• Comodo Firewall is the best free firewall. What protects your computer better, Firewall or Firewall?

    A firewall is one of the most important lines of defense when working on the Internet and local networks. CHIP will talk about the main functions of such protection and offer free and commercial packages.

    A typical scheme for using a firewall on a home network of various devices with an Internet connection. One of the most critical computer protection tools is a firewall, which is also called a firewall. It is a kind of gatekeeper that exercises strict control over incoming and outgoing data packets and has a set of rules for allowing programs and services into and out of the network. Surprisingly, firewalls are still not installed or configured properly on many computers. Meanwhile, a user whose PC is connected to the Internet and is not protected by a firewall puts both the performance of his machine and the safety of information at great risk. It’s even worse when the installed tool is configured incorrectly or several firewalls are active on the PC at the same time, as a result of which problems can arise. simple mistakes in the operation of programs and the establishment of connections, as well as critical errors in the operation of the OS. Some users have a bad attitude towards firewalls for the sole reason that when learning mode is turned on, initial stages work, these protections issue many requests to allow traffic from applications attempting to transmit or receive data from the Network. If you refuse such a request from a program, it will subsequently simply not connect to the Internet. On the other hand, allowing an unfamiliar utility to connect means exposing your PC to the risk of infection or data leakage. Even with minimal knowledge of setting up a firewall, such problems can be solved in a few seconds. Nevertheless, the myth about the difficulty of debugging a firewall still persists. CHIP will talk about the basic principles of working and configuring firewalls and introduce you to the most popular packages programs.

    How firewalls work

    The English name “firewall” and the German name “Brandmauer” hide the essence of the action of firewalls. Literally translated, they consist of two words: “wall” and “fire.” Initially, the term was used by firefighters to refer to special structures that can be used to protect adjacent buildings from the spread of fire. If we imagine that various network attacks are a fire, and the PC and home or office network are our home, then the purpose of such programs becomes obvious. In the case of a computer, the firewall takes on the role of a border checkpoint that allows network traffic to pass through and, in accordance with a list of rules, discards prohibited information, and also, depending on the settings, logs attempts at attacks from outside and unauthorized access to the Network. In this case, the user can set the rules for the operation of his “border point”. When creating such rules, depending on the firewall used, parameters such as protocol, address, port number, program name, rule operating time, actions in case of an attempt to establish a connection, and many other settings can be specified.

    What are they like?

    Modern firewalls can be divided into several types, each of which has pros and cons.

    SOFTWARE- special applications that perform the role of a firewall and, as a rule, related security functions. Such tools are relatively easy to install and configure, but they are subject to virus attacks. For example, with rare updates to the system, antivirus and its databases, software firewalls may be disabled or partially damaged by malicious utilities. Unfortunately, the software comes at the cost of CPU and RAM load, which can be very noticeable on a low-power computer.

    HARDWARE- professional, rather difficult to set up and expensive devices that relieve the PC load and are almost resistant to virus attacks. In addition, the operation of hardware firewalls can be invisible to the user and software, and their performance is much higher. Such devices are typically designed to filter traffic and protect the entire network, rather than individual PCs. They allow you to scan traffic for malicious and prohibited content and can be equipped with security add-ons.

    HYBRID are firewalls built into various software and hardware products. They are used as an addition to antiviruses, proxy servers, modems, routers, access points, etc. Typically, such hardware allows you to make the most necessary settings and create several traffic filtering rules, which, however, may be quite sufficient for a home network .

    Windows Firewall: Entry Level Website: microsoft.ru; Price: free This firewall supports the simultaneous operation of several network profiles: domain - domain network in the organization; public - public (public and wireless) networks; home - home or work closed networks. In this way, the appropriate level of security is ensured for each case - for example, internal and virtual networks and Internet access. In the "seven" user interface Firewall in the Control Panel has become more informative. For everyone active profile Additional information about the current settings is displayed. Two links have appeared on the left side of the Firewall Control Panel where you can change the settings for notifications about program blocking and enable or disable the firewall. Conveniently, for each profile, the function of blocking all incoming connections is available. In addition, you can add a program to firewall exceptions - this function is displayed on the left side of the dialog box. If you need to configure permissions for a specific utility, click on the “Allow a program or component to run...” link. To add an application to the list, you must click on “Allow another program”.

    Outpost firewall PRO: comprehensive defense

    Website: agnitum.ru; Price: from 899 rub.

