Zone Labs Delighted with Windows Vista Firewall Muddle
The firewall built into Windows Vista will not automatically block outgoing traffic, which is much appreciated by security software developer ZoneLabs.
ZDNet Australia reports: “When Microsoft updated Windows XP with Service Pack 2 (SP2) in August 2004, for the first time Windows included a firewall that was switched on by default. In Windows Vista, the firewall will be capable of blocking both outgoing and incoming traffic but Microsoft has not explained why the outgoing function will, by default, be inactive.”
Microsoft says, Windows Vista is able to protect against incoming attacks but users will have to “selectively configure the firewall” to stop unauthorized applications connecting to the Internet.
Michael Warrilow, Director of Hydrasight, said that one reason could be that predicting the behavior of applications is very difficult. “The firewall is to protect against inbound attacks — instead of protecting the rest of the world from you. Also, the behavior of applications is more difficult to predict for outbound traffic.”
One company that is rather pleased about Microsoft’s decision is Zone Labs, which is probably best known for its ZoneAlarm firewall application.
Zone Labs, Laura Yecies, told ZDNet Australia that Vista’s firewall will lack some key features that come as standard on the free version of ZoneAlarm. “It is not final but it certainly doesn’t have the behavioral capabilities [of ZoneAlarm]… It does have the outbound capability but that is off by default.”
Zone Labs believes the release of Vista is likely to boost sales of its own firewall, as happened when Microsoft launched SP2 for Windows XP. “There was a lot of attention for SP2, which put more attention on firewalls and [that] you need a good firewall.” said Yecies.
In general, Yecies believes that Zone Labs customers will be better off once Microsoft launches Vista. “I am glad they are making their system better. My customers will be more secure if the average Microsoft customer has better security on their system — because they will be less likely to be a bot.”
