Outpost Firewall Pro

[Venice Sassone]

OutpostFirewall Pro monitors incoming and outgoing network traffic on Windows machines. Outpost also monitors application behavior in an attempt to stop malicious software covertly infecting Windows systems. Agnitum called this technology "Component Control" and "Anti-Leak Control" (included into HIPS-based "Host Protection" module). The product also includes a spyware scanner and monitor, along with a pop-up blocker and spyware filter for Internet Explorer and Mozilla Firefox. (Outpost's web surfing security tools had included black-lists for IPs and URLs, unwanted web page element filters and ad-blocking. The technology altogether is known as "Web control".)

Outpost Firewall Pro allows the user to specifically define how a PC application connects to the Internet. This is known as the "Rules Wizard" mode, or policy, and is the default behavior for the program. In this mode, Outpost Firewall Pro displays a prompt each time a new process attempts network access or when a process requests a connection that was not covered by its pre-validated rules. The idea is to let the user decide whether an application should be allowed a network connection to a specific address, port or protocol. Outpost Firewall includes pre-set rules for many popular applications. Users could optionally submit rules they had created.

Outpost Firewall Pro users developed an unofficial web forum fed by Agnitum[5] since 2002 to discuss product features and support. The forum is moderated by experienced senior users of Outpost Firewall Pro and offers help and support for technical advice and program assistance.

Outpost Firewall Pro's self-protection technology aims at detecting attempts to modify or disable its services or hinder program protection, and received accolades by Comparison Testers as being capable and sophisticated at detecting all known methods of disabling it without user permission. The testing site Matousec.com[6] (performing a test-set of leak-tests to all known software including PC firewalls), consistently gives Outpost Firewall Pro its highest ratings in PC firewalls independent comparisons. Outpost Firewall Pro has more than[weasel words] 30 awards in 15 countries in computer media and test labs since 2002.[7]

Outpost can generate a large number of security alerts, which some experts[who?] believe will lead to an inexperienced end-user habitually dismissing all alerts, even important ones. This firewall is preferred by experienced users[who?] as Agnitum's direction is to give the end user complete control to all aspects of their system to avoid unwanted changes by malicious software, disclosure of personal information and malware. In advanced security mode, Outpost's Component Control will notify the user every time a network enabled application has a changed component and Anti-Leak Control will notify the user whenever an application performs a potentially dangerous operation such as overwriting another application's memory space. In practice this can result in such a high number of alerts that they can quickly become intrusive. To mediate this, Outpost includes the option to apply validated presets automatically, to allow for a secure configuration, and yet provide ease of use.

On December 9, 2015, Yandex acquired Agnitum in order to use their technology in the Yandex Browser. Valid license holders were given until January 31, 2016 to exchange their license keys for a 1 year license of Kaspersky Internet Security.[9]

Disclosure: This is another one of those paid-reviews-trying-to-pay-off-tuition things.It's a rather well-known fact that Microsoft's attempts at integrating a top-notch firewall into their operating systems have come up short. If their integrated "firewall" was any good, they wouldn't have made it so easy to disable it to use a real firewall and would have kept with Microsoft monopoly tradition making it impossible to disable. One of the most popular firewall solutions for Windows has always been ZoneAlarm.

However, I'll be taking a look at a firewall that I haven't heard of until recently, Agnitum's Outpost Firewall Pro. Outpost is more than just a firewall, featuring innovative methods of preventing data theft whereby a malware application can utilize personal information from another application. Outpost Pro's data theft prevention is part of its privacy feature set aimed at curbing identity theft. That alone is rather captivating.

One of the largest pet peeves of firewall software is the constant need to allow or deny certain connections to be made. After a while, most firewalls "learn" what connections are okay to make and tend to bug you less often with allow or deny requests. Outpost Pro gets around this by including predefined rules for known applications, in addition to something I really like, Entertainment mode.

Once you enter Entertainment mode, which can be automatically triggered once certain applications are launched, you can enjoy full-screen gaming or movie watching without being interrupted by Outpost. Over spring break I installed Counter-Strike: Source (an old but great FPS game) on my mom's computer, only to be annoyed to discover when I went full-screen the Windows firewall popped up and eventually froze CS:S. Entertainment mode is definitely a welcomed feature in Outpost Pro.

Outpost Pro is a complete security suite and includes an on-demand spyware scanner that can be run whenever you like, similar to Ad-Aware. However, I also found that the scanner ran in the background, detecting vulnerabilities on the fly. It (annoyingly) came up several times by itself when it discovered standard tracking cookies from MSN and similar sites.

The interface is intuitive and designed as if it were part of Windows. I didn't spend time looking for certain settings and was able to go on with my regular tasks normally. I enjoyed looking at the section that displayed network activity and open ports used by applications in real-time. In the above screenshot you can see a portion of the left pane devoted to plug-ins. Outpost Pro is plug-in friendly and allows you to easily extend its security functionality.

Personally, I don't use anti-virus or firewall software when I'm on a PC. I'm prefer the ignorance-is-bliss route, am always behind a firewalled router with NAT and practice common sense. However, I would recommend Outpost Pro to family members looking to secure their PC. That recommendation will also probably go over better than my "you don't need Norton, just use common sense" excuse .

Outpost's firewall view is excellent for monitoring normal and suspicious activity. Many times I have caught an application's live activity that purports to not communicate in a certain way and the truth is revealed in the live activity. An example of this is, a freshly installed popular non chrome browser communicating directly with Google servers on startup when the developer says it doesn't. The proof is in the eating. This is a low and legitimate communication but it shows how Outpost immediately shows the traffic and allows for immediate action rather than allowing the communication for as long as it takes you to trawl a log file. Of deeper concern is Windows' svchost. I have 8 rules for this alone. FYI, All rules created satisfactorily from pop-ups.

What exactly are you missing in the Network connection view? You see there a list of connections and we provide users with an option to create a blocking rule for it with a single click. It doesn't make sense to have an option to create a brand new firewall rule there for instance.

Many many years back (prior to eset suites being available) i always used a 3rd party firewall along side NOD32 as there was never any compatibility issues that other vendors suffered from. Like @itman has mentioned above. Because these 3rd party firewalls are dedicated applications they will always be more flexibe when it comes to ease of use (for more complex settings). Other vendors that offer security suites have either similar or worse methods of configuration when you get to the firewall.

Maybe using outpost along with NOD32 might be more to your liking .

My understanding is it is not compatible with x(64) kernel patch protection. The primary reason almost all the third party HIPS solutions shut down. Assume their profits from such software were not worth reengineering the software to be compatible.

I agree that I am part of a minority user base and I understand that there are significant development costs in producing products for market. As a Sales Manager I also understand that It's all about the sales figures. Not a bad thing. A company grows to a certain size and there are a lot of mouths to feed. I see that ESET have 1300+ employees. They wouldn't be immune from the effects of growing islands of self interest. A challenge I must negotiate with my own large sales accounts. Slow moving large wheels influenced by even larger ones.

I am of the mind that there many benefits that come from seeing and controlling your own position in the flow of data traffic. How that information is scaled per user is a developers continuing challenge.

I'm corrently using Windows for my machines with Outpost firewall(Agnitum), but want to switch for linux(not sure what disto yet) and would love to know from you what are my options with linux's firewall software.

I basically have all my connections blocked, except the ones I opened, but I can switch policy(mode) so the firewall will intercept any new attempts to establish new connections(that are not allowed yet) and notify me about each of them - and actually let me manage it on the fly(e.g. block, allow, temp allow etc).

Note MS-Windows conflates many ideas: e.g. it conflates disk-formatting and creation of a file-system, it calls this disk-formatting. It this case it conflates file-walls with proxies, filters, and probably some other things.

3a8082e126