    This product stands out for its well-thought-out interface with full support for the Russian language and an extensive set of protection tools when working in networks. At the same time, due to the large number of parameters, it will be more difficult for beginners to master it. It is possible to connect additional modules and fine-tune the program itself, as well as access to the Application Network: add and remove basic programs, set general rules and change utility policies. The package is designed in such a way that all basic firewall operations, such as ad blocking, content filtering, email filtering, and an attack detector, are assigned to plugins. The main module monitors network activity and the behavior of applications available in the system, and configures all its components. The program can operate in automatic mode or training mode. This is convenient when catching Trojans and spies. The package also includes a plugin for blocking online advertising. In this case, the program uses the “invisibility” mode by default, which makes it difficult to detect the user’s PC. and attacks on him. The utility is also equipped with a self-defense mechanism: when the outpost.exe process is deleted, communication with the Network is blocked.

    Comodo firewall: friendly guardianship

    Website: personalfirewall.comodo.com; Price: for free
    Perhaps the most friendly and simple utility, which at the same time offers ample opportunities and flexibility in configuration. In addition to the basic functions, this firewall allows you to view running processes, is equipped with a proactive protection module, and can run applications in sandbox mode. For example, programs that are not recognized as trusted will only automatically run in isolation. Comodo also offers a convenient system of access rules for Internet applications and flexible control over the activities of software components. The program is automatically configured to work with DLL libraries, which are often used by keyloggers, Trojans and spyware to inject themselves into trusted processes. Application Behavior Analyzer monitors applications for modifications by third-party processes and other suspicious activity. Comodo Firewall constantly monitors its configuration files and blocks changes. However, password protection of settings is not provided. At times of peak activity, Comodo puts a lot of stress on the system. It is also too straightforward: for example, after blocking an allowed application under the guise of which a Trojan wanted to sneak in, you can use the program again only after a reboot.

    Kerio WinRoute Firewall: professional, expensive

    Website: winroute.ru; Price: OK. 10,000 rub. (for 5 PCs)
    This package is actually not so much a firewall as it is a combination of this tool and a proxy server. With such focus and functionality, this program is not necessary for every home or even office network, and even more so, it is not very profitable to use this tool to protect and control the traffic of only one PC. It will be difficult for an untrained user to immediately understand the settings of this complex, but by spending some time studying the utility, you will be able to greatly strengthen the security and control of the entire network. Kerio WinRoute Firewall allows you to connect anti-virus modules to scan all information passed through; configure Internet access rights for different users and PCs (including by time and traffic consumption); adjust the Internet connection speed for each group or user separately; view logs with the history of visits by users of the controlled local network to various resources.

    The program requires a fairly significant amount of resources to operate, especially when used on a large, busy network. It is best to allocate a separate PC for Kerio WinRoute Firewall and create a so-called gateway.

    Kaspersky Internet Security: all included

    Website: kaspersky.ru; Price: 1600 rub.

    This is a comprehensive antivirus package that includes a very powerful and functional firewall. Immediately after installation, it is ready to work and does not require special settings or training. The developers took care of the user’s nerves and drew up rules in advance for working in the Network of standard Windows services and typical applications. Also, by default, the application already keeps all critical ports closed, through which attacks from the Internet are possible. When detected, the module blocks the attacking host for a specified time, which can be configured. There is also a training mode in which you can describe in detail the allowed network activity of each program. If careful configuration is not required, there is a built-in set of standard rules that can be edited. Professionals will appreciate the selective blocking of Java applets, Java and VBS scripts, and ActiveX elements, the vulnerabilities of which are often exploited by attackers. When launching applications, the anti-virus package automatically checks their integrity and blocks them if modifications are detected. For inexperienced users, KIS has visual indicators that display open ports, a graph of application network activity, and count traffic.

    Expert's word. Antivirus plus firewall

    Vartan Minasyan, Head of Product Development Group, Kaspersky Lab Without a firewall, the effectiveness of all other protection methods will certainly be reduced. A typical case when the use of a firewall is mandatory is when the PC is running in public network, for example in a cafe. It is also extremely useful when used in large networks, as it allows you to filter out unnecessary data and requests and thus improve performance. Modern security packages take a multi-layered approach to protecting user transactions and data. All components, such as firewall, antivirus, application control, exploit protection, banking protection, etc., constantly exchange information with each other about decisions made and processes occurring on the computer. Therefore, it is important to use an antivirus and firewall from the same manufacturer, since, working together, they will provide a better level of protection than components from different companies. Beginners can gain initial knowledge about the capabilities of a modern firewall (for example, part of Kaspersky Internet Security) in the “Support” section on the manufacturer’s website: support.kaspersky.ru/8051.

