I am still using Windows XP. Someone recently told me that while Windows 7 has a built-in firewall that is good enough on its own, the XP version is not. Therefore, I was advised to continue using third-party firewall software. However, I note that ZoneAlarm slows my computer somewhat. I had also tried Comodo, but didn't much like it. (I stopped using Norton and then McAfee years ago, because they conflicted with my order entry software at that time, causing unacceptable delays.) And so my question is this: is the XP built-in firewall indeed insufficient so that I really should continue to use a third party firewall? I would appreciate any comments and insights you may have. And yes, I use anti-virus software.
is the computer in question used exclusively for trading, or for general web browsing and other software as well? Do you have a router or is your computer connected directly to the cable/DSL modem?
I use the computer for other stuff as well. I previously had a router, which I understand also functioned as something of a firewall. However, a few years ago, I was given a new modem with wireless capability from my service provider. (I don't use wireless in my trading.) The technical support rep advised that this dual purpose modem also provides the kind of hardware firewall feature that a regular router would.
Yes, some modems now act as a router/firewall (Verizon FIOS for example) Basically the software firewall offers both inbound and outbound filtering where as the hardware firewall such as the one that comes with your router (including the ISP provided one) usually just blocks the incoming connections. Same thing for the XP built in firewall for the most part. If another computer on your home network gets compromised, the hardware firewall will not help you. If your computer gets compromised, then the standard windows firewall will not block the outbound connections that the virus/spyware may try to make. They also usually come with antivirus and spyware detection integrated The 3rd party software firewalls have more features for detecting and blocking the malicious connections for those situations. If this is a general purpose machine, you probably do want to use a 3rd party firewall/AV/spyware detection. I can't really recommend any specific product. I am not a big fan of retail Norton firewall/AV products (harder to get rid of it than a virus). Symantec Corporate version is pretty good without significant performance degradation.
Thank you for your input. Much appreciated. Just a follow-up question, if I may. Regarding your comment that the standard Windows firewall will not block the outbound connections that the virus/spyware may try to make, would not the third-party anti-virus software detect such activity as suspicious and stop it in its tracks? I'm inclined to leave my ZoneAlarm in place after reading your post, but I'd appreciate a bit of clarification if you don't mind.
Yes. 3rd party firewalls would block outgoing connections based on various rules. Like from apps that the firewall does not recognize for example, or on ports that you did not enable. That capability comes at a price - performance as you noticed. Some are better about it than others. I would probably want to get a better AV to avoid the PC getting compromised in the first place. Once compromised, the virus, etc may be able to shut down the firewall.. Many try. Its an ongoing arms race.
I think you meant anti-virus software, since that was the point of my question. I use AVG for anti-virus. How do you regard AVG?
sorry, misread it Theoretically, yes, AV/Anti-spyware software "should" block it. However, that is not a sure thing. I had my PC get infected even though I had up-to-date AV running
Hmm, so that means it unfortunately got past your firewall as well... Life can be like that, eh? I appreciate your insight. However, I must admit I'm still a bit confused about whether I should just hang on to my AVG anti-virus and use both Windows XP firewall and that afforded by the router/modem, or whether I should also hold on to the ZoneAlarm firewall.