Ron,
I personally have some experience with it (together with sygate routing
application on
a system dedicated as being a router / firewall ).
For security from the outside is pretty secure...
Sygate personal firewall works the same as many other home personal firewall
applications...
You give access to an application to get access thru the firewall.
If you use Sygate personal firewall together with sygate you just grant
sygate.exe access
through the firewall and it just works.
But this isn't a very secure solution because every traffic from the network
goes through
sygate.exe and thus also thru sygate personal firewall.
If just as if you plan to install it on a users workstation. You must give
every application
access thru it before it can use the internet. If you use it and you know
what each application
does then it's OK. If you have a user that doesn't know what pirch.exe does
of what kind of
application it is then you have a problem because that application can be a
trojabn horse trying
to access the internet.
As we all know this is one of the big flaws of a personal firewall... from
the mean and
frigtening internet it's pretty secure.. But traffic from your local
network to the internet is
most of the times granted and users with a small amount of knowledge can be
potentially
the weakest link in your network.
As for the IDS part...
I have no experience with that. I used BlackICE for the IDS part.
Anyway... I changed my sygate personal fw for a nice and pretty secure
OpenBSD one....
Oh... sygate personal firewall is also pretty stable, although I noticed
that sygate itself can
crash if you put a lot of traffic through it.
But I don't know in what kind of environment you want to use the
application, but if you want
to use it as a central firewall then I would suggest to go for a *nix based
solution. Or if you have
very good educationed users then putting the application on each workstation
is a nice solution
but not a very secure one.
I hope that you have something about this information
Greets,
brenno
> -----Original Message-----
> From: Ron Ryan [SMTP:[EMAIL PROTECTED]]
> Sent: donderdag 5 april 2001 16:39
> To: [EMAIL PROTECTED]
> Subject: Sygate personal firewall?
>
> Does anyone have any experience on the Sygate personal firewall? Strengths
> or weaknesses? How does it compare with ZoneAlarm? It appears to have
> built in IDS capability which may or may not be useful depending on false
> positives etc. It also filters based on application, IP address, and
> port.
> Thanks for any input,
> Ron
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
