Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Free, full-featured, still available -- choose any two
Published: 2005-12-14

A community-based firewall is making waves this week as an increasing number of free firewalls disappear from the landscape.

As the consolidation of the software-security market progresses, personal firewalls that are both full-featured and free are becoming more of an endangered species. Earlier this year Sygate was acquired by Symantec (the owner of SecurityFocus), and last month, the company announced that development and support for Sygate's personal firewall would be discontinued. Just two months earlier, Tiny Software was purchased by Computer Associates, resulting in stagnant development of the Tiny Personal Firewall. The latest release dates back to August 24 and is a 30-day trial only--no free version seems to be available.

This is not to say that free firewalls do not exist, simply that the trend seems to indicate less choice in free offerings. Moreover, anyone requiring a full-featured product has little choice but to purchase a commercial product.

Core appears to be bucking this trend with its recent firewall beta, and if successful the resulting effects may change the way the industry thinks. The Core Force Beta was announced in November, and includes a stateful firewall with filesystem and registry access control protection--all offered under an Apache 2.0 license for free use in both commercial and non-commercial environments. A key aspect of the product is the concept of a collaborative community of users to contribute and improve the endpoint’s security posture.

Currently, users are involved in peer-reviewing the various profiles available, many of which are created by the community. The profiles themselves are granular, and there is future potential to have these profiles distributed and ranked via a peer-to-peer system. No vendor in the space currently offers a free host intrusion detection package. Although Microsoft’s Antispyware--and now referred to as Windows Defender--combined with the firewall in Windows XP SP2, tight OS hardening using ACLs and memory protection such as DEP could provide similar capabilities to the high-end HIDS packages, Microsoft remains far from having an integrated solution.

Posted by: Peter Laborge
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus