none
Annyone using 3rd party firewall, or just Anti Virus?? RRS feed

  • General discussion

  • Just curious to know how many people have installed a 3rd party firewall, not that there are many to choose from for WHS... I can only find Bitdefender!! or are people simply relying on AV software and the Windows Firewall for outbound protection...??
    DrSoton
    • Changed type kariya21Moderator Saturday, January 24, 2009 4:23 PM not a technical question
    Thursday, January 22, 2009 9:43 PM

All replies

  • As far as I know, Bitdefender doesn't have any products for Windows Home Server. McAfee, avast!, and fSecure are the only products I know of for WHS.

    As for the firewall, if you follow good computing practices, you really shouldn't need a third party firewall on your server; Windows Firewall should be sufficient.

    I'm not on the WHS team, I just post a lot. :)
    Thursday, January 22, 2009 10:16 PM
    Moderator
  • Bitdefender works on WHS and is officially supported and advertised, it just doesnt integrate into the console...

    http://www.bitdefender.com/PRODUCT-2217-en--BitDefender-Internet-Security-2009.html

    I do see your point, afterall, your whs wont be used like a desktop for browsing etc...


    DrSoton
    Friday, January 23, 2009 9:04 AM
  • Thanks for the link; they don't advertise that capability that I've seen, and I didn't see the mention of WHS when I checked their site.

    My own preference is for avast!, because of the central management of virus scanning on my network. In other words, I think the add-in is essential. :)  And my server only has Windows Firewall.

    I'm not on the WHS team, I just post a lot. :)
    Friday, January 23, 2009 3:48 PM
    Moderator
  • I have McAfee installed on WHS.

    No, I don't use it to surf the Internet, but in case a client copies virus infected files to WHS, my server won't be affected.

    Friday, January 23, 2009 6:12 PM
  • The vast majority of WHS users are also going to be behind a router which in itself, provides some reasonable protection. Also, quite a few users don't enable the forwarding of port 80 which helps limit exposure.

     

    Colin

     

     


    If anyone answers your query successfully, please mark it as 'Helpful', to guide other users.
    Friday, January 23, 2009 6:16 PM
    Moderator
  • As Ken Warren mentioned to me in the past you should also make sure that your Virus Protection software is made specifically for WHS. WHS is unique in the sense that it uses Drive Extender technology. Some AV programs could detect this as unusual activity and create havoc.

    As far as firewall software goes I don't think Microsoft's firewall is the best one available. First of all, the Windows Firewall does not monitor or block outbound traffic. This means that if you do get a virus there is really no way to block outbound traffic which could prevent malicious code from being executed on other machines. Also Microsoft's firewall depends heavily on Windows APIs which can be easily disabled. A smart virus could disable these APIs during a attack which would in turn render your firewall useless.

    I personally use the built in firewall but it really depends on how extreme you want to be with your security. I suppose if I had highly confidential documents on my home server I would probably choose a 3rd party firewall instead.

    Friday, January 23, 2009 9:31 PM
  •  Fom bitdefender site... stating WHS as a supported system...

    System Requirements

    Windows XP with Service Pack 2 (32/64 bit) or higher
    • 800 MHz or higher processor
    • 256 MB of RAM Memory (1GB recommended)
    • 170 MB available hard disk space (200 recommended)

    Windows Vista (32/64 bit) and Windows Vista SP1
    • 800 MHz or higher processor
    • 512 MB of RAM Memory (1 GB recommended)
    • 170 MB available hard disk space (200 recommended)

    Windows Home Server
    • 800 MHz or higher processor
    • 512 MB of RAM Memory (1 GB recommended)
    • 170 MB available hard disk space (200 recommended)

     

    It just doesnt itegrate into the cnsole..but has worked fin on my WHS, after a few tweaks of he firewall...

     

    Re Windows Firewall... Im sure, correct me if Im wrong, but Windows FIrewall does block outbound, as it will ask you if you wish to block applicaitons that are trying to access the internet.. It doesnt montior or control inbound threats..

     

     


    DrSoton
    Saturday, January 24, 2009 9:43 PM
  • No, Windows Firewall blocks traffic in both directions, just like any other firewall.
    I'm not on the WHS team, I just post a lot. :)
    Sunday, January 25, 2009 3:11 PM
    Moderator
  • Ken Warren said:

    No, Windows Firewall blocks traffic in both directions, just like any other firewall.


    I'm not on the WHS team, I just post a lot. :)



    Actually Ken, that's not correct.  Windows Firewall on XP doesn't block outbound connections at all.  WF on Vista has the ability to block outbound connections, but the default configuration is exactly the opposite of what it should be.  Outbound connections that do not match a rule are allowed (instead of blocked).
    Sunday, January 25, 2009 7:26 PM
    Moderator
  • I agree for XP, but we're talking about Windows Firewall on Windows Server 2003. Hmm, I guess it's possible that it's the same; I never though to look and I usually rely on the firewall in my router for most such functionality...
    I'm not on the WHS team, I just post a lot. :)
    Sunday, January 25, 2009 9:12 PM
    Moderator
  • Ken Warren said:

    I agree for XP, but we're talking about Windows Firewall on Windows Server 2003. Hmm, I guess it's possible that it's the same; I never though to look and I usually rely on the firewall in my router for most such functionality...


    I'm not on the WHS team, I just post a lot. :)



    To be honest, I think you are giving MS too much credit. ;)  Obviously Server 2003 is just XP Server.  Therefore, I suspect Server 2003 works virtually the same as XP (except for the features that were added to Server 2003 after XP was released, such as Previous Versions).  I don't see the 2003 Server team going back to code and changing the sealed XP image (any more than the WHS team can change the 2003 image).

    In any event, to verify what I said, I found a tool called LeakTest (on the same website as Shields Up!) to test the outbound connections.  Suffice it to say, XP/2003/WHS didn't pass (for that matter, Vista/2008 didn't pass either until I changed it to block outbound connections that do not match a rule).  (I don't know about Win 7 since I haven't had time to download the beta yet.)

    Monday, January 26, 2009 4:57 AM
    Moderator
  • Kariya,

     Windows 7 does not block outgoing connections either, actually there is a nice icon showing just that.  Failed LeakTest.

    Monday, January 26, 2009 7:15 PM