speedguide.net
Tiny Software Personal Firewall v1.0 A great ICSA certified software firewall
I've been using hardware routers (Internet sharing and Firewall protection) for so long that I was really thrilled when Tiny Software offered to let me try out their products. I had almost forgotten how much I preferred soft Sharing/Firewall software packages over their hardware based brothers and sisters. Tiny Software currently sells three different products, starting with a home/small-business network router, and a very heavy duty professional version that has many advanced features (including features like a built in mail server and DNS forwarding). Both of these software packages come with a very highly praised Firewall. Tiny's 3rd product is that Firewall in a standalone version. It doesn't even seem like they ever set off to release a stand alone Firewall, and this is also what they claim. Apparently there were a great deal of requests for this.
There are a lot of personal Firewall packages out on the market (including a really good free one). Why should we look at buying this one? Even after using the product, I can't give a straight answer. On one hand this Tiny's Personal Firewall is completely devoid of "extra" features that appear in other products (such as ad blocking, etc.). On the other hand, it's a slim 100% top quality Firewall with very little network overhead or impact, which can be rare. Some Firewall products can really slow down a network. The most important thing to consider is that this Firewall is the same as the one in WinRoute, which is ICSA Certified. You won't find anything like BlackIce, ZoneAlert, or Norton Internet Security 2000 on the ICSA Certified list (but I'm sure they want to be). I'll talk more about ICSA Certification later on and give some links. If you are in the market for a Firewall program, you will have to decide between extra features or the slim and fast Tiny's Personal Firewall that is the most secure one I've ever used. You may also decide it's best to go with a free one. Many other Firewalls do come close to the security provided by Tiny's Personal Firewall. So who is Tiny Software? To be honest, I had never heard of them before a month ago. Here's the bio information from their website:
When I looked around for additional information on the company I became impressed fairly quickly. It seems they're leaders in their chosen industry, getting more press than most of their larger and more powerful competitors. And hey, they even mention Napster in their product description of the Firewall, so you know their cool! Their biggest fame lately seems to be coming from being the Proxy/Firewall supplier to the U.S. Naval Aviation Systems Team, and for quickly developing a solution to a serious Microsoft Outlook Security Flaw. Let's install the Firewall and kick it's tires.... Installation I tested out the Firewall in both Windows 98se and Windows 2000. I didn't have any problems (of any kind) in either OS after using the Firewall for a period of days. Just as a note, almost all of the screenshots and security tests were done while in Windows2000. I didn't see what I expected after the installation. The Firewall installation does not set the Firewall to run automatically. I love to see things that don't make a mess of my registry (cough - Norton), but there should have (at least) been an option during installation to configure the Firewall to start automatically with the system (or to run the Firewall as a service in Windows 2000). As it is, you will have to manually create a registry key or (more simply), copy a shortcut to the Firewall executable into your Startup folder on the Start Menu. After starting the program only one process was listed relating to the Firewall. I have to say I think of this as a "plus". With some other Firewalls there is the Firewall software itself and a more hidden engine. Completely disabling a Firewall can be necessary at times, at you'll have one stop shopping (or closing) with this one. This is something I didn't like though, I could not find a way to remove the application button from the taskbar. I would very much prefer to be able to minimize the Firewall application down to the Systray icon only. Those two items are my biggest complaints with this this Firewall, and I hope that they can be added in a future release. This is only Version 1.0/Beta1 so there's still hope.
