However, my preliminary impression of Nod32 3.0, also contained in ESS, was quite positive. That product is available as a standalone upgrade to Nod32 2.7 for $40 (one user, one year).

I have not had a chance to fully test the 3.0 standalone product yet. I’ve been focused on the firewalls. But testing Nod32 3.0 is very high on my list. From my look at the ESS beta, I don’t anticipate any serious criticism of Nod32 3.0. I like the UI a little better. I didn’t see anything I didn’t like. I didn’t have any problems with it. But I still have to test it fully to be sure. I’ll be looking at it on both Vista and XP.

I don’t write final security reviews before I’m sure about a product. So depending on the complexities I encounter when I test Nod32 v.3, it could be four to eight weeks before I give you a definitive answer.

If you’re forced to make a decision before that, I would currently characterize Nod32 3.0 as a good bet. And, again, I would recommend separate firewall and antispam solutions instead of ESS.

If you’re using Nod32 3.0, I would be interested in your experiences with and impressions of it. Please send your thoughts to me. Thanks!

Alternatively, you can also post your experiences as a comment to this post if you prefer.

A couple of days ago, Comodo released what some have dubbed Comodo 3.0 Beta 3 (version 3.0.9.229). With this new rendition of the code, for the first time you get the sense of what the company expects the user experience to be. The product relies heavily on user prompts to warn you of possible threatening actions, but you can tell it to remember your answers and make specific programs “trusted applications,” which effectively silences future prompts. The user experience is pretty good, overall, but it’s way too early to determine whether the product will perform without bugginess on some desktops.

I ran Comodo Beta 3 through the standard battery of outbound leaktests performed by sites like Firewall Leak Tester and Matousec, which I’ve referred you to many times in the past. Some of these tests really mean very little, but some are quite good. Like its predecessor, Comodo 2.4, the new 3.0 product offers excellent outbound protection — the factor that I’ve identified as the Holy Grail of this long-term review. (For more on the leaktests I’m using, see the ZoneAlarm review in More on Software Firewalls for Windows.) Comodo 3.0.9.229 passed every single test I threw at it.

It’s not time yet to do a full review on this product, which supports XP and Vista, but Comodo 3 is promising. Even so, there’s one aspect of the all-new Comodo I’m not in love with: the redesigned user controls, logs, and settings interface. It’s pretty, but not really well designed. It’s difficult to know whether items you’re clicking into give you a way to configure or just a window for viewing historical data. I’d like a single place to review the decisions I’ve made about specific programs. While your actions are recorded, there’s no place to review and change them. Seems like something this product definitely needs.

The addition of the HIPS technology (host intrusion prevention system) adds a layer of defense without overly complicating the operation of the software firewall. That’s a key advantage of Comodo 3. But the extra layer of protections and settings does make for a far more complex set of controls and settings dialogs. It’s easy to get lost in Comodo 3′s rabbit warren of options.

Although I don’t have the latest word from Comodo yet, judging from this version of the product, the company is six to eight weeks away from shipping Comodo 3. There are still a few missing features. With security software, I like to see it ship before I recommend it. So hang in there. It may be a few more months before I can tell you whether to adopt this firewall.

If you’re thinking about testing Comodo 3.0.9.229 too, be sure to uninstall any previous software on your system before installing this one — including Comodo 2.4 or any of the Comodo 3 betas. After you install it and reboot it, the best way to train it is to launch every program installed on your system that you use regularly, one after the other, making selections in Comod’s pop-up prompts. Definitely use the Remember check box, and setting programs you use frequently as trusted applications (from the drop-down menu) will eliminate future Comodo pop-ups.

Once you’ve had a chance to try it out, send me a note about your experiences. This is a beta product, so you may run into bugs and issues. Making a backup of your entire drive before you install beta software is always a shrewd thing to do.

Eset’s Firewall — and Updated Nod32 Antivirus Program
Meanwhile, the Best Antivirus Product of 2007, as named by yours truly, Eset’s Nod32 2.7, is being reworked by the company into a new 3.0 version. Eset has two flavors of its new product line: the antivirus/anti-malware-only product and the new Eset Smart Security, a suite product that adds a firewall and an antispam option.

