Questions

Is XP Firewall Good Enough for Business

Tags:
+
0 Votes
Locked

Is XP Firewall Good Enough for Business

sn
I am about to be working on a small business network currently consisting of Windows XP PCs. They have Symantec AntiVirus and Windows XP Firewall.

I'm not a big fan of Symantec/Norton, but at least it's something. The main thing I am worried about is the lack of 3rd party firewall. Is the Windows XP Firewall good enough for a small business? Or is it useless (dangerous) enough that I should attempt to convince the powers that be to invest in a third party firewall, such as ZoneAlarm?

Any help is greatly appreciated.
  • +
    0 Votes
    nepenthe0

    Yes, Windows Firewall is good enough if you configure a NAT router to conceal the IP addresses of your computers. With a NAT router enabled, malicious queries are ignored, and your network is effectively in stealth mode.

    Keep in mind that Norton is a notorious resource hog, and many machines perform dismally with this installed. The free Avast! antivirus program has been favorably mentioned in this Forum:

    http://www.avast.com/

    To get rid of Norton, you will need the Norton Removal Tool:

    http://tinyurl.com/2l3zve

    I do not generally advise business entities regarding security configurations. You may wish to discuss this further with Michael Kassner who regularly posts to TR and is a recognized expert in Security issues.

    +
    0 Votes
    Tig2

    You might also want to check out grc.com. Steve Gibson is recognized as a leader in security.

    I have advised business on firewall choices. I cannot recommend the Windows firewall because it is not aggressive enough and in the event that anything happened, not taking the step of choosing a third party solution may count against the company when assessing liability.

    +
    0 Votes
    Tig2

    Go get Zone- it is inexpensive and will be easy for your end users to understand. I use Zone Free on my mother in law's computer, the SO uses the Internet Security Suite. It runs about $100 for a two year subscription and offers mail support as well as AV and spyware support. As all-in-one tools go, it is a winner.

    To learn how a high level security expert feels about the Zone product line, go to grc.com. You will find yourself on Steve Gibson's website. He also offers a series of small security tools that I have on all my Windows boxes.

    Got more questions? Feel free to peer me.

    +
    0 Votes
    boxfiddler Moderator

    Zone Alarm is an excellent firewall, free or Pro. I have been using it exclusively for years. I do a lot of bookkeeping for small organizations, and teach online classes, from home. I need serious protection to comply with HIPAA, for example.

    Ditch the Windows firewall. It won't give you what you need if you are operating a business - and that is notification that you are being probed, attacked, or that an unknown trojan is leaving your computer with all your keystrokes. The Windows firewall informs you about nothing.

    +
    0 Votes
    OH Smeg

    Answer NO

    It's not good enough for home use let alone any place that ,makes money off computers or work done on them.

    The only reason that the Windows Firewall is used is that it is Free and you don't have to pay for it. The Implementation of this bit of Software gives a False Sense of Security which isn't warranted and leads to even worse Security Procedures being followed. If you are planning on basing your entire Security Model on a Windows Firewall it would be safer to print out your Bank Details and give them to everyone who walks past. At least then you would expect to have the Bank Account Emptied and it wouldn't come as a surprise when you get informed of it happening.

    Col

    +
    0 Votes
    logisticscanada

    Although you didn't mention in your email, your network probably has Internet connectivity. Install a good router and configure it properly. This will be the best single-point, controllable protection for the network. Through a reliable anti-virus on the server too. Do not rely on the workstations to give you the confidence you are looking for.

    +
    0 Votes
    Kenone

    No software firewall is "good enough". I strongly encourage all home users to install a firewall appliance. A business needs even more.

    +
    0 Votes
    Jellimonsta

    I would recommend a hardware firewall at your edge, and, if possible, a software firewall on your clients.
    The Windows firewall is ingress only and does not inform of any egress connections. Therefore, virus propagation from your domain is quite possible, and is a good way to get on the CBL.
    Dependant upon the number of users, I would recommend Comodo or Sygate.

    +
    0 Votes
    apkeene

    XP doesn't tell you what is going on at all. I agree with the other people about install a hardware firewall... but don't waste money on also software at the same time. and depending on what your company does if you have a hardware firewall the network admin will know what is going on but the user do not need to know. this is a problem with using software firewall it allows users to know what software the company is running and open potential holes in the security of the network. best bet is a hardware firewall at the entry point for the network and a well configured router..

    +
    0 Votes
    SKDTech

    Better off with a hardware firewall appliance and network monitoring. Most NAT routers operate as simple hardware firewalls but you are likely to want more protection, ie a dedicated firewall appliance, in a business.

