avast! Firewall vs Windows XP Firewall

Hi Guys,

I just wanna know, is it alright to keep Windows XP (SP3) Firewall ON while I using avast! Firewall? I mean is there any PLUS point (More secure or …) of having both ON? Else can I save more resources by turning off Windows Firewall?

Cheers…

Avast IS firewall is compatible with the windows firewall, so it shouldn’t be an issue leaving it on.

Yeah… But David, does Windows FW has anything special to improve security other than avast FW? If there is nothing special, I can turn it off N save up more resources nah?

Cheers…

I believe it is able to handle the IPv6 IP protocol avast currently only IPv4, but that shouldn’t be an issue as many ISPs are not geared up for IPv6 either.

I did some search online and found that disabling Windows FW deactivate IPSec feature which encrypt LAN and VPN communications (Except for Win 7). So I think it’s better to keep Windows FW active. Does it count or avast FW has it’s own functionality similar to IPSec?

Cheers…

I don’t use the security suite so I’m not that familiar with its internal functioning.

Mayura, I use AIS but I’m not sure about this particular information. We need Lukor here…

@ DavidR: Alright mate :slight_smile:

@Tech: Hi Tech, Where can we find him? Can we post our problem or invite him to look upon this thread? :slight_smile:

Cheers…

You’re welcome,

I have tried to attract Lukor’s attention ;D

I don’t think IPSEC on VPN is affected by turning avast firewall off. However currently the limitation of avast firewall is the lack of IPv6 features, so I generally suggest to leave them both on. They work pretty ok together.

I did some search online and found that disabling Windows FW deactivate IPSec feature which encrypt LAN and VPN communications (Except for Win 7).
If you check out WIN 7 firewall documentation, it will state the WIN 7 firewall is always running in the background when a third party firewall is installed for encrypt LAN and VPN communications functions. Security Center will state it is in an off state as to not conflict with the third party firewall but its service is still running.

As far as the XP firewall goes, I wouldn’t say the above applies since I beleive this functionality was added when the firewall was redesigned for Vista and subsequently carried over to WIN 7.

Finally, encrypt LAN and VPN communications are only used for the most part on corporate networks. The only time a home user would use VPN comm generally would be to connect to his workplace computer.

@DavidR: Wow :slight_smile: That’s great… You see, it worked :wink:

@lukor: Oops… What if I turn off Windows FW mate? it affects on IPSec? If so avast FW do encrypt LAN and VPN communications?

@DonZ63: Yeah mate :slight_smile: That’s why I include “(Except for Win 7)” N basically home user wouldn’t need encrypted VPN communication. But I couldn’t mention that I do need it to establish remote connection :slight_smile:

Cheers…

You might as well disable Windows Firewall, especially on XP, it’s useless garbage.

As Mayura is using avast! IS then he should follow DavidR’s advice. :slight_smile:

@norel: I’m gonna keep both ON for now mate :slight_smile:

@YoKenny: Ya mate :slight_smile: It’s better to have both ON to be on safe side until I find avast FW able to encrypt VPN communications.

Cheers…

I’m not sure the firewall has anything to do with encrypting the VPN communication, it just allows the traffic through, you set up the VPN and if you elect for it to be secure (encrypted) then that is done at that setup level and of it goes through the firewall (assuming that kind of connection isn’t blocked by any firewall rule). Hence lukor’s mistaken comment that “I don’t think IPSEC on VPN is affected by turning avast firewall off” as I believe they are independent of one and other. I have never had to use of setup a secure VPN, so I’m not speaking from personal experience.

http://en.wikipedia.org/wiki/VPN
http://en.wikipedia.org/wiki/IPsec

So I’m not really sure what it is that you are waiting for ?

Here’s a bit better explanation: http://technet.microsoft.com/en-us/library/cc958037.aspx.

Main point to remember is that the only thing the firewall sees related to VPN is it’s headers. The data is encrypted and transmitted in a “tunnel.” Firewalls(except WIN 7) are incapable of monitoring tunnel IP traffic.

Which is basically what I was saying in reply to Mayura’s post:

The firewall isn’t responsible for creating the secure VPN connection, that is down to the VPN software being used, it is independent of the firewall.

VPN Encryption

To help ensure confidentiality of the data as it traverses the shared or public transit network, it is encrypted by the sender and decrypted by the receiver. Because data encryption is performed between the VPN client and VPN server, it is not necessary to use data encryption on the communication link between a dial-up client and its Internet service provider (ISP). For example, a mobile user uses a dial-up networking connection to dial in to a local ISP. Once the Internet connection is made, the user creates a VPN connection with the corporate VPN server. If the VPN connection is encrypted, there is no need to use encryption on the dial-up networking connection between the client and the ISP.

Remote access data encryption does not provide end-to-end data encryption. End-to-end encryption is data encryption between the client application and the server that hosts the resource or service being accessed by the client application. To get end-to-end data encryption, use IPSec to help create a secure connection after the remote access connection has been made.

Source: http://technet.microsoft.com/en-us/library/cc779919(WS.10).aspx#w2k3tr_vpn_how_rffz

Yeah guys, I believe avast! firewall doesn’t interact with VPN, but IPSec has a responsibility for creating end-to-end data encryption. However in Windows XP, IPSec affected by turning off Windows FW. So I can’t turn off Windows Firewall to save up resources, neither can turn off avast! firewall as it is far superior.

DavidR,

I was doubtful and wonder is there any unique feature of Win FW that avast! firewall can’t be covered. If avast! firewall cover features of Win FW, then no point of having Win FW enabled. But the problem was VPN encryption and IPSec. However IPSec is compulsory as I make use of VPN connections. So I just wanna know even after turning off Win FW, avast! FW or AIS itself can handle the IPSec functionality. However now I know they are different lessons on same book :wink:

Cheers…

Thanks guys… :slight_smile:

You’re welcome.