I’ll be retesting Eset’s forthcoming Nod32 3.0 when it finally ships. My initial impressions are quite positive. For now, Scot’s Newsletter continues to recommend Nod32 2.7.

But I’ve made a decision in the opposite direction about Eset Smart Security suite. Take a pass on this one. The firewall seems very pedestrian; it’s able to handle only three of the leaktests on my list of 17. And what’s with the antispam module? That doesn’t belong in a package like this. The best thing about Eset Smart Security is Nod32 3.0 and the fact that you can turn the other two modules off.

What If?
So, where does that leave things? If Comodo 3 winds up having issues, we’ll be back at square one. And what that should mean for you is a solid hardware firewall/router just behind your connection to the Internet with WPA Personal encryption for any wireless networking you have on your network. For more information about the hardware side of the equation, please see Kicking Off a Software Firewall Comparo from June of 2006. Many experienced users are content with this level of protection.

Previous Installments in the Software Firewall Series:

• Windows Software Firewalls Evaluation Rolls On (September 2007)
• Twists and Turns on the Road to the Best Software Firewall (July 2007)
• Review Roundup: Slim Is in for Windows Desktop Firewalls (June 2007)
• More on Software Firewalls for Windows (June 2007)
• Update: Software Firewalls for Windows XP (April 2007)
• Kicking off a Software Firewall Comparo (Sept. 2006)

Eset’s Nod32 2.5 came in second last year, despite the fact that I had several criticisms of it. My assessment last year was based on a series of factors. But the most important criterion was that the utility run without bogging down the system and, basically, do no harm to your computer. Of course, catching the bad stuff was very important too.

Even though F-Secure’s 2006 product skirted the primary requirement pretty finely, the user interface and the included anti-spyware module combined, in my mind, to make it a great value. What’s more, F-Secure took me through a real-world test — one that I didn’t plan — with flying colors. (Nod32 got other people through the exact same real-world test, by the way.)

But F-Secure has an Achilles’ heel. It doesn’t play nicely with other security apps. It has a tendency to create a mess if other security products are present — even if they’re not running. It has a tendency to pop up dialogs informing you that it can’t install unless you uninstall this or that specific program. This was something I came across with F-Secure Anti-Virus 2006 only when I purposely installed it while AVG was running. And the process of uninstalling AVG worked so well in my test, that I felt comfortable recommending F-Secure.

I stand by last year’s assessment, even though a couple dozen Scot’s Newsletter readers had problems with F-Secure Anti-Virus 2006 or F-Secure Internet Security 2006 (which I did not recommend). That’s more than I would have liked to see with my top product pick. Still, far more people wrote me that they’d had no trouble with F-Secure and were delighted with it as compared with the Norton, ZoneAlarm, or McAfee antivirus products.

A couple months after my recommendation, and after F-Secure officials promised me that they were working to make the product more tolerant of other security apps, the company released F-Secure Anti-Virus 2007. Overall, the product is marginally better in most regards. But in one very significant way, it’s markedly worse. The first time I installed it, it forced me to remove the LiveUpdate online-updating module for Symantec’s PartitionMagic before it would install. This is sheer stupidity. PartitionMagic isn’t even a security utility. F-Secure’s programmers must have unilaterally decided that because Symantec’s security products use the same program-updating module, F-Secure won’t co-exist with any instance of LiveUpdate. That was the moment that I finally gave up on F-Secure.

But the fun didn’t stop there. Even though F-Secure Anti-Virus 2007 doesn’t contain a real firewall, I began to get reports about conflicts with software firewalls with which F-Secure Anti-Virus 2006 had co-existed just fine. One of those programs is Kerio from Sunbelt Software, which is still one of my personal favorites among firewalls, even though some other products, such as Comodo Group’s Comodo, have better test ratings. (For those of you wondering, I’m still working on a low-cost, outbound-oriented software firewall recommendation, but it’s still a ways out. Comodo is a top contender in my evaluations, and I love Kerio’s interface.)

Bottom line: I can accept an antivirus product gracefully preventing co-existence with another antivirus product. It’s just good common sense. But when a product stupidly enforces the removal of products that it has no business conflicting with — I’m done.

