FS Internet Security 2011 - First Impressions
Yesterday, I installed FS Internet Security 2011 (my first install) on a Windows Vista Ultimate 32bit machine with latest SPs, Firefox 5.0 etc. This machine is one of several within my SOHO, which sits behind a Netgear dual WAN GigE Router/hardware firewall, and is a fully fledged Windows "domain" with one machine running Windows Server 2003 as a PDC (and manages AD / DHCP / DNS on the PDC itself). I also have several Netgear SC101T zSAN storage devices and one D-Link NFS storage device, all attached via a D-Link 24 port GigE switch. No Wi-Fi at present.
Initial impressions - At first, it was a difficult start, but I think I'm getting the hang of it. Like most everyone else, initially, I had to "allow all" in FS Firewall, just to keep running. Of course, FS turns the *nag* on when you do that ("YOUR COMPUTER IS NOT SECURE!!!"). Just a suggestion, but it would be nice to have an option to "disable" the nag, as we can do with Windows UAC etc. ... We're all "adults" here and can take responsibility for our own actions, I think.
Slowly, I am starting to create FS firewall rules that may, at some point, allow me to remove "allow all" and return to normal ops. Particularly, opening ports for all my POP3, SMTP and NNTP aps/services. I also had to create a rule to allow all traffic within my internal IP range inside the SOHO (ie. behind the hardware firewall/router). This, in order to access the Netgear SC101T zSAN devices (they were being blocked). I also had to "allow" some programs flagged by "DeepGuard," but once done, they seem to work correctly.
Where I'm stuck now is in re: Firefox 5.0. Removing "Allow all" totally disables Firefox. I could not even get to this website to post this message! Either I haven't opened the correct port(s), or some other rule I've not established is blocking access to all sites. Invoking "allow all" allows normal ops to resume, and allows FS "browser protection" to alert on questionable sites. Note that I am not running FF under a proxy server. If anyone can point me in the right direction with this, I'd greatly appreciate it. For now, I have to keep "allow all" alive.
I'm sure that most of this is a matter of getting all the FS firewall rules I need established/enabled. Another "suggestion" to FS - It would have been nice to be notified (explicitly) during the FS install process that "Windows firewall is being 'disabled,' " and provide a report of the affected Windows Firewall rules/services for us to use and re-establish on FS. Better still, a conversion service to migrate Windows Firewall rules onto FS Firewall would have been truly nice, but I do understand the Herculean effort required to get that right. And I understand why you wouldn't want to get that wrong.
Perhaps, a video or interactive "Tutorial" on the chief things to watch out for when installing the product for the first time. Things like "Windows firewall being disabled" etc. etc. and all the typical consequences of that. Particularly, ensure that one opens the appropriate ports needed for POP3, SMTP and NNTP apps, etc. At least, a report of Windows Firewall rules that are lost or, even better, a conversion program for the most typical rules would really be sweet. Once one gets the hang of FS, I'm sure it will be a fantastic product.
Just help us a bit more with the "learning curve."
Thanks & Regards.
Comments
-
Quoting my earlier post -
@mag3rd wrote:
Where I'm stuck now is in re: Firefox 5.0. Removing "Allow all" totally disables Firefox. I could not even get to this website to post this message! Either I haven't opened the correct port(s), or some other rule I've not established is blocking access to all sites. Invoking "allow all" allows normal ops to resume, and allows FS "browser protection" to alert on questionable sites. Note that I am not running FF under a proxy server. If anyone can point me in the right direction with this, I'd greatly appreciate it. For now, I have to keep "allow all" alive.
Problem solved, thanks to a quick call to F-Secure Customer Service. I was using the "custom" Firewall Profile instead of the "normal" profile. Once I changed to the "Normal" profile and re-added my custom rule for "Allow all traffic within the SOHO IP address range," all is now well. Still some testing to do, but I expect there to be no problems.
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!