Any reason why I should use a firewall other than Vista's built-in one?

I was having a problem whereby a particular network app would hang on closure, and it appears that it had something to do with the ZoneAlarm firewall I was using (even though the app had full network access configured in ZoneAlarm). After uninstalling ZoneAlarm and enabling the Windows Vista firewall the app now closes properly.

Is there any reason why I shouldn’t just stick with the Vista firewall? Or should I try another free one, like Comodo? Or perhaps a non-free one?

I don’t use the Vista firewall, so this is a list of Firewall features you should think about:

Application identification: if you want to allow certain applications access to the internet, you want to be sure that the firewall is good at identifying which app is which. Good firewalls use fingerprinting (usually MD5 hashes) to ensure that a bad application can’t rename itself to get the rights of a trusted program.

Connection alerts: Your firewall should not allow outgoing connections without confirmation.

Rule editing: You should be review and modify the rules/applications. Whether this is easy or hard may influence your decision.

Configuration control: Malicious applications would love to disable or modify the firewall rules so that you do not know it has been doing stuff. The ability to prevent this is important.

Look here for some test-based recommendations.

Si

Thanks, sounds like Comodo seems like the best choice.

No, not really. The computer I’m writing this at is a Windows XP with built-in firewall installded perhaps six years ago working like a train.

If you want some special features and what not, of course, buy it. But if you want stable, secure computing, settle for the built in firewall and be sure to continously update your software and manifest a minmum of common sense and browse around a bit .

I’m a systems administrator working with Microsoft products for a decade now, security and otherwise. I have no interest in the well being of Microsoft, I’d probably buy a Mac myself if I got to choose—what I’m saying is that there’s a big difference between fact and myth in this case. Windows Vista with built in firewall and some free antivirus like AVG, and you’re safe.

Perhaps this has changed with Vista, but my understanding was that XP’s firewall did not check outgoing packets. Not a show-stopper, but a nice feature for monitoring your system (e.g., determining if your PC has been surreptiously hijacked or even identifying and blocking software that “phones home”).

I’ve found that ZoneAlarm is excellent. So excellent, in fact, that I’ve never bothered to try anything else. But then, I should also point out that I’m a Linux user – I only maintain Windows machines, not work on them day-to-day.

This has changed. You can block outgoing packets with Vista’s firewall but it’s not immediately obvious how to get to those advanced firewall settings. The quickest way is to type ‘WF.MSC’ in the run box (without the quotes). I find the options there quite robust and, overall, I’m satisfied with Vista’s firewall capabilities. Unlike with WinXP, I don’t see any reason to use a 3rd party app with Vista.

That’s excellent information to know, and I thank you for cluing me in.

Great stuff- but can I hijack for a quick minute? I have Trend pro which has all the firewall and keystroke encryption. Every time I start up the User Account Control (UAC) wants me to agree to use the said keystroke encryption. Can the UAC be disabled (and is this a wise move) or is there an easier way to ensure it just floats through on start up.