I am now reversing my recommendation on F-Secure. The 2007 product is not a good one. If you have F-Secure 2006 and it’s working well for you, you’re safe to ride out its license. But you should plan on making the switch then.

Nod32. 2.7
So why didn’t I pick Nod32 last year? There were three main reasons:

1. It has a terrible interface. Part of the reason that’s the case is that it’s a lot more configurable and powerful than other AV products. Still, I knew that some of my readers were going to have a hard time setting it up properly. It’s even easy to miss settings. Eset is planning to heavily revise the user interface in an upcoming release. My initial inclination was to wait for that revision, which will probably be called Version 3.0. (The 2.7 release’s interface is nearly identical to the 2.5 version I reviewed last year.) But with F-Secure falling out of the running, Nod32 2.7 is the best choice, despite the user interface issues.

2. A lot of smart people disagree with me on this point, but I prefer an AV product that has outbound mail scanning. It’s true, the most important scan is the inbound scan — and Nod32 does that just fine. So why then does Nod32 offer an outbound scan for Microsoft Outlook clients but no others? I didn’t (and still don’t) like the double standard. Eset intends to eventually add outbound scans for other email programs, but Eset officials have told me that the company doesn’t plan to do so until some time after the forthcoming 3.0 release.

3. As a Eudora user, I wasn’t thrilled that Nod32 doesn’t scan Eudora’s text-based mailbox files on disk scans. (Other AV products have no trouble scanning Eudora mailboxes.) Nod32 just skips them, and if you force it to scan them, it will give you error messages. Eset has no intention of fixing this problem. While that doesn’t mean Eudora users are unprotected (Nod32 scans everything that comes into your computer — before it even gets to your mailbox files), it’s not a good thing. Why does the product even offer a scheduled disk scan then? The best approach to security is not to rely too much on any one method of protection. Again, there’s a double standard, and I dislike double standards.

Nod32′s Shining Flip Side
What’s good about Nod32 grows on you the more you use it, though. I have it running on four computers, and I’ve come to greatly admire it and trust it implicitly (though none of those PCs currently has Eudora on them.)

What makes Nod32 a great security utility? First, it’s a tight application with a very small footprint. You will not notice any performance hit with Nod32. Second, once you figure out how to install and configure it properly, it operates silently. Third, it’s extremely effective at its job. You will be protected. For more about Nod32 2.7, check out the Eset Nod32 Web site. (Plus, check out this story that explains how to configure harder-to-find settings in Nod32.)

Another aspect of Nod32 that I like is that it’s inexpensive, and the company offers small multiple-license deals that are aimed at techies like us who may have multiple computers in their homes. As I did last year, you can buy four two-year Nod32 licenses for $148. That works out to $18.50 per year per PC (renewals are less expensive, so that’s part of the savings). As an existing 2.5 license holder, the upgrade to Version 2.7 was free to me.

If the company’s claims for the 2.7 are to be believed, it’s even more effective against malware than 2.5 was. Eset’s Nod32 2.7 marketing language claims it protects against viruses, spyware, malware, and rootkits. I know this to be true of the product, although in the past its makers stopped short of claiming it. I’m running 2.7 as my only virus/spyware/malware protection, opting to remove Spy Sweeper. Version 2.7 also supports Vista. I’ve had it running on a Vista machine for a couple of months.

Finally, one of the best things about Nod32 is its advanced architecture. Along with a handful of other AV products, Nod32 is out in front on a new, more advanced way of protecting against computer threats: the use of heuristics or behavioral modeling. This technology, though not new, is finally becoming significant. It watches for potential threats based on actions and tendencies. Nod32 doesn’t rely solely on heuristics, but that type of protection makes it more likely to catch new variations or types of threats before anti-malware signatures are created for them.

There’s no doubt in my mind that in 2007, Nod32 is the very best lightweight antivirus/anti-malware product you can buy for Windows XP, Vista, or Linux/BSD. My decision to crown it the Best Antivirus Product of 2007 came without hesitation — even for Eudora users. No, it’s not perfect. But it’s clearly your best choice.

Fact Box The Best Antivirus Product of 2007 | Nod32 2.7, Eset, 866-343-3738, $39