Of course advanced logging like that doesn't make a Firewall good, and we already know that BlackIce has some holes in it. I'll admit it is eye candy, but I do enjoy knowing how violent my Internet connection can be. Also, I use to enjoy attacking the attackers. That only brings bad karma though, so I had to stop. Let's do some testing.... Testing The first thing I wanted to see was how big of an impact the Firewall software would have on network performance. I just did one test and decided to use the Thief2 demo from Download.com as a testing platform. It's a very large demo (130MB), that isn't downloaded too frequently anymore. It seems the demos real home is the FTP server of Dailyradar now though. I started the downloads and stooped them about 30 seconds later (after things had stabilized). There was less than a 1% difference in speed with the Firewall running, so there was almost no impact on throughput because of the Firewall. On the flip side, home Firewalls like Norton's Internet Security 2000 (more features but twice the price - and they didn't write the Firewall, they bought AtGuard out), is a now violator of bandwidth. Not to mention it's installation is like exploding a can of Norton spray paint on your registry (I hate that). My first stop on the security checklist was Steve Gibson's Shields Up test: I should point out here that ) if you are running your system without a Firewall of some type, Microsoft OS's do almost nothing to protect you (especially if you have Cable or xDSL). You might has well just take your computer over to a hackers house and leave it on the doorstep. I actually felt somewhat creepy while the "naked" tests were running. I don't like feeling that "exposed" with an always on connection. I usually log 10-20 attacks per day, and sometimes much more.
Look at that...... "smack" I've tested a lot of Firewalls (hard and soft - insert joke here), and a score of "0" is very rare for anything a normal human can afford for home use. Again, if "normal" security settings are selected you will be questioned on every unsolicited request. Normally this will be a rare occurrences, and I think it is much better to get a choice. Let's wrap things up ICSA Certification ICSA's website explains very well who they are and what they do. Also, it's a great website to checkout from time to time to keep up with Internet security issues (including viruses and current hacking methods, etc.). They don't "Certify" a product unless it's really good; this in not a lightweight certification by any means. Links to ICSA's website are at the bottom of this page. If you read up on the certification that Tiny Software received, you'll need to keep in mind that the "mothership" product "WinRoute PRO" itself was certified before the Firewall was separated to be sold as an individual program. But, the Personal Firewall is the Firewall from WinRoute PRO. Next, I'll be reviewing the home version of WinRoute PRO which is called WinRoute Lite, followed by the full WinRoute package. The "Lite" version is comparable to software such as WinGate or Sygate or Microsoft's ICS included with Windows 98se, Windows ME, and Windows 2000. If you are using ICS (Internet Connection Sharing) now I'd suggest you do some reading on it, as it is a security nightmare untweaked (of course no configuration tool comes with it either). ICS is not a Firewall and does not include one. If you do share your Internet connection and are interested in the personal Firewall, I'd suggest looking into buying the full version of WinRoute Lite. The cost for a 3 user license is $59, so it will cost you only $20 more to get the Firewall and Internet Sharing. Especially if you run a business (small or otherwise) it is more cost effective to centralize your Firewall on the proxy server. With any Firewall software, package you are required to purchase a separate license for each computer it is installed upon. You should be looking at Tiny's Personal Firewall if: You share your Internet connection with ICS (to be placed on the sharing system with ICS), or if you only use the Internet on one system only. Remember, if you have cable or xDSL service you are especially at risk. The Good
The Bad
Recommendations for Tiny Software I hear the former Taco Bell dog is out of work..... he'd make a good mascot. You could call him "Tiny" and have commercials where he ankle bites evil hackers and then steals their tacos. Or maybe he could jump through windows and chew through network cables. Basically everything in the "Bad" section is just a feature that could be added... I'd love to see these features appear over time. Knock Knock... anyone listening? :) Keep in mind that this is the very first version of a Firewall that was stripped out of a larger Proxy software package by popular demand. I have no doubt that it will improve and be enhanced. I'm sure many things that I consider stand alone Firewall features were part of the larger WinRoute packages.
McDougall: I worked at Intel for a few years, so I guess that's impressive.... Every day I regret the fact that I quit (I had to move back to my home state). Now I'm a corporate slave designing circuits for perhaps the largest baby bell phone company in America. The sick thing is my job now is really high tech data entry. I've got that nasty 1+ hour rush hour commute each way that makes life o' so fun. But, it pays good... Have you sold your soul to corporate America too? Play by the rules but don't let them break your mind....
Copyright © 1998 - 2003 Speed Guide, Inc. All rights reserved. All trademarks and logos are © of their respective owners. |