Solutions for blocking select network traffic
I am working as a system administrator in a high school in Norway, and I am searching for a solution that can help me block select traffic on my network. I have tested BlackIce PC Protection from blackice.ISS.net. This software could block a lot of software and also terminate programs. They have a lot of different solutions, and I thought they could deliver a very strong security solution for my needs and networking environment. Do you have any experience with this product, and if not, what would you recommend?
I have used BlackICE PC Protection as well as numerous other host-based intrusion prevention/personal firewall products. BlackICE is a good solution. It is better than your basic Windows Firewall in that it allows you to filter not only inbound but also outbound connections, in addition to being able to monitor the software running on the desktop. If you want to look at alternative products to try to find the best for you, I would recommend checking out this link
for a list of certified desktop firewall products.
In addition, Zone Labs ZoneAlarm is another popular product that does a good job of securing a desktop (including being free for individual and not-for-profit charitable entity use, excluding governmental entities and educational institutions). Cisco also makes a product known as the Cisco Security Agent that integrates with their intrusion detection solutions which provide an effective desktop security solution.
At the end of the day, all of these product do many of the same things, and it becomes a question of which solution is best for your environment. If you have implemented and like BlackICE PC Protection, I think it sounds like a good solution for you.
This was first published in December 2004