    +
    0 Votes
    1bn0

    Windows firewall is a Desktop Application Firewall. It's like the front door to a celebrities house. If they get that far it's too close and my already be too late.

    For a network you need a hardware firewall where you inside network is connected to the outside world.

    Like putting a guardhouse at the end of the driveway.

    The fence? That's a different problem!

  • +
    0 Votes
    nepenthe0

    Yes, Windows Firewall is good enough if you configure a NAT router to conceal the IP addresses of your computers. With a NAT router enabled, malicious queries are ignored, and your network is effectively in stealth mode.

    Keep in mind that Norton is a notorious resource hog, and many machines perform dismally with this installed. The free Avast! antivirus program has been favorably mentioned in this Forum:

    http://www.avast.com/

    To get rid of Norton, you will need the Norton Removal Tool:

    http://tinyurl.com/2l3zve

    I do not generally advise business entities regarding security configurations. You may wish to discuss this further with Michael Kassner who regularly posts to TR and is a recognized expert in Security issues.

    +
    0 Votes
    Tig2

    You might also want to check out grc.com. Steve Gibson is recognized as a leader in security.

    I have advised business on firewall choices. I cannot recommend the Windows firewall because it is not aggressive enough and in the event that anything happened, not taking the step of choosing a third party solution may count against the company when assessing liability.

    +
    0 Votes
    Tig2

    Go get Zone- it is inexpensive and will be easy for your end users to understand. I use Zone Free on my mother in law's computer, the SO uses the Internet Security Suite. It runs about $100 for a two year subscription and offers mail support as well as AV and spyware support. As all-in-one tools go, it is a winner.

    To learn how a high level security expert feels about the Zone product line, go to grc.com. You will find yourself on Steve Gibson's website. He also offers a series of small security tools that I have on all my Windows boxes.

    Got more questions? Feel free to peer me.

    +
    0 Votes
    boxfiddler Moderator

    Zone Alarm is an excellent firewall, free or Pro. I have been using it exclusively for years. I do a lot of bookkeeping for small organizations, and teach online classes, from home. I need serious protection to comply with HIPAA, for example.

    Ditch the Windows firewall. It won't give you what you need if you are operating a business - and that is notification that you are being probed, attacked, or that an unknown trojan is leaving your computer with all your keystrokes. The Windows firewall informs you about nothing.

    +
    0 Votes
    OH Smeg

    Answer NO

    It's not good enough for home use let alone any place that ,makes money off computers or work done on them.

    The only reason that the Windows Firewall is used is that it is Free and you don't have to pay for it. The Implementation of this bit of Software gives a False Sense of Security which isn't warranted and leads to even worse Security Procedures being followed. If you are planning on basing your entire Security Model on a Windows Firewall it would be safer to print out your Bank Details and give them to everyone who walks past. At least then you would expect to have the Bank Account Emptied and it wouldn't come as a surprise when you get informed of it happening.

    Col

    +
    0 Votes
    logisticscanada

    Although you didn't mention in your email, your network probably has Internet connectivity. Install a good router and configure it properly. This will be the best single-point, controllable protection for the network. Through a reliable anti-virus on the server too. Do not rely on the workstations to give you the confidence you are looking for.

    +
    0 Votes
    Kenone

    No software firewall is "good enough". I strongly encourage all home users to install a firewall appliance. A business needs even more.

    +
    0 Votes
    Jellimonsta

    I would recommend a hardware firewall at your edge, and, if possible, a software firewall on your clients.
    The Windows firewall is ingress only and does not inform of any egress connections. Therefore, virus propagation from your domain is quite possible, and is a good way to get on the CBL.
    Dependant upon the number of users, I would recommend Comodo or Sygate.

    +
    0 Votes
    apkeene

    XP doesn't tell you what is going on at all. I agree with the other people about install a hardware firewall... but don't waste money on also software at the same time. and depending on what your company does if you have a hardware firewall the network admin will know what is going on but the user do not need to know. this is a problem with using software firewall it allows users to know what software the company is running and open potential holes in the security of the network. best bet is a hardware firewall at the entry point for the network and a well configured router..

    +
    0 Votes
    SKDTech

    Better off with a hardware firewall appliance and network monitoring. Most NAT routers operate as simple hardware firewalls but you are likely to want more protection, ie a dedicated firewall appliance, in a business.

    +
    0 Votes
    1bn0

    Windows firewall is a Desktop Application Firewall. It's like the front door to a celebrities house. If they get that far it's too close and my already be too late.

    For a network you need a hardware firewall where you inside network is connected to the outside world.

    Like putting a guardhouse at the end of the driveway.

    The fence? That's a different problem!