Microsoft’s Charles Fitzgerald once said, “If you want security on the Net, unplug your computer.” There’s now another option: Norton Firewall. Don’t get too excited though. Symantec’s Norton Firewall accomplishes the difficult task of securing your computer in almost the same way as unplugging your Internet connection. To explain, indulge me in a short trip down memory lane and a small moral object lesson.
I was raised in an environment where the authority figures around me had a hard time modulating the balance between excess and modesty. For example, many who guided my moral education believed that alcohol was evil. The belief wasn’t merely that alcohol could cause evil or that it could be used by evil people. Rather, the teaching was that the substance itself was somehow evil. I think the belief sprang from the fact that alcohol can be abused and cause lots of personal and social heartache. But instead of teaching moderation, and providing education on developing the discipline of avoiding excess, my moralist elders demonized the substance and demanded that people entirely refrain from drinking alcohol. In many ways, while this approach was pretty effective in keeping people away from the dangers of alcohol, it taught us relatively nothing and prevented people from enjoying many of the healthy and wonderful things about a fine scotch or a perfectly aged Merlot. Looking back, the approach now strikes me as a bit lazy. It’s much easier to demonize something entirely and avoid dealing with it altogether than it is to accept that it can be used for evil or good and to do the really hard work of figuring out which is which.
This anecdote does relate to Norton Personal Firewall in that the application is a lot like my childhood leaders. Norton Personal Firewall will protect you. Unfortunately, it will do so at the cost of essentially unplugging you from your network. It will lock everything out and warn you about everything that passes through it instead of using intelligent logic to determine what is risky and what is not. You’ll be safe but, in my opinion, you’ll be too safe.
Price to Value (2 out of 5)
There is little about the Norton Personal Firewall to recommend. It’s slow, overprotective, and overly complex. I suffered from installation problems as well. For the money, there are other products that do a much better job.
Installation & Setup (2 out of 5)
On the first installation, the installer worked as expected and did a good job of transitioning my computer from Windows Firewall to the Norton Personal Firewall. While not a one-click process, the installer wasn’t too invasive although it did need quite a bit of handholding.
Prior to installing the application, the installer did a pre-install integrity scan which checked the computer for problems that would prevent the firewall from installing properly.
User Interface (3 out of 5)
The UI is broken down into two main sections. The Norton Protection Center is a quick-glance overview of the status of the security on your system. It tells the user which areas need attention and provides a big “Fix Now” button to address any open issues. I had problems getting the protection to work. Pressing the Fix Now button didn’t seem to do anything and neither did clicking on a link that was supposed to show me details of my problems. Clicking on one of the detail links did present me with a small dialog box that outlined the protection status for that area.
Product Features (1 out of 5)
The offline and online support are good.
As I stated in the introduction, my evaluation of the firewall is that it is far too restrictive by default. In general, anything that required network or internet access after the firewall was installed either didn’t work properly or needed manual permissions set in the firewall. For example, Remote Desktop failed to work after the firewall was installed. I expected this because I have Remote Desktop set to listen on a non-standard port on the machine on which Norton Personal Firewall was installed. I opened the port (or at least I thought I had) and still could not get Remote Desktop to work. So I tried to launch a very standard network utility called ipconfig.exe in order to check my IP addresses and ensure I was connected to the network. Norton Firewall flagged ipconfig.exe as a suspicious application and wouldn’t allow it to access my network. I had to explicitly tell the firewall that the application was okay. (Note: this happened the first time I installed the firewall but not the second time. The second time, Norton Firewall automatically evaluated the application and permitted it to run.) I never did get Norton Firewall to allow me to use Remote Desktop and had to turn the firewall completely off in order to use the application. Not good.
I also had ongoing problems with other standard applications that attempt to access the internet. I could not get my Google Toolbar gadgets to update even after I uninstalled Norton Firewall (the protection that keeps on protecting) and I even had problems accessing my local network.
Performance (2 out of 5)
Overall, the Norton Personal Firewall interface and scanning engines are sluggish. The UI took 5-7 seconds at times to respond to a mouse click and file operations like copying a bunch of files over the network generally increased by 1-2 seconds with the scanners on. When I tried to run ipconfig to get an IP address, it took approximately 5 seconds for the firewall to respond and tell me that it had detected the “intrusion.”
The software needs a re-write in my opinion. It appears to be a last-generation package that needs to be rewritten with modern tools and a new approach.
Overall, Symantec’s Norton Personal Firewall does not stand up against the competition. A firewall should not only be measured by how well it keeps threats at bay (which the Symantec product does well) but how well it stays out of the way and lets your computer do what it was meant to do. Norton Personal Firewall is too present: it slows things down and is always in your face. It’s also too restrictive and not smart enough to know what to let in and out and what to ask you about.
ZoneAlarm Pro, CA Personal Firewall