Ottawa PC Users' Group, Inc.
 Product Review 
 


Personal Firewall Plus
by
Alan German

Yet another review of a McAfee product; I'm soon going to be on their payroll, or their black list!  Actually, I have few complaints about this package, and lots of kudos to McAfee for a well-designed product so, who knows, if they are lurking somewhere in cyberspace reading my words of wisdom, perhaps they will sign me up as a beta tester.

Personal Firewall Plus is a stand-alone version of McAfee's Internet firewall product.  The instruction manual said to uninstall any other firewalls before installing Personal Firewall Plus - as I found out when reading the manual as the package was installing.  I hadn't uninstalled the firewall portion of McAfee's VirusScan Home Edition, the most recently reviewed package, but the new version of the firewall installed just fine. 

Kudos to McAfee for a well-designed product

The installation routine dutifully reported that the firewall was configured and ready to use, and then offered a wizard to customize the program's operation.  The steps were very easy to follow, with the default choices being mostly appropriate in my case.  One is able to select a level for alerts to be issued (only red alerts for me), specify the type of network and the level of access afforded to other machines on the network.  Interestingly, the recommended choice is "Don't trust my local network" which, in any case, was the item of choice where there is no LAN.  The final setting was for recognition of application programs which I left set at "Use smart recommendations" which blocks any new applications until allowed by the user.

I did find one small glitch in the installation routine.  After the initial installation I was instructed to "Remove any CDs or floppy disks and click Restart".  Like a good reviewer, I did precisely as I was told, took out the installation CD, pressed Restart and Windows promptly indicated that I should insert the missing CD!

After rebooting, my old friend McAfee's SecurityCenter loaded, with its array of pretty coloured bars (see http://www.opcug.ca/public/Reviews/SpamKiller.htm).  As might be expected, my anti-virus and anti-hacker ratings were both fully green at 10.0, but my overall security index stood at only 8.5.  The reason for the latter was that my machine was sadly deficient in the anti-abuse and anti-spam departments, both deep in the red at 1.0.  The recommendation was in part to obtain SpamKiller; however, given my earlier experience with this particular product, I don't find this an optimal solution.  I can live with being in the red in this case.

Another oddity, a pop-up window warned about a medium-risk advisory for the worm W32/Bagle@MM.  Why should I worry?  I do have VirusScan installed?  Pop-ups with McAfee seem to be almost the norm.  I notice that when one visits their web site for program support, or help with a given feature, in addition to viewing the web page of interest, there is a steady bombardment of adverts in pop-up windows.  I guess my one general complaint about McAfee is that they are very egocentric, always pushing more of their products, and indicating potential problems even when you already have the solution.  Hey, we're already paying customers guys.  You should treat us nicely! 

 

With the boxed package installed, and knowing what we do about the currency of shrink-wrapped software, it was time to update the "new" firewall package.  This was a fairly straightforward process - register a name, E-mail address and password with McAfee's web site, and let the instant updater rip.  One of McAfee's wizards indicated the various steps involved for downloading and installing the updates; however, unfortunately, there was no indication of the number of files to be transferred or their sizes.  So, it was time to sit back, keep one eye on the monitor, and read the instruction manual.  The process ran completely automatically, save for a couple of reboots.  Eventually, the updater reported that API version 5.0.1.5 was installed and that "All McAfee Security Services are up to date".  Success!

One of the options on the program's main menu was to "Test My Firewall" which sounded like a good idea.  By default the program goes out to HackerWatch.org, a McAfee web site which will probe the ports on your machine.  To give McAfee credit where due, they also provided links to dslreports.com and pcflank.com, two other sites that provide similar functionality.  My newly-installed firewall passed all the tests at all the locations, including those at ShieldsUP!  which I also visited for good measure.

The SecurityCenter interface for Personal Firewall Plus is an improvement over that for VirusScan Home Edition since it tightly integrates both VirusScan and the firewall.  Basically, one icon in the system tray provides ready access to both programs.  Large icons for McAfee's individual products, including VirusScan and Personal Firewall+ are shown on the main SecurityCenter menu screen. 

Clicking on the icon for Personal Firewall+ takes you to a secondary menu screen with a modern web-like design.  The menu system is clean and colourful, with individual icons and explanatory text for the various functions, and links to other options such as updates, web-based support and help files.  The page has four main tabs: Summary, Internet Applications, Inbound Events and Utilities.  The firewall summary page provides a simple overview of the program's status and activity, with links to various functions providing more detail.  The list of Internet applications and their settings allows changes to be made to these settings for any particular program.  Similarly access is provided to a detailed log of events tracked by the firewall, probably giving more detail than most of us want to see but, no doubt, useful for some.  Finally, the utilities tab lets the user change the alert, security, port and log settings, create a set of trusted and banned URLs, and see a graphical representation of Internet traffic on the machine over time.

One of the graphical features of the program is Visual Trace that supposedly allows the user to see where hacker attacks originate.  Every time I tried to trace any of the alerts, a map of the world was displayed, there was lots of pinging recorded, but the map didn't seem to change, and it  certainly didn't tell me anything.  So, I regret that I can't see any benefit to this process.  The other item that provides graphs and charts is the traffic monitor.  This shows a graph of web traffic by the minute or by the hour, and records statistics on such items as rates of transfer, the number of bytes transferred, and the bandwidth occupied by the most frequently used applications.  Again, personally, I don't find such data useful, but perhaps it's a must-know item for others.

However, scanning the events log was somewhat reassuring.  There were lots of ping attempts, DCE endpoint resolution services trying to access TCP port 135, and programs trying to access TCP port 6129, to say nothing of "Kuang2 The Virus" evidently knocking on the door of TCP port 17300.  All such intrusion attempts were noted as having been firmly rebuffed by the ever-watchful firewall.

So, overall, for me the package is a hit, with more-or-less trouble free installation, a really clean user interface, and mostly just working away in the background doing its job keeping the bad guys at bay. 


Bottom Line:

Personal Firewall Plus 2004 ver. 5.0
$49.19 CAN (1year subscription, downloadable version, or physical shipment.)
from McAfee Security
Web site: http://ca.mcafee.com/?CID=5819&langid=34
ShieldsUP! website: http://grc.com


Copyright and Usage
Ottawa Personal Computer Users Group (OPCUG), Inc.
3 Thatcher Street, Ottawa, ON  K2G 1S6

The opinions expressed in these reviews may not necessarily
represent the views of the OPCUG or its members