    How to check the firewall

    After installing and configuring the firewall, you should check its effectiveness. Otherwise, the activity of the firewall may be harmful rather than beneficial. The use of special sites can help in solving this problem - such as, for example, 2ip.ru/checkport, portscan.ru, pcflank.com/test.htm, tools-on.net/privacy.shtml?2. In addition, CHIP recommends using test programs(Leak test): AWFT, PCFlank Leak test, 2ip Firewall tester or other similar ones. You can also use vulnerability scanners such as XSpider, eEye Retina Network Security Scanner, Nmap, or run one of them on one of the computers on your network and scan the internal range of IP addresses of the local network you are protecting.

    As soon as they don't write the English word " firewall"in the Russian version - firewall, firewall, firewall, firewall, firewall, firewall, firewall, firewall... Also, instead of "firewall" the name "firewall" is sometimes used.

    What is a firewall? In English, “firewall” has the original meaning of “fire wall”, which was supposed to protect the building from the spread of fire. The German word "brandmauer" has exactly the same meaning. There is no single-word analogue of this term in the Russian language; the most rooted analogue of “firewall” in Russian is “firewall” (option - firewall). Just as a fire wall should block the spread of fire, a firewall from the world computer technology should block various types of unwanted penetrations into your computer through a computer network. Now firewall is a necessary element network security, including the security of the user connected to the Internet (which was already discussed in the review article on the security of the Internet user). In order to filter and control network traffic, there are a variety of tools - both hardware and software. However, in this article we will pay attention to exactly what should protect regular user connected to the Internet, and such a means is usually personal firewall- a regular computer program that is installed on a separate computer and protects it without the help of any additional equipment. Let's give a short overview of the most common and reliable firewalls.

    A personal firewall is almost a mandatory element today software computer connected to the Internet. Without it, there is a risk of unauthorized entry into your computer, viruses, Trojans, and theft. confidential information not just great, but close to 100%, and, most likely, you won’t have to wait long for such penetration. Built-in Windows firewall has very limited opportunities and therefore it makes sense to immediately disable it by installing more advanced protection. In this regard, the task of choosing a firewall for your computer is very important.

    Which personal firewall should you choose? Today there are many well-known, proven products, among which you can find free ones (and most paid ones have a 30-day free period). It should be noted that at present there is already a strong tendency associated with the development of programs for comprehensive computer protection, i.e. those that perform regular firewall functions, blocking unauthorized access to your computer from the outside, and protect against spam, warn about suspicious sites, fighting viruses and Trojans, etc. This comprehensive protection package, released by one manufacturer, is the optimal choice.

    Of course, the most important parameter is the reliability of the firewall, the degree of protection provided and the ability to repel various attacks and threats. But this parameter is not the only one worth paying attention to. Also important is the ease of use of the firewall, ease of setting parameters, performance requirements and the degree to which computer resources are loaded during operation.

    Outpost Security Suite Russian company Agnitum is one of the most famous firewalls ( for a long time took first place in the ranking). Outpost Security Suite is a comprehensive solution that includes protection against viruses, Trojans, spyware, application control, anti-spam protection, blocking unwanted advertising, protection from visiting unwanted sites, etc. One of the best and most reliable solutions. There are both free and paid versions, somewhat limited in settings options.

    Privatefirewall- a comprehensive PC protection solution developed by an American company (actively collaborating with Russian programmers). Privatefirewall provides protection against different types threats, however, cannot independently treat an infected computer, so it is recommended to use it in conjunction with anti-virus software. There is no Russian version yet.

    Kaspersky Internet Security- a solution for comprehensive computer protection from the leader in the development of anti-virus software - Kaspersky Lab. According to tests and user reviews, it provides reliable protection in many respects (one of the best in both firewall and antivirus ratings). At the same time, Kaspersky Internet Security is quite easy to use and configure compared to most analogues. In addition to the traditional modules for programs of this kind, it includes additional functions, such as anti-phishing, parental controls etc. In my estimation, Kaspersky Internet Security is the best choice for most (especially “non-advanced”) users.

