Review: Vista Firewall Control
I currently have an ADSL modem/router/firewall for my broadband internet and it provides a pretty good firewall that stops unwanted incoming connections. It passes the Shields Up! test at GRC, which is well worth running to make sure that your internet connection is secure.
The firewall however lets outgoing connections do what they like. This is a problem if spyware somehow gets into my PC as it can ‘phone home’ without restriction. There are a few options for firewalls in Windows XP (still running on the old Sony Vaio), and I preferred the Sunbelt Personal Firewall even if getting a Windows Mobile connection working was a pain in the neck. When I started using Vista this software was not compatible with Vista, so I looked around.
One of the ‘new’ things with the Vista firewall is that it can restrict outgoing connections. About time! The downside is that the configuration of this requires local policies and lots of other uglyness. This is where Vista Firewall Control steps in. This neat bit of software manages the built in Vista firewall with a nice GUI rather than reinventing a whole new firewall (like the other options do). I hope this means that if there is a problem with the Vista firewall it will be picked up quicker because more people are using it than XYZ Firewall. Free versions and trial versions are available and they are fully functional, which is nice. I’ve gone for the trial version since I like to configure applications separately.
Each application can have its own ‘zone’ rule, and there can be many zones. Lots of zones are predefined, but custom ones can be added. I have added a zone that allows incoming and outgoing connections on my LAN, but only outgoing connections to the internet. Restricting outgoing connections saves money when you’re using a 3G phone service to access the internet. Nothing worse than firing up the bluetooth connection to the cellphone and have something like Acrobat Reader decide to download $20 worth of updates! If the firewall needs to be deactivated (I’d only recommend this if you have a hardware firewall too) so software can update then this is very simple to do. Conversely, locking down the computer is also a simple right click, left click option (although turning off WIFI or pulling out the ethernet cable is probably faster and easier).
Vista Firewall Control doesn’t slow the PC down at all because it isn’t actually doing the hardwork. It does provide popups when new applications first access the network, and it has settings for what the default permission will be. The first time an application tries to talk to the big wide world its request will be rejected, but if you are using the non-free version then it will quickly be set to the default access. The FAQ (which I agree with) suggests that the default is left as ‘disable’ to stop outbreaks, but a more moderate approach might be to set the default to ‘LAN Only’ if you need to access local intranets or email servers.
All up, this is pretty good software and since I haven’t found anything better I think I’ll probably spend the US$29.95 and get the full version rather than going back to the free one.
