Our Defender product contains personal firewall functionality.
It contains fewer "static" rules, but contains "dynamic" automated
rules. In other words, Defender updates its firewall rules automatically as it encounters intrusions and undesirable traffic.
Existing personal firewalls do not detect intrusions, they simply block undesirable traffic. There are times when the software
calls on the user for a judgement, and the information presented to the average user about
network traffic will probably be too difficult to understand, thus making the user to define
exactly what "undesirable" means. Defender contains advanced intrusion countermeasures,
among which is a dynamic
firewall programmed by the rest of the system. As a result,
no programming is required.
Defender contains a set of anti-hacker countermeasures.
One of these countermeasures is a personal firewall.
A "firewall" is a network component that is programmed with "rules"
that will block certain types of traffic. In a corporate environment,
such rules are typically programmed to allow incoming e-mail to the
mail server, incoming HTTP traffic to the web server, and outgoing
HTTP traffic so that employees can surf the Internet. These firewalls
are extremely complex and difficult to program. As a result, corporations
are frequently hacked despite the firewalls.
A "personal firewall" is much simpler. While many personal firewalls
are separate devices that sit between the end-user computer and the Internet,
many personal firewalls are programs that sit on the end-user's computer.
Like their bigger cousins, personal firewalls must be programmed by
the end-user to block undesirable traffic. Though this step is significantly
easier than on real firewalls, it still requires that the user
know how to identify "undesirable" traffic.
One major flaw of personal firewalls is that if the end-user programs
it incorrectly, it will fail with no warning. For example, if the
an end-user forgets to block port 139, hackers anywhere on the Internet
can run password crackers against the system and break in. The firewall,
since it wasn't programmed to block the traffic, will not emit
any sort of warning. It believes that you want such activities to occur.
In contrast, our product will warn you of such activity and
automatically block it, no matter what. Let's assume that you
really do want port 139 enabled in order to share files with your
friends. Defender will still warn you whenever a hacker attempts
to crack the password, and will still automatically block the hacker.
Furthermore, Defender comes with a set of pre-programmed rules so
that it requires absolutely no programming on the end-user's part
in order to be effective.
Our product does contain programmable rules like other firewalls.
While more than adequate for end-users, these rules are likely
not complete enough to protect an entire corporation. Therefore,
while it can replace personal firewalls, it is not an adequate
replacement for corporate firewalls.
Our product can run alongside other firewall software. It has been
tested with numerous firewall products and no conflicts are known
at this time. When combining firewalls, it should be remembered
that if either firewall blocks traffic, then the traffic is blocked.
If one firewall says to allow traffic but the other says to block it,
then whoever blocked the traffic will "win" the contest.