    SpyShelter Firewall- a fairly simple and convenient solution for protecting your home computer, developed by a Polish company. Does not contain its own anti-virus module; it can scan suspicious files through the Virus Total Internet service. There is a Russian version.

    Still not clear which firewall to choose? Ask a question at .

    Which one is the best best firewall (Firewall) for Windows - this question plagues many Internet users, paid or free, software or hardware. This question can be answered immediately and almost unambiguously: the best firewall ( Firewall) this is a hardware one, but the best firewall ( Firewall) this is the one that is adjusted with straight hands...

    As previously mentioned the best firewall ( Firewall) this is hardware, prices for which sometimes reach 50-70 thousand. but today’s topic will be a brief analysis of software firewalls ( Firewall) For Windows in terms of reliability/performance ratio...

    Firewall (Firewall) an important element in your PC security arsenal. Unfortunately, the standard firewall ( Firewall) for Windows does not provide the desired functionality and blocks or allows only incoming connections, while all outgoing connections are allowed by default, although the reliability of the built-in Windows firewall (Firewall) beyond doubt.

    The most popular firewalls today ( Firewall) for personal PCs this is:

    You need to decide what is the decisive factor for you when choosing - ease of use or reliability/performance?! Above given list of the most common firewalls (Firewall) for Windows, in order of preference by our citizens. We will not delve into the details of each product, but will consider only the main points of the first two...

    Agnitum Outpost Firewall Pro

    Agnitum Outpost Firewall Pro developed by domestic programmers and is the most preferred firewall ( Firewall) among ordinary ordinary domestic users who almost never look at " Task Manager". Agnitum Outpost Firewall Pro more convenient to use and provides more extensive information about ongoing network events around your PC..

    It is easy to use and provides good statistics about what is happening on the network, but ease of use does not mean reliability/performance! Ease of use" Agnitum Outpost Firewall Pro"costs the user an overexpenditure of system resources and, in some places, regular BSOD. So for example the combination NOD32 v4.0 + Outpost Firewall 2.x called regular BSOD, Outpost Firewall older ones are more voracious for system resources, especially when downloading large files via fast network connection and from servers with good returns!

    The versions of " Outpost Firewall"above the 6th in which the process" acs.exe"When downloading large files over a fast network connection and from servers with good returns, it devours from 15 and up to 50% system resources, and sometimes even higher! And here it doesn’t matter setting the rules or disabling all additional features - it devours system resources ( CPU+Memory) no matter what and even in idle state ( CPU 8-15%)!!! In version " Outpost Firewall 7.5"named" Performance Edition":)) "acs.exe"When idle, it behaves less aggressively, but the time it takes to download large files over a fast network connection and from servers with good performance still eats up from 15 and up to 50%

    Version " Outpost Firewall 4"not so voracious, but crashes were often observed when changing user accounts and more! No offense to the company's programmers" Agnitum"but they are still very far from products like" Comodo Firewall Pro", "Comodo Internet Security" or " Checkpoint Firewall-1"! Whatever one may say, Western developers are achieving greater success in the software field than domestic ones...

    Comodo Firewall Pro

    After long wanderings in search of the best firewall ( Firewall) my choice finally settled on " Comodo Firewall Pro 3.14"which is different from" Outpost Firewall"remarkably stops attempts at incoming connections and does not wildly devour system resources - when idle it uses no more 0-2% CPU and 3-4 MV. In addition, when complete shutdown or fall" Comodo Firewall Pro 3.14"which is unlikely, there is no access to the network, which cannot be said about " Outpost Firewall".

    The program is able to independently analyze each potential threat and, if necessary, issue an appropriate warning. At the same time" Comodo Firewall"recognizes more than 10,000 different applications in various categories ( for example, “safe”, “spyware”, “adware”, etc.).

    "Comodo Firewall"also has proactive protection, proactive protection includes HIPS ( Host Intrusion Prevention Systems) - a system for repelling local threats. The task of HIPS is to monitor the operation of applications and block potentially dangerous operations based on specified criteria.

    Main characteristics " Comodo Firewall Pro":

    • - Full constant control and protection of your personal computer from Internet attacks, Trojans, hackers, malicious scripts and other unknown threats.
    • - Free updates - Comodo Firewall Pro will notify you about the availability of updates and, after your consent, will install them.
    • - Full control over the activity of programs on the Internet.
    • - Control over software updates.
    • - Real-time traffic monitoring gives you the ability to instantly respond to possible threats.
    • - Simple, intuitive multilingual interface ( including Russian).
    • - Free for home and other online users.

