Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Review: CA's ETrust Firewall

Protecting desktop systems from malicious code and intrusions has become relatively easy nowadays thanks to the plethora of network-based security products. The more pressing problem for IT departments and solution providers is how to offer the same kind of protection to traveling and/or mobile workers.

The simplest solution is installing firewall software directly on a mobile user's notebook computer. Therein lies a major revenue opportunity for system builders and solution providers. Computer Associates International's eTrust EZ Firewall r5.1 was designed with all the standard features of higher-end, hardware-based firewalls yet is easy enough for an end user to manage and configure. The product installs quickly using CA's setup wizard and is compatible with Windows XP, 2000 and 9x/ME.

ETrust EZ Firewall includes predefined security policies that are quite effective. Out of the box, the product is designed to block most access attempts and to inform the user of suspicious activity. The popup dialog box alerts can be intrusive at first, but as the product learns a particular user's acceptable access and habits, those dialogs and interruptions become less frequent and the firewall works quietly in the background.

Users who want to monitor the program's effectiveness can do so via a summary screen that provides an overall status report of blocked or allowed Web sites, access attempts and virus warnings. For mobile workers, eTrust EZ Firewall automatically detects new network connections and applies predefined security policies to those connections. This feature speeds setup and increases security when users are connecting to a new network or hot spot, which is when PCs are most vulnerable.

The firewall uses a stateful packet inspection engine to check each and every packet (incoming and outgoing) for security breaches. ETrust EZ Firewall is ICSI-certified, which guarantees that the product adheres to the security industry's best practices.

In addition to the product's firewall functionality, users will find a powerful intrusion-detection and
-prevention engine, which blocks both known and unknown intrusion attempts. The product is also
constantly updated to prevent "false positives," in which an application with a legitimate need to access the Web or provide a Web service is blocked from doing so because it resembles a possible intrusion.

  • 1