7:38  (104464)

Most likely it is about new Comodo 6 interface which for unclear reasons becomes completely terrible from the point of view of Firewall info. There is no way now to see the network activities unless you’ll install additional KillSwitch module. But even after that you need to drill down so deep in interface and wait for significant time to access this basic for any firewall information. At the same time, main interface provides nothing but huge useless pictures.

This is a really sad story with Comodo. Still providing very good job as firewall, the game-looking irresponsive non-informative new interface, lack of configurations abilities to switch-off additional modules (like sand box and virtual kiosk), updates notification pop-ups killing Comodo customers massively.

There are a lot of discussions on Comodo forum regarding the rush with which this version has been released with number of bugs and very questionable interface approaches developers proposed in versions 6. A big number of old Comodo users state for avoiding update to version 6 unless it will be changed and fixed.

by MidnightCowboy on 14. January 2013 - 8:30  (104465)

Thanks for sharing your opinion.

I'd venture that Comodo releasing things before they are ready is pretty much par for their course and one of the things that has frustrated me on more than one occasion over the years. I often felt general users were being used as unofficial beta testers despite the product not having such a tag.

As to the interface and feature changes I guess they might be forced into a re-think if enough users decide to vote with their feet.

Interesting times ahead. MC - Site Manager.

by Teo on 14. January 2013 - 11:00  (104469)

I’d agree with your ZA+Ativirus behavior observations with the kind of old hardware as my observations on my own box are pretty much the same. It is really resource hungry (both CPU and Memory). Also, according to matousec (which I’m trusting in tests as a base), ZA has a kind of poor security rating:
http://www.matousec.com/projects/proactive-security-challenge-64/results...

Having the same old system I’m now stick with PrivateFirewall+Avast combination. With my hardware and several days observation this is the most light on resources combination with kind of good protection. Previously I’d stay for Comodo+Avast (or Comodo suite with its own antivirus, which will take more resources with questionable AV rate), but not anymore with Comodo 6.

by MidnightCowboy on 14. January 2013 - 14:27  (104474)

Please understand that the highly misleading Matousec tests have nothing to do with firewall performance as they test the HIPS components. ZA only has a light HIPS and nothing as comprehensive as Comodo or OA so in their tests it will not perform in the top group. See this article for further information:

http://www.techsupportalert.com/content/matousec-personal-firewall-tests...

MC - Site Manager.

by Teo on 14. January 2013 - 14:44  (104475)

I did not talk about performance in conjunction with matousec tests results, but about protection. Whatever one needs HIPS or not it is own decision, but Firewall with HIPS provides better overall protection (maybe some time over-protection). So, if you can have better performance with more powerful firewall, then this is an advantage for me. Anyone could disable HIPS after all. Do you disagree with this point?

My idea was that PrivateFirewall+Avast provides better performance on my old box than ZA+Antivirus. Much better especially in CPU utilization. And my statement was that despite performance gain, protection will be not worst but probably even better in some cases. Do you think it is senseless? Are there any tests or other sources that shows ZA as better firewall in compare to PrivateFirewall or Comodo?

As I understand the author of the initial message I’ve replied to asked community members to share the experience so I decided to do this due to the similar situation I have with my own environment.

by MidnightCowboy on 15. January 2013 - 2:24  (104482)

IMO it makes no sense to install especially security software and then begin to disable parts of it. Better to install a program that more closely meets your needs in the first place. Also, we are still likely to be confusing the majority of our readers in terms of "protection" because if we include HIPS capability you can argue that the likes of then W7FC and TinyWall do not belong in this review. Please open a thread in the forum if you would like to debate the HIPS components in firewalls. MC - Site Manager.

by Teo on 15. January 2013 - 16:10  (104494)

Actually I did not want to discus HIPS here at all. My point was that from my observations, two firewalls have minimum impact on the host performance. For some reasons those firewalls are designed with HIPS included. I have no idea why well known firewalls without HIPS have more impact on system performance then those two, but I do not see any reason to overload especially old boxes by “non-HIPS” firewall with heavy system impact just because one do not what use HIPS. It could be turned off and as a result we get firewall with minimum performance impact on the host performance. That is a sense to disable software parts and actually “Basic Firewalls” part of this article describes this approach as well (disabling HIPS).

by Anvil2k13 on 20. January 2013 - 11:33  (104668)

wow Dave - that's exactly why I abandoned Comodo recently either!
this initial brilliant freeware came down to bloatware,
very confusing on details and senseless interfering.

had to install and re-install it several times to get other
programs installed. it kept stupidly blocking setting up those despite
the disable or even exit option (with warning) was choosen for the time.

working now with MSE (Microsoft essentials).

the only thing I am missing is a SIMPLE port controling program which gives me an outbound connection warning. I want to know when programs already phone home prior any window screen can be seen.

any suggestions if possible working with XPSP3Pro either?

by Ruud-50 on 23. February 2013 - 15:29  (105696)

I'm a long time user of Comodo so I checked if Comodo still was one of the best free Firewalls. About the network activity I will not argue, as it's something I didn't use up to now and suppose I won't use it in the future.