    "Comodo Firewall Pro"by default it does not provide statistics on all rejected attempts at incoming connections, but by creating certain rules and properly configuring you can get these statistics. My choice is definitely in favor of " Comodo Firewall Pro 3.14"and I think that it will remain unchanged... Why version 3.14, and not 4.x or 5.x? - yes, because version 3.x concentrates the most basic functions without unnecessary bells and whistles and is less demanding resources than 4.x or 5.x?...

    According to the website matousec.com, Comodo products continue to occupy first positions among test participants: http://www.matousec.com/projects/proactive-security-challenge/results.php

    The truth in " Comodo Firewall Pro"there are no such useful features as blocking active elements and the statistics are poor, but this drawback in favor of saving system resources can be compensated for by the Firefox browser and the AdBlock + NoScript plugins, and if necessary, we will collect statistics with other programs...

    wipfw

    wipfw is an analogue of the ipfw console firewall, but only for Windows. It has more features compared to the standard firewall from Windows XP. Can limit the number of connections from a specific IP address or range of IP addresses. It is possible to identify packets by the set flags SYN, FIN, etc.

    Anyone who has ever thought about the question “which firewall to choose?” has probably encountered the magic square Gartner(a well-known analytical agency).

    At the end of June 2017 Another market report has been released Unified Threat Management (UTM) - Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) and in July 2017 Enterprise Firewalls - Magic Quadrant for Enterprise Network Firewalls. If you are interested in finding out who was among the leaders, how the situation has changed over the past year and what trends are observed, then welcome to the cat...

    UTM Market:

    Let me remind you that according to Gartner's definition:

    “Unified threat management (UTM) is a converged platform of point security products, particularly suited to small and midsize businesses (SMBs). Typical feature sets fall into three main subsets, all within the UTM: firewall/intrusion prevention system (IPS)/virtual private network, secure Web gateway security (URL filtering, Web antivirus) and messaging security (anti-spam, mail AV). ”

    That is, this definition includes network security platforms aimed at small companies (Small) and slightly larger companies (Midsize) (Gartner considers small companies (Small and Midsize Business) to be companies with 100 to 1000 employees). UTM solutions usually contain today's typical firewall functionality, an intrusion prevention system (IPS), a VPN gateway, a web traffic filtering system (URL filtering, streaming antivirus system for web traffic), and a mail traffic filtering system (filtering spam messages and an anti-virus system for mail traffic), and of course we cannot forget about the basic routing system and support for various WAN technologies.

    It’s interesting that, judging by Gartner’s predictions, the firewall market by 2020 will will remain in approximately the same condition as it is now. In 2022 according to Gartner's predictions, solutions of the class will begin to come into use in SMB Firewall as a Service (FWaaS), i.e. cloud firewalls where client traffic will be tunneled, and the share of new installations in the SMB market will be more than 50%, compared to the current share of 10%. Besides, 2022 25% of SMB users will use their firewall as a monitoring tool and intermediate broker to provide inventory and control the use of SaaS resources, as a means of managing mobile devices, or as a means of enforcing security policies on end user devices (currently less than 2% of users use this functionality on firewalls). FWaaS solutions will be more popular for distributed branch structures, this decision 10% of new installations will use it, up from less than 1% today.

    Since UTM solutions are aimed at relatively small companies (by Gartner's standards), it is clear that having received all the functionality from one box, the end customer will one way or another be content with compromises in terms of performance, network security efficiency and functionality, but for such customers it is also it is important that the solution is easy to manage (control via a browser as an example), the solution administrator can be trained more quickly due to simplified management, that the solution contains built-in tools for at least basic reporting; for some customers, the presence of localized software and documentation is also important.

    Gartner believes that the needs of SMB customers and Enterprise customers are very different in terms of Enterprise's needs for the ability to implement more complex management policies, advanced capabilities in implementing network security. For example, Enterprise customers with a distributed branch structure often have branches that can be the same size as an entire SMB company. However, the criteria for choosing equipment for a branch are, as a rule, dictated by the choice of equipment at the head office (usually equipment from the same vendor that is used in the head office is selected for branches, i.e. Low End Enterprise class equipment), since the customer needs to have confidence in ensuring equipment compatibility, and in addition, such customers often use a single management console to ensure manageability of the branch network (where there may not be specialists in the corresponding profile) from the head office. In addition, the economic component is also important; a corporate customer can receive additional discounts for “volume” from manufacturers of internetworking solutions, including solutions for branch networks. For these reasons, Gartner considers solutions for distributed branch structures of Enterprise customers in the solution squares for the Enterprise segment (NGFW/Enterprise Firewall, IPS, WAF, etc.).

