Forum Discussion
My Wish: A full fledged firewall for Windows 10
I had replied back, via email, but it did not register here, so I am copying what I said in the email here.
Interesting. I used to use something called 'Tiny Personal Fire Wall', some time ago. Are they related? I also used 'Zone Alarm' in the past. I will have to take a look at 'Tinywall'. Thanks for the information, as it seems that the product does some of the things that I would like to do.
As for Windows firewall, yes, it is more difficult to get 'under the hood'. In fact, I was looking for the IP/country blocking capability and did not find it. The 'help' section had no listing for such an item. I also wanted to look at the possibility of managing ports. The 'Microsoft Management Console' was not helpful in this regard either.
As for additional hardware, or a 'VM', I am not that motivated! I have been tempted to dig up a vulnerability scanner and point it at my system, just to see what I might see. I decided not to though, as I figured it might give me a headache, with false positives, and my not having full firewall control. I was going to use a Nmap.
If you don't want to go the route of a VM you can simply replace your current router with a pfSense appliance. Check out "Netgate" products (They're partnered with the pfSense team) They just released a few budget friendly models.
- Jack SmithAug 01, 2017Copper Contributor
With the Pfsense software being free, and the only need being to purchase the hardware, tailored to your situation, this is reasonable item. I took a look, seeing a SOHO firewall, with retail cost of $299. I have added the Pfsense software, and website to my 'to do' list for going through. I saw that they use 'Snort' also, which got me a little curious. I had a Netgear firewall at one point, which I had to get rid of, as they did not update the software and it became listed as 'vulnerable', due to a software problem. I think it died off, due to lack of consumer response though, resulting in lack of further software updates/development. It was removed from the market.
- Justin SatavaAug 01, 2017Copper Contributor
I personally buy old Dell Optiplex SFF towers refurbished locally, either with an i3 or an i5 depending on what it's being used for (The Core 2 Duo / Quads don't properly support AES) and I get them cheap too, around 150-250 each. I then throw a dual Intel Nic and a pair of Sandisk SSDs in them to take the total spent up about another 100 bucks. I install pfSense with the dual drives in a geo mirror. I've installed these as firewalls in several buildings that I handle IT work for, as well as my home and the company I work for. The appliances are great if you don't want something bulky or power hungry, but the small form factor towers are great if you have high speed connections with multiple vpns (almost every company I take care of has a vpn tunnel into my home and my office firewall in addition to telecommuters). pfSense is updated regularly and has shown no sign of falling off the grid like older devices do because it's a soft solution. The most recent update (2.4) will be utilizing freeBSD 11 as the back end (currently 2.3 uses freeBSD 10.3). If this software appeals to you, be sure to check out freeNAS as well. It's also freeBSD based and handles almost everything I need for home and small office.
Hope that sheds some light on the software!
- Jack SmithAug 01, 2017Copper Contributor
Yes, I did see the mention of the freeNAS software, which I had planned to check out also. I am running a Dell Precision, T3500, which fits my home need, and gives me extra power. I purchased a second one, which I am just about done upgrading. I had thought about throwing VMWARE on my 2nd one, but decided not to regress. I had been running Linux/Windows at one point, as a dual booting system, on an old Optiplex. FreeBSD has a long track track record.
Thanks for the pointers. I have been cleaning the cobwebs out of my head, looking at solutions for the current day.