Outpost Firewall Pro 2.1 - part III

by Andrew Cooper

Other features

If this review is all you've heard of Outpost, you might be getting the idea that it's just a self-configurable banner blocker. Let's start into the nitty-gritty of this software's firewall, which many experts claim is the most powerful on the market.

The documentation states the software averts various network attacks (especially pertinent these days with worms like MyDoom) and filters Incoming email and abusive site contents. It even has a logging system so you can view every activity performed to and from your system. The documentation made me start to wonder if Outpost could barbeque my steak to perfection!

Enough on the documentation; let's get back to the program testing. The first thing I wanted to see was this self-proclaimed "sophisticated" logging system. I've seen many firewalls that lack the ability to track a history of events, which is really useful when you need to find out if there was an attack on your system two or three weeks ago and where the attack was coming from.

Outpost Firewall Log Viewer

It didn't take long to see that "sophisticated" was an understatement. Outpost logs everything - connections, addresses, ports, data counters, banners counters, application and system activity; basically, every datum you could possibly need to analyze what's going on in your system, all quickly searchable with timestamps, sorted and grouped any way you'd need it.

I was impressed with some of what I'd seen in Outpost up to this point, but this log system is worth more than the entire price of this software all by itself, in my opinion. The logging system is database-driven so it can give advanced users a very wide variety of ways to extract event data, build customized reports and perform analyses using various database technologies, such as OLAP. Regular users like me, however, will undoubtedly find Log Viewer's functionality more than adequate - especially with its ability to create custom filters for fine-tuned data displays enabling you to narrow your search to only the events you're interested in.



It's all fine and dandy to track activities and see that an attack took place, but what about being able to avert attacks? Read on, dear reader; read on!

Attack Detection Plug-In

To me "attack" means someone is trying to hack my computer and steal my credit card data or delete my favorite set of music files or my extensive collection of photos.

Outpost protects your computer from unauthorized accesses from hackers and crackers on the Web or any other network your computer is connected to. The actual firewall that does the blocking looks easy to understand. Even inexpert users can quickly learn how to use it.



You simply set the desired alert level and select various intruder-blocking options and that's it. Click OK and your protection is ensured. After that, Outpost keeps you informed of any suspicious actions against your system. Most people are amazed to find how many things Outpost has to block, but after a while these frequent alerts are distractive. You can even turn that off and work in peace.

However, if you're a network guru, who knows about packets, ports, networking drivers and other technical stuff, and are constantly looking for ways to fine-tune whatever software you're using, you might find it interesting to look through the plug-in configuration file that is located in the Outpost installation folder. The file lets you fine-tune this plug-in every which way. It's very well documented with descriptive comments and examples, but I definitely wouldn't recommend this type of tweaking to unskilled users.

Locking the backdoors

Along with DoS attacks and worms that spread through open network ports, there are many Trojans, viruses and worms coming to your computer via email. In the beginning of the year the Internet suffered a massive epidemic of worms (MyDoom, Bagel, NetSky, etc.)

These worms typically activate when an unknowing user opens a harmless looking file attached to an email message. The system launches the worm or virus and your computer's infected. Outpost Firewall includes its Email Attachment Filtering plug-in to prevent infections. The documentation says it filters viruses out of email, but in fact it quarantines the email. Outpost is a firewall, not an antivirus program. This is a fine point, but I make it to prevent confusion for an unqualified user. The level of protection is essentially the same either way; the virus or worm is blocked.



As you can see in the above screenshot, there's an option to rename an attachment - that is, to change its extension so the system won't automatically activate it without your permission. I receive tons of emails a day and although it doesn't happen often, I have opened attachments without going through a thorough verification that they are safe. Virus lists are always updated after new viruses spread, so it's very handy to have an assistant who asks you to think twice before opening an attachment. This is a very useful plug-in that is easy to configure and effective.

Some parental control

It doesn't take much web surfing for someone to discover that much of it is definitely not for children. Any concerned parent has two choices, either keep their child off the Internet or restrict its content. Outpost Firewall includes a powerful Content Filtering plug-in that blocks any web pages that contain any forbidden words either in the page address (e.g. http://www.terror.com) or in the page contents itself. Instead of showing these pages, the plug-in forces the browser to display a customizable message that explains why the page was blocked.



This is definitely a useful plug-in, but instead of coming with a predefined list of objectionable words, you have to add them manually, a very tedious task. The plug-in's effectiveness is greatly reduced because of the time it takes to configure it. Once configured, however, it performs well, making all the effort you had to spend on it worthwhile.

Hidden surprise

I thought I finished exploring the software when I bumped into a feature I've never seen before in a firewall. Outpost supports custom plug-ins. That means it provides an interface for you to create a plug-in that would satisfy your own personal needs. Every user is unique as are his requirements, which is why I value this feature. Everyone with programming skill can build into Outpost his own unique functionality.

An example of this is a plug-in our site team here at pcflank.com created called the WhoEasy plug-in that lets you track an attacker by his IP address or computer name and report from which geographical location that intruder tries to infiltrate your system. This is pretty useful, because it's been well known for years that the best thing to hide behind is an IP address. With the help of Outpost and WhoEasy it's possible to track an intruder and report him to his ISP so he doesn't harm other systems not protected by Outpost.

Verdict



Outpost Personal Firewall Pro 2.1 has extensive improvements over its former award-winning version. It's an excellent choice for someone looking for a reliable personal firewall. There are not many firewalls, certainly none as powerful as this, that are suitable for both rookie users and experienced professionals. Outpost gives superior protection regardless of the user's knowledge or skill level. It went far beyond my expectations. There are a few minor issues, but none that are critical.

If you haven't tried Outpost it is definitely worth a test drive. Highly recommended.

Developer's web site: http://www.agnitum.com
Download link: http://www.agnitum.com/download/

Back to Part II
Back to Part I