The interface has changed and it takes some time to find options but this is in line with a lot of other software after updates.

The complains about unrequested software installation: In the installation screen, under the button "Agree and Install" you'll find the "Customize Installer" option where the installation of GeekBuddy and second software option (Browser?) can be deselected.

The sandbox option is new and you don't like it / want it. But the question \ discussion should be if the Sandbox option is a usefull new feature that improves the security that is provided by a Firewall.

The Virtual kiosk button is in my interface, but unlike in your installation, if I click on it I get the question if I want to install the software needed for the Virtual Kiosk.

Update notifications? Open Comodo, in the right upper corner click "Tasks", then Advanced Tasks, Open advanced settings, and you can configure if there have to be automatic update checks and the interval between these checks.

by hakoti on 4. March 2013 - 21:12  (105940)

I am a long time user of Comodo software. And I like it a lot. There are several Comodo security products and one needs to specify which product is being discussed. CIS (Comodo Internet Security) is an all-in-one package including anti-virus, firewall, defense+, sandbox, etc. Then they have other software that provides only one or two of these functions. Pick what you need.

In the past Comodo CIS has been criticized for generating too many alerts, as compared to other packages. The new CIS v6 has almost eliminated all popups for its default configuration. I think that is a good step while at the same time retaining optional settings for those who have advanced needs.

by dbuck53 on 23. March 2013 - 15:29  (106495)

I have used Zone Alarm for years because it always hid my computer, and stop change programs from going out until I okay them again. While Zone Labs owned the program it was super. Then Central Point bought them out and the bloat started. Eventually vsmon.exe became so nasty it was slowing my whole system. It occurred to me then that I wanted Zone Alarm to hide my computer and stop changed programs from going out. I don't need my firewall to do any thing else. I now use Zone Alarm 4.5.x, the last Zone Labs release before the Central Point buyout and will not update it as long as I still have my XP machines.

by darthmalware on 30. March 2013 - 7:21  (106649)

So much crying over Comodo being too complicated and confusing. It installs programs without the option to say no. For starters Comodo does not force you to install anything you don't want. Geekbuddy and Comodo Dragon are optional but I guess you didn't bother to look and read before you installed the software. That's Comodo's fault, right? It's the same garbage I still read in many security forums about how Norton Antivirus is this bloated pig of a piece of software that will never touch their machine. Yes. Yes, it was. Five years ago! Comodo is bloatware. It's too complicated. Why couldn't they leave it like it was? I know, change is hard.

Actually, version 6 is as close to install and forget it as this product has ever been. But even so, I will grant you it is far more complex than the install and configuration for Zone Alarm free. Comodo is actually a brilliant piece of software that an "IT Professional" would have no trouble installing and configuring. This very website has the best instructional you will find anywhere on the planet for setting CIS up and configuring it. Step by step it's all there, but you have to do some work. If you want easy then by all means install Zone Alarm free. It's a decent product and perfect for someone who is not a hands on type when it comes to computer security. Another option is to use the Windows 7 firewall, which is actually very good, and with a bit of work, can be configured to handle both inbound and outbound traffic. Is it easy to do? That depends on the individual. It should be for an "IT Professional" but you might have to some research, and actually read a bit. Does Comodo's suite have any flaws? Yeah, more than a few. I also hate the way version 6 was thrown out into the world with what seemed like a very short beta test cycle. What I cannot stomach is the crying over what Comodo is not. Tell me it did a horrible job protecting your computer and back it up with facts. The last time I looked the entire Comodo suite was "FREE" and is easily one of the best security solutions available to the home user. It is not everyone's cup of tea. I'll buy that, but please stop the cry baby bashing of a product that does not suit your particular needs.

by 57troutrough84 on 3. April 2013 - 22:13  (106792)

What are your thoughts about older versions of firewall like Kerio Personal Firewall or Sygate? What I am looking for is a lightweight and easy to use firewall that won't bog down the computer as some people are still running xp pro and home with 512Mb of RAM. Any ideas or thoughts. I was thinking of installng "private firewall" as it possibly fits the bill as being light and easy.

by Kuoi on 22. April 2013 - 14:51  (107256)

Since today's version 11.0.000.504 of "ZoneAlarm Free" you can't install without checking the 2 following boxes ...

"Set Zonealarm Search as my default search provider for : Firefox"
"Set Zonealarm Search as my home page and new tab for : Firefox"

NO THANKS !!!

Anybody knows a good alternative with user rules ?
With user rules i mean you'll get a popup where you can decide to block or allow a program to send data to interenet.

