F-Secure 2014 IS beta need to test with Windows 8.1 preview!!!

RusliRusli Posts: 998 Adventurer

Hi

 

I am suggesting F-Secure to hold off the F-Secure 2014 release because I recommend F-Secure to test with Windows 8.1 Preview!

 

This is critical. 

 

Because the release RTM of Windows 8.1 is just around the corner.

 

If not F-Secure is bound to have issues later on.

 

I am suggesting to F-Secure to drop support for Windows own integrated firewall.

 

Because most of the F-Secure users did not like using Windows Integrated firewall.

 

I still think that Windows Integrated Firewall is very vulnerable!

 

Comments

  • TomiTomi Posts: 48 F-Secure Employee

    Hello Rusli,

    We are testing with Windows 8.1 Preview versions and when Internet Security 2014 comes out it will support Windows 8.1 version also.

    siramic
  • RusliRusli Posts: 998 Adventurer

    Hi

     

    Honestly, I don't really like the idea of using Windows own default firewall.

     

    It is the most vulnerable Firewall!

     

    It is not secure!

     

    F-Secure must use it's own firewall software.

     

    Many Customers did not like using Windows own Integrated firewall as what being release in F-Seucure IS 2013!!!

     

    They prefer the same Firewall being used in F-Secure 2012!

     

    Nobody like to use Windows Integrated Firewall!

     

    Matousec did testing with Windows Firewalls.

     

    And it failed many or all majority of the test!!!

     

    I keep wonder why F-Secure still using Windows own Integrated Firewall???

  • pcah4pcah4 Posts: 22

    Rusli,

    I totally agree with you that F-Secure needs its own integrated firewall and i think the lack of it is 1,Driving many people away from F-Secure....2.When people realise after installation there is no firewall they move to another vendor.

    Windows firewall and deepguard may work well but you can`t beat an integrated firewall withih the security suite.

    Although i have nearly 2 years subscription left i will be moving on to another vendor as i see this as a serious flaw.

  • RusliRusli Posts: 998 Adventurer

    pcah, 

     

    Having rely on Windows own Integrated firewall is way too vulnerable!

     

    It fail the test over and over again.

     

    And it is not recommended to use as a defense in Windows platform.

     

    I wonder if F-Secure did a test with Matousec's Security Software testing suite 64.(Very important testings! F-Secure need to do testing with these software!!! In order to pass all the firewall testings!)

     

    http://www.matousec.com/downloads/

     

    Because testing all these things can fully know whether the firewall is fully protected!

     

    If Deepguard able to detect all of the Matousec's Security Software Testing Suite 64 that will protect everything!

     

    Because I know that Windows own Firewall is really really bad!

     

    And I don't fully recommend it!

     

    See ...

     

    http://www.matousec.com/projects/proactive-security-challenge-64/results.php

     

     

  • RusliRusli Posts: 998 Adventurer

    F-Secure don't ignore the RDP and Remote Assistant attacks. 

     

    This is the most common form of attacks as what Sophos reported.

     

    http://nakedsecurity.sophos.com/2012/09/07/microsoft-rdp-remote-desktop-protocol-or-routine-darkside-probe/

     

    If deepguard did not detect any of these things.

     

    We are really doom!

     

    Deepguard need to detect all incoming and outgoing rules!

  • etomcatetomcat Posts: 1,319 Superuser

    Hello,

     

    F-Secure's own firewall (Internet Shield module) has many rules and is too difficult to configure for most home users. In contrast, F-Secure software developers aim for simplicity of handling in their products, so they removed the customer firewall from their SOHO market products and left the network packet filtering job for the Windows built-in firewall.

     

    This change is indeed a problem for the ancient Windows XP operating system, with its weak firewall. The more modern Windows 8 / 7 / Vista systems have factory-installed firewalls which are good enough. After all, packet filtering is no longer that important for defence. Most attacks happen in network enabled applications nowadays, rather than directly in the TCP/IP stack.

     

    Sincerely: Tamas Feher, Hungary.

  • RusliRusli Posts: 998 Adventurer

    Did you do any PenTesting with the computer that is using F-Secure Internet Security that uses Windows Firewall???

     

    Does it protect when someone still able to penetrate your computer so easily?!!!

     

    Why F-Secure can't have a simplified the Firewall technology to make it so easy to use.

     

    One thing that lag behind is that F-Secure did not have a SANDBOX technology.

     

    Which is a must have technology.

     

     

  • etomcatetomcat Posts: 1,319 Superuser

    Hello,

     

    > One thing that lag behind is that F-Secure did not have a SANDBOX technology. Which is a must have technology.

     

    F-Secure Internet Security did have the "Pegasus" engine (Norman AB sandbox) integrated several years ago. The performance impact was so miserable it was removed from the product suite after about one year!

  • BlackcatBlackcat Posts: 511

    See if they can try again.

     

    Avast has a Sandbox and there is little effect on performance here.

  • hello

     

    new here but had to say one thing Matousec tests are mostly for HIP's and behavior blockers testing not so much for firewall testing and if you pay them you get better scores

     

    Product requirements

    http://www.matousec.com/projects/proactive-security-challenge-64/faq.php#product-requirements

     

    Question: What kind of products are suitable for Proactive Security Challenge 64 testing and which are not?

     

    Answer: We often receive requests to test security products that are not suitable for Proactive Security Challenge 64. It is important to understand what kind of products we test. The primary requirement is that the product implements application-based security model and behavior blocking. This means that it allows its users to control selected actions of applications. Among behavior blocking capabilities, the product must be able to control applications' network access.

     

    Then we require the product's project to be alive and intended to be used by desktop users. We are not interested in already dead projects without a future although exceptions may appear. Finally, we require the tested version of the product to be stable, publicly available in English and run on Windows OS that is currently supported by the challenge. Most of the products called an Internet security suite, a personal firewall, a HIPS, a behavior blocker do meet all these criteria and hence they are suitable for Proactive Security Challenge 64 testing.

     

    On the other hand, there are many products that are not suitable for our project. Security products that are built to protect only a single process are not suitable – various Internet browser security add-ons, sandboxes or virtualizations, for example. Also behavior blockers that focus on a single type of malware are not suitable – e.g. anti-keyloggers, malware removers. All pattern based systems that are not based on application behavior are not suitable – this includes all anti-virus and anti-malware solutions that are not delivered with application-based security module or do not implement at least a minimal application-based security model.

     

    The security software that is NOT suitable for Proactive Security Challenge 64 testing just because it is not publicly available or stable can be tested in private (commercial) Proactive Security Challenge 64 without a chance to publish its results, however. Any other security software that is NOT suitable can be tested on commercial basis outside Proactive Security Challenge 64.

     

    thanks

     

    James

     

    :)

     

     

     

     

     

     

     

  • RusliRusli Posts: 998 Adventurer

    I still have doubts about F-Secure using Windows Firewall.

     

    Do you know that it fail the Comodo Firewall leak testing!

     

    It's vulnerable.

     

    Does the behaviour blocker, detects both for incoming and outgoing firewall rules???

     

    Can it be effectively detects everything??? Both know and unknown.

     

    Can it detects zero day exploits????

     

    Can it detects everything???

  • hello
    
    comodo firewall leak test is old and geared more to comodo's firewall back then and so other firewalls do not do so well with this test 
    
    what do's windows firewall have to do with behaviour blocking a incoming or outgoing firewall rule ?(mabe a connection?)
    
    i would think that F-Secure's Deepguard would catch somethings nothing catch's everything so use a layered approach (i use  Private Firewall and F-Secure did run well) 
    
    for zero day exploits keep your system and vulnerable software up to date or use something like Malwarebytes Anti-Exploit BETA or use something like Sandboxie to sandbox your web browser
    
    thanks
    
    James
    
    :)

     

This discussion has been closed.