    Separately, Gartner identifies customers with a distributed network of highly autonomous offices (a typical example is a retail network, where the total number of employees can be more than 1000 people), who, like a typical SMB customer, have rather limited budgets, very large number remote sites and usually a small IT/IS staff. Some UTM vendors even specifically focus on solutions for such customers more than for traditional SMB.

    UTM as of June 2017:

    And here’s what happened a year ago, in August 2016:

    The list of UTM market leaders includes the same familiar faces - Fortinet, Check Point, Sophos. Moreover, the situation is gradually heating up - the positions of the leaders are gradually moving closer to each other. Juniper has moved from pursuers to niche players. SonicWall has improved its position a little.
    What does Gartner think about the market leaders in the UTM segment individually:

    A representative of the UTM market leaders, the SMB solution is represented by an enterprise-class firewall (Enterprise), which is quite easy to manage and has an intuitive graphical interface (GUI).

    Headquarters are located in Tel Aviv (Israel) and San Carlos (USA). Check Point is a network security-focused vendor with more than 1,300 R&D employees. The product portfolio includes SMB and Enterprise class firewalls (Security Gateway), a specialized solution for protecting endpoints (Sandblast Agent), a solution for protecting mobile devices (Sandblast Mobile) and virtual firewalls (vSEC for private and public clouds). The current line of SMB class firewalls includes the 700, 1400, 3100, 3200, 5100, 5200, 5400, 5600 families, all devices were introduced in 2016/2017.

    3. Sophos:

    He is a representative of UTM market leaders. It continues to increase its market share due to ease of use, good functionality of the Security component, and successful integration with its own endpoint protection solution. A frequent guest on SMB customer shortlists, as well as for distributed networks autonomous offices.

    Headquartered in Abingdon (UK), it employs more than 3,000 employees worldwide. The product portfolio contains a mixture of network security and endpoint protection solutions. The Sophos XG line of firewalls contains 19 models and was last updated in the 4th quarter of 2016; the portfolio also includes the outdated Sophos SG line. Sophos UTM solutions are available as virtual applications with integration with IaaS platforms - AWS and Azure. Endpoint security solutions include Sophos Endpoint and Intercept X. The integration solution between Sophos UTM and Sophos Endpoint is called Sophos Synchronized Security. The vendor's portfolio also includes solutions for protecting mobile devices and providing data encryption.

    Enterprise Firewall Market:

    In 2011 Gartner has introduced a new definition to the Enterprise Firewall market – Next Generation Firewall (NGFW):

    “Next-generation firewalls (NGFWs) are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall. An NGFW should not be confused with a stand-alone network intrusion prevention system (IPS), which includes a commodity or nonenterprise firewall, or a firewall and IPS in the same appliance that are not closely integrated.”

    Back then it was an innovation, around which there was a lot of controversy. Several years have passed, a lot of water has passed under the bridge, and now in 2017. Gartner no longer considers this to be any special advantage, but simply states the fact that all the leading players in this market have long acquired this functionality, and are now differentiating themselves from other vendors in terms of functionality.

    According to Gartner forecasts, by 2020. virtualized Enterprise class firewalls will occupy up to 10% of the market compared to 5% currently. By the end of 2020 25% of firewalls sold will include integration by cloud brokers of connection security cloud services (Cloud Access Security Broker, CASB), integrated via the corresponding APIs. By 2020 50% of new firewall installations will use outbound TLS inspection, up from less than 10% currently.