Greets , Kuoi

by MidnightCowboy on 22. April 2013 - 15:48  (107257)

You can opt out of these changes, or change them back after install.

https://www.zonealarm.com/forums/showthread.php/79478-MUST-select-search...

No one can help you with an alternative unless you tell us which operating system you have. MC - Site Manager.

by rlweiner on 22. April 2013 - 16:43  (107258)

MidnightCowboy: I'm seeing the same thing as Kuoi. The latest ZA upgrade only offers a Quick Install option; the Custom Install option has been removed. Maybe those choices show up later in the installation, but when I chatted with ZA tech support I was told that this is the new normal -- you cannot set or override the defaults during an upgrade. The tech said I'd have to completely remove ZA and reinstall to get the custom install option. I can back up my security settings, but would have to manually undo the changes they make to my search engine and home page. I'm going to stay with the current version of ZA.

by majoMo on 22. April 2013 - 18:54  (107260)

You can try "Windows 7 Firewall Control": easy-to-use and effective! You can run it with native Windows Firewall on - so you don't need to disable in-built firewall.

by MidnightCowboy on 22. April 2013 - 23:55  (107262)

Well, the OP did say install and not upgrade. Even so, most would regard this as a minor inconvenience considering the changes are so easily reversed and certainly no reason to move to a different firewall. MC - Site Manager.

by Sid in Extremis on 23. April 2013 - 0:07  (107263)

Having your browser hijacked is a "minor inconvenience"?

No, it's a reason never to go near the guilty party ever again.

by MidnightCowboy on 23. April 2013 - 1:24  (107265)

Posts like this are regarded as flaming or trolling and we are not alone in making this judgement.

http://www.wilderssecurity.com/showthread.php?t=344524&highlight=zone+alarm

If you wish to debate this particular issue, please post it in the forum because further posts here will be deleted. MC - Site Manager.

by CyberWolf64 on 23. April 2013 - 2:58  (107267)

I was browsing around on Softpedia. And I discovered a rather interesting, um case of TWINS.

Here is the link to the screenshots of PrivateFirewall:

http://www.softpedia.com/progScreenshots/Privatefirewall-Screenshot-567....

OK?

Now, check the screenshots for an older firewall called
Webroot Desktop Firewall:

http://www.softpedia.com/progScreenshots/Webroot-Desktop-Firewall-Screen...

Gee, I believe that when Webroot "disappeared", it became PriveateFirewall, either that or it is a clear case of copying.

Just thought I'd share that with the nice people here.

BTW, I have used PrivateFirewall in the past, excellent package. A wee bit too "chatty", or maybe that would be "naggy"?

by MidnightCowboy on 23. April 2013 - 5:08  (107269)

Privatefirewall is the original code. Webroot licensed this technology for use in their own products. MC - Site Manager.

by Paxmilitaris on 2. May 2013 - 5:34  (107417)

I've been using PrivateFirewall for a while now and i'm back here to see if i can't get something better.

I've gotten a lot of pop-ups, but that in itself is not a problem since i did put all the security settings to high.

The problem i'm having is that the pop-ups stay on screen and on-top of every other windows, for what seems an eternity, after i've clicked allow, now that is very annoying.

Also, this is a firewall and yet in all those pop-ups, i have yet to see the mention of a protocol, a url, an IP, a port or anything related to networking. Does that mean any program that i "allow" to run gets full network and internet access?

btw, i'm on Win XP if that makes a difference.

by MidnightCowboy on 2. May 2013 - 6:46  (107421)

Using any type of firewall with HIPS capability requires an understanding of how this operates and how to respond to alerts. Users should read the vendors documentation before installing the software to avoid setting rules that could be leave their system vulnerable. The PDF guide for Privatefirewall is located on this page. MC - Site Manager.

http://www.privacyware.com/PF_support.html

Further reading.

http://www.techsupportalert.com/content/hips-explained.htm
http://www.techsupportalert.com/content/safe-computing-under-hour.htm

by setcho on 2. May 2013 - 7:28  (107423)

The kind of information you require can be found by clicking 'details' which is next to the 'options' button on the pop up.

See pages 12 & 16 in the PF guide, links in MC's post.

by Paxmilitaris on 2. May 2013 - 7:28  (107424)

I haven't read the documentation, but the pop-ups are clear enough.

You seem to have completely missed the point of my comment.

What i expect of a firewall is to be asked what program should have access to the network and the internet, trough what protocol (TCPIP, UDP, ...), to make outbound or accept inbound connections, from what URLs or IPs. That's the firewall's job. A firewall that's always asking about temp files created by portable software is more annoying then helpful.

The HIPS i need is to know what program is using svchost to access the internet or using firefox.

Do the Basic Firewalls offer that kind of control?

Gizmo's Freeware is Recruiting!

Gizmos Needs YouShare your knowledge of free software with millions of Gizmo's readers by joining our editing team.  Details here.