I’m trying to decide how many Plus versus non-Plus Endpoint licenses to buy. It looks like the distinguishing difference is the firewall. (I don’t need the anti-spam feature as I already have that covered on my email server.)
I’m very familiar with firewall operation at the packet level. I can see the value of the avast FW with my XP workstations, where Windows only provides a basic inbound filter. But I’m starting to deploy Windows 7, which includes a much better firewall. What value is there in adding avast’s FW to Win7’s? What does the avast FW do that Win7’s doesn’t?
Let me put it this way. There is no conflict. Thus both will work side by side. You may leave both running at the same time.
As far as licenses go remember AIS has an on-demand sandbox and “safezone”.
If you set the Avast firewall to ask, it will alert you to both incoming and outgoing connection attempts and give you the ability to choose whether to allow or block them. When it is on auto-decide, it really seems to just blindly allow everything so in my opinion it’s better to leave the windows firewall on so that you have control over incoming attempts.
If you don’t have malware on your system trying to connect outbound, and you are behind a NAT router FW blocking inbound, what would you expect it to do?
What I haven’t seen explained is the circumstances under which the AISFW would block outbound connection by something that hadn’t already been flagged by one of the other shields as dodgy?
I think it is a fair assessment when it makes rules allowing incoming connections for things that don’t need them and no Windows Firewall alert happens. It actually seems to work better on auto-decide in XP than in Win 7.