    According to Gartner, the Enterprise Firewall market consists mainly of solutions for protecting corporate networks (Enterprise Networks). The products included in these solutions can be deployed as a single firewall, or in larger and more complex scenarios, including branch networks, Multitiered DMZs, and traditional “large” data center firewall deployment scenarios. and also include the ability to use virtual firewalls in the data center. Customers must also have the opportunity to deploy solutions within the public cloud infrastructures of Amazon Web Services (AWS), Microsoft Azure, and the vendor must have in its roadmap Google support Cloud within the next 12 months. Products must be able to be managed with highly scalable (and granular) management tools, have advanced reporting capabilities, and have a wide range of solutions for the network perimeter, data center, branch network, and deployment in virtualization infrastructure and public cloud. All vendors in this market segment must support fine-grained definition and control of applications and users. The functionality of Next Generation Firewall is no longer an advantage, but a necessity. So Gartner crosses out the term it coined, since this functionality is considered quite common and absolutely necessary in the Enterprise Firewall market. Essentially, Gartner considers NGFW and Enterprise Firewall to be synonymous. Manufacturers operating in this market focus and build a sales strategy and technical support for large companies (Enterprises), and the functionality they develop is also focused on solving the problems of large companies (Enterprises).

    Gartner states that its research shows that NGFWs are gradually continuing the trend of being replaced separately standing devices IPS at the network edge, although some customers say they will continue to use dedicated Next Generation IPS (NGIPS) appliances in a Best of Breed strategy. Many enterprise customers are interested in cloud-based Malware detection solutions as a cheaper alternative to standalone established solutions sandbox class ( Sandboxing Solutions).

    Unlike the UTM market, the enterprise firewall market does not imply that NGFW solutions must contain all network protection functionality. Instead, Gartner sees the need for enterprise firewalls to specialize specifically in NGFW functionality. For example, enterprise branch firewalls require support for a high degree of blocking granularity network traffic, which should be included in the product base, an integrated service approach to processing network traffic is required, product management should be highly integrated, and not look like a hastily compiled compilation of different engines in one product. The level of protection and ease of configuration of enterprise-class firewalls for branch networks should not be inferior to solutions for the head office.

    In 2017 Gartner focuses on TLS session termination solutions to ensure outbound traffic is inspected for threats such as malicious code downloads and botnet management. In some ways, the ability to inspect outgoing TLS traffic brings NGFW closer to lightweight DLP solutions, since decryption and subsequent inspection of outgoing TLS traffic makes it possible to ensure that sensitive data is not sent outside. However, some customers using this feature may experience a significant performance hit when enabling this feature due to the high overhead of TLS decryption.

    Some advanced customers are planning, and some are already leveraging the capabilities provided by the Software Defined Networking (SDN) paradigm and leveraging micro-segmentation capabilities in a virtualized data center. These customers are looking at vendors with support for various SDN solutions, as well as their plans for further development in the direction of SDN. Solution vendors are incorporating increasingly automated approaches to firewall policy orchestration to deliver the flexibility and business benefits that the SDN paradigm promises.

    Let's now look at the current situation with the Gartner market square Enterprise Firewall as of July 2017:

    And here’s what happened a year ago, in May 2016:

    The list of long-time leaders in the Enterprise Firewall market includes Palo Alto Networks and Check Point. This year, Gartner moved Fortinet from Challengers to Leaders. Passions are heating up - the positions of the leaders in this segment are also approaching each other. Cisco was not able to take the lead this year either, remaining in the pursuers. But what surprises is Huawei, which, among the niche players, was quite confidently placed in the pursuer section.

    What does Gartner think about the Enterprise Firewall market leaders individually:

    1. Palo Alto Networks:

    It is one of the leaders in the Enterprise Firewall market, also a pure Security vendor, based in Santa Clara (USA, California), with a staff of more than 4,000 employees. Produces firewalls since 2007, in 2016. revenues exceeded $1.4 billion. The portfolio of solutions includes Enterprise-class firewalls in physical and virtualized versions, endpoint protection solutions (Traps and GlobalProtect), collection, aggregation, correlation solutions, real-time threat analytics to support defensive measures (Threat Intelligence , AutoFocus), security solutions for SaaS (Aperture). The manufacturer is actively working on integrating solutions into a unified network security platform.

    Palo Alto Networks recently released version 8 of the PAN-OS operating system with improvements for WildFire and Panorama, new SaaS security functionality, and user credential protection. An entry-level firewall model PA-220, a mid-range device PA-800 Series was also released, and the line of firewalls PA 5000 Series (new models 5240, 5250, 5260), which has been produced since 2011, was also updated.

