Anyone like to weight in on Zone Alarm versus Black Ice or other inexpensive personal favorites?
With your reasons as well please.

Have you considered a hardware firewall? For very little you can get a good router with a built in firewall that will be more than sufficient for SOHO use, as for Zonealarm, I am not a fan of it, too many bells and whistles.

The internal XP SW firewall isn't great but it does the job if you just need something for occasional use (e.g at a public WLAN hotspot, at a hotel, etc) ...

I have used Sygate for years with good result. Meaning that it hasn't caused many problems and seems to monitor outgoing and incoming packets well, has a good way to allow those packets I want to come through or go out, and has a good user interface.

Sorry I should have been clearer. I have a router/firewall @ home but this is for the road as I do a lot of public Wi-Fi access.

Side note. I have Norton Internet Security Suite but uninstalled it because one of the services (called: Norton AntiVirus Auto Protect Service) was generating 100x more disk I/O than the next closest process. I presumed disabling the service disabled the value of the product.

Well, a firewall on the road isn't going to do you much good, especially if you are planning on picking up email from your ISP etc...

Unsecured WiFi can be intercepted VERY simply, and unless you have any kind of file sharing turned on there won't be any open ports on your laptop that will be of any use to a hacker.

So, focus more in the central side (your email etc...) and consider either setting up a simple VPN at home or asking if your ISP supports secure pop connections. A firewall looks nice and reports a load of attempts, but unless you have something open on your machine then the WinXP firewall will be more than sufficient.

But when zonealarm is doing it's best to prevent "hack attempts" someone else is snooping on your unsecured WiFi connection and has your POP password and is reading all your email...

I use BlackICE Defender at home (it's not a firewall, but an IDS). I like it, mainly because of the never ending entertainment you get when you watch people try to hammer your machine.

I have Zone Alarm on my notebook and we have Black Ice on a home desktop with a wired connection to a cable modem. We have been satisfied with both. Zone Alarm seems to have more features but Black Ice seems to have all of the necessary basics. I agree about wireless. I have become more concerned about it. I now almost always use a VPN connection when on wireless, even when only surfing public sites.

I use Zone Alarm and have been happy with it. It catches some attachments before the anti virus software gets to them, so that may be a help for you.

Another convert from Zone Alarm to Sygate - Sygate is more intuitive, and provides better information about what's going on.

My father-in-law elected to try the free Zone Alarm Pro for 14 days. It promptly unloaded his Winsocks protocol - a very safe option

Just and FYI about the SW ICFW that comes with CP. It won't allow you to share files or printers on a local network, even through the same router. So, if you have a home computer, and you share files or transfer to / from you laptop, that won't work and you won't know why.

If you use the laptop to connect to *nix box at work, then use ssh, or VPN tunnel if there is one in your work place. I use hummingbird's product - Which supports ssh,kerberos and X over VPN tunnels.
ScottC is right; Anyone can snoop your WiFI connection, sitting in the Airport lounge. There are PD programs out there that can do it

Replying to the original message: Try kerio ( www.kerio.com ). I've used it on several machines. It's rules based, so you can set up your own filtering.

I installed Zone Alarm on two machines, and in both cases it was a disaster. Machines ran like molasses. Removed ZA, machines worked fine. ZA is Harry Hysterical, popping up warnings on everything. Kerio just quietly logs what it does, and you can view it as needed. Be warned though that the first time you use it you will get a lot of requests to allow (or not) harmless connections, but you check off whether to make a rule of your decision or not. Will stabalize after a few minutes.

[This message has been edited by SoManyMiles-SoLittleTime (edited Jan 18, 2004).]

ZA seems to work quite nicely for me, it really reduces most of the pop-ups and the price is right. As for the ZA pop-up alerts, ZA is easily configured to avoid this action if you wish to. Also it doesnt seem to slow down d/l or u/l running Win98 or XP Pro. Far better than BlackIce.

MisterNice

I **LOVE** Kerio software, I use their stuff for my email, VPN and firewalls...