Vista firewall gets thumbs down
One of the security improvements in Vista was supposed to be an upgraded firewall that monitored outgoing traffic as well as incoming. Although the Vista firewall can monitor outgoing traffic, it does not do so in its default setting. Further, configuring the settings for outgoing traffic is quite technical and complicated. Three different articles have appeared with the opinion that the outgoing function is basically useless in actual practice. At CNET Robert Vamosi says:
In Windows Vista, Microsoft says its new Windows Firewall is now two-way, that it adds outbound protection, but a closer look reveals that this is more deceptive marketing spin. With Windows Vista what you get turns out to be a half-cocked firewall that’s hardly worth the upgrade.
And at ZDNet David Berlind comments:
So, the bottom line is that once again (actually, nothing has changed), the Windows Firewall is actually worse than having no firewall at all since (a) its presence leads you to believe that your computer is protected by a firewall when it really isn’t (a false sense of security), (b) the system offers nothing in the way of a suggestion that encourages users to establish outbound rules, and (c) is nearly impossible for mortals — the majority of Windows users — to configure
Even Preston Gralla, who is a Vista enthusiast, is critical about the firewall. At PC World he writes:
Microsoft touts Windows Vista as giving significant security improvements over Windows XP, and it offers the Windows Firewall, with its new two-way filtering feature, as one reason for that better security.
But as shipped, the Windows Firewall offers little outbound protection, and it’s not clear how outbound protection can be configured to protect against spyware, Trojans and bots.
I was initially taken in by the Microsoft literature and assumed that Vista was coming with a real two-way firewall. After looking at what it takes to configure the outgoing monitoring, I see no way that the average home PC user is going to be interested in trying to set up that function. Thus, the Vista firewall is not really an improvement over the one in XP. I have seen arguments by Microsoft apologists that monitoring outgoing traffic serves no purpose anyway and only confuses users. But that is begging the question. If outgoing doesn’t matter, why tout the two-way nature in the first place? Anyway, I am one who definitely wants to be able to monitor and control outgoing Internet requests.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.