    He is a representative of the Enterprise Firewall market leaders. The product portfolio for the Enterprise market contains a large number of solutions, including NGFW firewalls and endpoint protection solutions, cloud and mobile network security solutions. Check Point's flagship products are enterprise security gateways (Enterprise Network Security Gateways include the 5000, 15000, 23000, 44000 and 64000 families). Cloud security is provided through a vSEC solution for private and public clouds, and there is also a SandBlast Cloud solution for SaaS applications. Endpoint protection solutions include SandBlast Agent and endpoint security solutions. mobile protection– Check Point Capsule and SandBlast Mobile. Also released is the SandBlast Cloud solution for scanning email traffic in Microsoft Office 365. In 2016 models 15400 and 15600 became available for large corporate customers, as well as 23500 and 23800 for data centers.

    Recently, new Hi-End platforms 44000 and 64000 were presented, vSEC was released for Google Cloud, and also came out new version R80.10 software with improvements to the management console, improved performance and SandBlast Anti-Ransomware, providing protection against ransomware-class malware. Also introduced is the new Check Point Infinity network security architecture, which integrates the security of networks, clouds and mobile users.

    Check Point has also been expanded cloud solution protection against Malware, which can be integrated before SaaS email services. Check Point offers numerous software blades that expand the capabilities of the firewall, including advanced protection against malware - Advanced Mailware Protection (Threat Emulation and Threat Extraction), Threat Intelligence services - ThreatCloud IntelliStore and Anti-Bot. Check Point supports its firewalls in the Amazon Web Services (AWS) and Microsoft Azure public clouds, and integration solutions with SDN solutions from VMWare NSX and Cisco Application Centric Infrastructure (ACI) are available.

    A Check Point solution should be on the short list of enterprise customers for whom price sensitivity is not as important as the granularity of network security functionality, coupled with high-quality centralized management for complex networks. It is also a good candidate for customers using hybrid networks consisting of on-premise equipment, virtualized data centers and clouds.

    Only registered users can participate in the survey. , Please.

    I ran into a serious problem. Young Windows was good, but it had a huge number of dangerous vulnerabilities that made it easy for hackers to penetrate the system. The only way out of the situation was to develop separate software that would monitor network activity and stop unwanted traffic.

    Microsoft developed its own firewall and integrated it into Windows. Today we know this application as Windows Firewall. Unfortunately, the built-in firewall turned out to be not very reliable. Your computer still needs third-party applications to ensure network security. Here are the best free firewalls that will give you that security.

    ZoneAlarm Free Firewall

    ZoneAlarm Free Firewall - one of the oldest and most famous firewalls. Its first version was released back in 2000, and the latest one was released in January 2017. The firewall can hide open ports, detect suspicious traffic and disable malware. ZoneAlarm Free Firewall also regularly communicates with the DefenseNet server, from where it obtains information about the most current threats. The firewall can protect the user’s PC when working through public Wi-Fi points. The only disadvantage of ZoneAlarm Free Firewall is that it may conflict with other programs that provide network security.

    Comodo Firewall


    If you don't like firewalls that bother you with too frequent notifications, you should pay attention to Comodo Firewall . This program is quite “silent” and does not bother the user over trifles. Meanwhile, Comodo Firewall is quite reliable. The firewall monitors your network and compares system and application data with a huge list of dangerous files. On at the moment this list contains information about more than 2 million threats. It is replenished daily.

    PeerBlock


    While many firewalls attempt to provide comprehensive protection, PeerBlock serves only one purpose. This firewall blocks access to your computer from known dangerous addresses. This is an excellent choice if you want to protect your privacy from ad networks, tracking software, government or private anti-piracy organizations, and other Internet nasties. PeerBlock automatically updates the list of potentially dangerous addresses, but you can also change it manually.

    TinyWall


    TinyWall - a lightweight and silent firewall that does not irritate the user with pop-ups and notifications. Essentially, TinyWall can be considered a plugin that improves the performance of the built-in Windows firewall. The program is perfect for beginners, since it does not have any complicated settings.

    OpenDNS


    OpenDNS is not a downloadable firewall, but an Internet service that provides publicly accessible and secure DNS servers to everyone. You just need to specify the correct data in your router settings so that all your traffic goes through these servers. This is very convenient for users whose home network has many Internet-connected devices, especially smart home gadgets.

    Anti NetCut3


    If you often need to use public Wi-Fi, firewall Anti NetCut3 can help you protect your system when connecting to a compromised point. This program is designed with the sole purpose of monitoring a specific network connection. All you have to do is specify which adapter to monitor. It could be Wi-Fi adapter, if you are connecting over the air, or network card, if you access the Internet via cable.

    Read more: