其他連結

產品功能

Outpost Firewall PRO 2009

Outpost Firewall 防火牆 3.5 (繁/簡/英)

最新消息

Outpost Security Advisories

Agnitum Directions

Outpost Firewall PRO 4.0 有哪些新特點?

全新 v4.0 智慧防護

試用版下載

網上登記 Registration

續期登記指南

用戶手冊下載

安裝指南

常見問題集 FAQ

Outpost 銷售地點

聯絡我們

History of changes

Screenshots

相關文章

Outpost Firewall Pro 3.5 被評 為 A 級終極之選

Outpost Firewall Pro 3.5 於台灣雜誌《電腦王》 2006 熱門防火牆折磨測試中被評為 Firewall 中的 A 級終極之選 。

Outpost Firewall Pro 3.5 was ranked A --- Ultimate choice for users

Outpost Firewall Pro 3.5 於台灣雜誌《電腦王》 2006 熱門防火牆折磨測試中被評為 Firewall 中的 A 級終極之選 。

OneCare Firewall: a light-weight approach to a heavy-duty problem

辦公室防衛實戰 (1)

辦公室防衛實戰 (2)

辦公室防衛實戰 (3)

Version 2 Limited 最新推出 Outpost Network Security

Outpost Network Security適合大中小型企業,能保護企業的網絡、工作站,以免受到內外威脅。Outpost Network Security配合獲獎無數的防火牆及強大的反間諜軟體,能為你公司的數據提供簡單易用、價錢合理、可靠的保護。另外,其中央管理及自動運作表面配置更令保護運作得更快捷。

Outpost Firewall 榮獲 PC Shopper Buy 家鑑定團頒發「五星級編輯推薦」

要全面防禦駭客、避免個人資料外洩,便要於電腦上安裝防火牆。在電腦系統安裝防火牆,能保護電腦在網路上的資料進出動作,能有效將危險、不安全的連線阻擋。挑選一套專門的個人防火牆軟件對於所有電腦用戶均十分重要。

Independent tests identify Agnitum Outpost Firewall Pro 4.0 as the security software best able to defend itself from attack

Outpost Firewall 新品上架 最新版本 Version 4.0

網上是充滿著危險,網絡蠕蟲、間碟軟件、木馬等可造成巨大破壞。小則拖慢電腦,大則使系統癱瘓,甚至導致個人資料完全外洩。要為你提供今時今日你所需的保護,你的防火牆必須能夠監察所有對內及對外的連線,並且能讓你的電腦隱身,以免受到攻擊。

Outpost 個人防火牆 - OneCare Firewall: a light-weight approach to a heavy-duty problem

Outpost Firewall


Introduction

PDF version PDF version of Security Insight article 

Since Microsoft released its Windows Live OneCare security kit in June, there has been much discussion as to how the product would benefit ordinary PC users and whether it really delivers on its mission of providing reliable, yet easy-to-use, PC protection for consumers. On top of those discussions came accusations (http://sunbeltblog.blogspot.com/2006/06/microsoft-practices-predatory-pricing.html) that Microsoft was engaging in predatory pricing intended to drive off competition and stifle innovation in the security space for consumers.

In order to fully understand the ins and outs of the debate, we decided to go ahead and install the product and conduct our own in-house assessment of the OneCare-bundled firewall protection. We are pleased to share the results of this test run with you in this month’s Security Insight.

A brief glance

The OneCare interface looks sophisticated and well-organized; it has a colorful information window from which all program settings and commands can be accessed. The program is based on Microsoft’s proprietary .Net technology and requires users to install the .Net package before using it.

As we were primarily interested in the firewall component, we went first for the Firewall tab - available from the Settings menu. The remainder of this article is a description of our experience and the impressions we garnered while using the OneCare firewall.

A firewall’s applications treatment

By default, OneCare firewall is set to address programs in an automatic mode – every program access is managed through the Microsoft-created and supplied application behavior policy. Programs that are allowed to connect to the Internet are included in that policy and the firewall simply lets them connect without restriction.

The problem with this policy is that it covers a very limited number of applications, so the user is forever having to respond to notifications from other quite legitimate programs as they attempt to access the Internet. Another weakness of this approach is that, no matter whether the firewall is in automatic or user-definable access mode, it first blocks the application from accessing the Internet and then asks whether the program should be permitted to access the Internet on subsequent occasions.

What this means is that a legitimate program soliciting first-time access to the Internet, in our case an IM chat program, cannot connect to the Internet; after a brief delay, a message to this effect appeared on the screen. It’s really not very user friendly to deny connections to programs accessing the Internet for the first time, and it limits the program’s functionality until a restart restores programs’ operations to a normal state. The way unknown programs are treated by the firewall leaves users with the impression that every application is presumed guilty - by being blocked - until proven otherwise.

The same cannot be said of how OneCare fares with leaktests (http://www.firewallleaktester.com, http://www.pcflank.com). After OneCare has worked for a couple of hours and created a reasonable-sized database of application access rules, we subjected the firewall to a slate of leaktests intended to verify how the program would protect users against imaginary malware attempts to upload data from the host computer. The results were very poor, with the OneCare firewall passing only the most basic and simple leaktests and failing the rest. Amusingly, it treated leaktests as if they were normal Windows Explorer (explore.exe), Internet Explorer and other credible applications widely used on a Windows-based computer, failing to detect the tests’ tendency to imitate, implant its code in, or hijack a credible application on which behalf it subsequently gained access credentials.

The implications of this poor performance are far-reaching: any competent piece of malware would have no problem stealing data from a PC ‘protected’ by OneCare, and the firewall uttered not a single peep to prevent this from happening. This is a pretty serious shortcoming, since one of the primary functions of a firewall is to protect against unauthorized program connections – both incoming and outgoing; OneCare on this basis does not even meet the minimum requirements for an effective firewall.

The OneCare firewall is so basic that it doesn’t even provide for the creation of advanced application access rules – you can either allow an application to access the Internet or deny it. You cannot make a rule, that, for example, would enable Internet Explorer to access some websites and not others (on the basis of IP address, for example). Nor can you specify, for example, time-based access permissions and apply advanced access parameters to the way applications are allowed to connect to the Internet, such as stipulating trusted access ports and protocols for a particular application.

Despite these major failings, OneCare does have other qualities, both good and bad, that it is worth mentioning.

Network configuration and intrusion prevention

OneCare firewall detects your network configuration and can limit access to the user’s files and printers to members of the same network (a subnet), with access from the Internet being restricted. Just as with granting applications Internet access, this is very basic; you cannot create advanced rules or specify advanced whitelist and blacklist settings of remote locations for Internet or complex network domain access. The same limitations apply to access through the Remote Desktop.

Amazingly, OneCare lacks the accepted industry standard of Intrusion Detection and Protection systems used by most third-party firewalls (Outpost Firewall Pro, Norton Personal Firewall). This is a serous omission, as there are many hacker tools available today which can generate automated, wide-scale intrusion attempts on thousands of PCs in the hope of finding inadequately-protected PCs that can be exploited in the future. These tools are being constantly improved and expanded, and it is very quite disturbing that Microsoft does not provide any kind of protection against such attacks for their OneCare customers.

OneCare’s packet filtering is on a par with its competition, and the ability to select a port range for any chosen protocol is a useful feature.

Performance and compatibility

Although the program works quite fast on a mid-range PC, the way it handles programs launched for the first time is less than satisfactory. By default, all executed programs undergo an initial spyware scan with OneCare’s Windows Defender (currently in its Beta 2 version), which delays program execution by as much as ten seconds. We also found, towards the end of our evaluation, that this may not be limited to the first program run. Windows Defender is updated separately from the main program update, and may start at any time, regardless of how much bandwidth you may be using – for example, if it starts up when the user is at a crucial point in an online game, the gameplay could be badly interrupted.

We also found compatibility issues with OneCare – but not the ones you’d expect. Before installing the software, we already had a running firewall on our computer (of course – as would most people). Guess what happened next? OneCare neglected to warn us of any need to first de-install the existing firewall before proceeding with the installation of OneCare. So, we found that OneCare worked smoothly alongside Outpost Firewall Pro, and that Outpost Firewall was the first to monitor the system, ask questions and protect the user – not OneCare. That’s not good news for OneCare.

Before we finished our testing, yet another unfortunate incident occurred – OneCare blocked Internet access for our installed browsers (IE, Firefox) altogether and only permitted them to connect to the Internet in idle (switched off) firewall mode. This is when we finally parted company with the entire OneCare suite.

Conclusion

Although the program is very intuitive, nice to look at, and easy to use – which is good for the program’s target audience of inexperienced users – its functionality is a big let-down and does not serve that inexperienced user audience well. It reminds us of those a colorful and feature-rich Graphical User Interfaces (GUI) with nothing behind them that you sometimes see at exhibitions, because the vendors couldn’t finish the whole program in time. Microsoft OneCare needs a serious overhaul before it can be considered anything more than just a fancy interface with no real security under the hood