However, I did like Nod32 3.0, also contained in ESS, and that product is also now available as a standalone upgrade to Nod32 2.7. I have not had a chance to test the 3.0 version standalone product yet. I’ve been focused on the firewalls. But testing Nod32 3.0 is very high on my list. From my look at ESS beta, I don’t anticipate any serious criticism of Nod32 3.0. I like the UI a little better. I didn’t see anything I didn’t like. But I still have to test it to be sure.

I don’t write final security reviews before I’m sure about the product. So depending on the complexities I encounter when I test Nod32 v.3, it could be 4 - 8 weeks before I’ll give you a definitive answer. If you’re forced to make a decision before that, I would currently characterize Nod32 3.0 as a good bet.

Hope this helps.

They will shortly be offering free upgrades to current Nod32 2.7 customers - is it worthwhile upgrading to ESS, or just to Nod32 3.0?

Would you consider ESS better than nothing?

I found the D-link FVS124G that is a 4 port gigabit firewall/switch. I would have to get another gigabit switch for expansion off it it as you did. Do I understand correctly if I went this route that all of my port forwarding, port ranges, etc. would just be set on the firwall and then the additional switch would just do HDCP (if needed for certain devices) on the added ports? So I really would not have to “manage/log into” that additional switch? I assume a DMZ (which I don’t use) would have to go right off the firewall but the other ports would all share my range/trigger settings made on the firewall?

I am really glad I did not jump on the first solution I saw….
BJB

Another important aspect I’ve found regarding firewalls is the delay it can produce in starting programs. I use a POSIX (UNIX-like) environment called Cygwin, and being UNIX-like, has lots of small programs that do one thing and does it well - so a shell script can run a dozen or more little programs to do little tasks.

I found Zone Alarm when I was last using it to cause a noticeable and unacceptable slowing of scripts run time. Sunbelt/Kerio was okay with this - although you wanted to turn off the checking of programs spawning other programs (which seemed of limited usefulness and would be confusing for the uninitiated I think).

Comodo so far seems good in this department.

Yet another metric…

Does the Linksys firewall router not have SPI (stateful packet inspection)? It used to, I know. I agree with your thinking, fwiw. I’m still using an older D-Link firewall/router, it’s a four port. I have it connected to a 24-port gigabit switch — so that’s another option for you. Buy a router that works and then get a separate high-quality switch.

Hope that helps. A refresh article is a good idea.