Cloud Firewall

[Guest TheA!]

Let's just think of an Cloud Firewall. This Cloud Firewall, will have the following to protect the user, and allow Different Softwares/Programs to connect.

1. The Cloud Firewall will have an Blacklist of Softwares/Programs to BLOCK from connecting to the Internet - This way, this can help the user to see that he installed something Bad/Infected.

2. The Cloud Firewall will also have an Whitelist of Softwares/Programs to ALLOW connecting to the Internet.

Against Unknown files, I really don't know what to use, but here is some TIPS that the members can choose wich is best.

3. * The Cloud Firewall blocks the Software/Program from connecting, and the Information will be send to the experts.

*The Cloud Firewall Allows the Connection in limited use.

So, I think it could get really good by this. Users can post LINKS to software download sites and then get reviewed by Experts/Determined to be Infected or Not.

 

[Guest orlando]

Is a good idea, especially the black and white lists.

 

Orlando

[christhomas]

This idea is already reported and I guess it is in their lists

[ritchie58]

A cloud based firewall does seem like a good idea to explore. I also liked TheA's idea to have a whitelist and blacklist function for such a firewall. That would help users from installing malware infested software from the start. Another idea for the firewall would be the option to view all incoming and outgoing active connections and what program is associated with each connection. Perhaps even show the local and remote IP addresses of each connection. That way you could see if a program is connecting to the web that shouldn't be (malware). Also another idea would be the option to run an application that your not entirely sure of in a kind of "safe mode". The app could run and function but would not have the ability to permanently change anything in the operating system and once the system is rebooted the app would revert back to it's original state. The only drawback to this would be if the software was legitimate and perhaps it updated itself, the update would be lost once a reboot occurred. Then again, that would give you time to see if the app was doing something it shouldn't be. If all is well then just add it to your whitelist which would disable the safe mode for the app.

[sweidre]

Hi all!

 

I am not sure, if these two matters should belong to Cloud Firewall or Cloud AntiVirus:

 

Infected setup- file

It happens now & then, that when I download a new software or an update of an existing software, that the setup- file is reported as infected (normally by a trojan). If I ignore the message and run the setup-file anyhow, all the installed files are shown as clean. Then I delete the infected setup- file, and my computer is shown as clean again by all my installed security- programs.

 

Infected Uninstall.exe

It has happened a couple of times , that Uninstall.exe of a software has been reported as infected. Of course, I deleted the Uninstall.exe! When I wanted one day to uninstall the software, this was not possible due to the missing Uninstall.exe. I solved it by installing the software, which added the Uninstall.exe again. Then I could easily uninstall the software!

 

I want, how these two issues should best be tackled: The installed softwares are really clean, but the set-up file and/or Uninstall.exe are not!

 

Cheers,

sweidre

[ritchie58]

Sweidre, I like to save installers in a backup folder just in case I need to re-install something and I have run into the same problem on several occasions myself. Where Panda Cloud Antivirus had detected what it thought was an infection in the install.exe file for an application days or even weeks after the software has already been installed and shows no signs of infection itself (after running AV scans). I did the same thing, delete the (maybe) corrupted install file just to be on the safe side. It could have been a false positive but I didn't take the chance. The last time that occurred was with the latest version of VLC Media Player 1.1.2 installer.

[spaider-man]

I vote for that. A cloud firewall does seem a viable tool. Although I have a few questions in mind. Do enlighten me as I am merely beginning to explore the world of internet security and cloud computing.

 

1. If a firewall was meant to analyze packets and the like from connecting to the pc, how does it manage its own?

2. Would it not be a probable source of exploit?

3. How will it block inbound and outbound traffic (assuming it is bidirectional) if in case the connection is slow?

4. Would it not slow down networking significantly if the firewall is also making another connection (applying QoS) and/or because the requests are redirected before being analyzed? How will the firewall be able to respond immediately?

[Bigfootr]

As long as you make the cloud firewall light. There is yet to be a light-on-resources firewall.

[ritchie58]

The newest version of Comodo Firewall (version 5.0) uses a community based approach. When installing the firewall you can "opt in' to an option where your program allow or deny decisions are sent to their servers and shared with other Comodo Firewall users. So you can view the percentage of people who allowed or denied the same program unless it's a new program that hasn't been seen yet. An excellent added safety measure for a firewall I believe. Bigfootr, Comodo Firewall is very light on system resources (a little over 8 1/2 Mbs of RAM when idle) compared to, lets say, ZoneAlarm (used this for years) which is a big resource hog. After Zone Alarm I used Online Armor which has a fairly light footprint as well but has compatibility issues with Immunet. That's why I switched From OA to Comodo.

[Guest Saimon]

What about me,i use ProteMac NetMine.It's firewall for Mac.It's helps me a lot,for protect my Mac.

[SMPRICESOLUTIONS]

This is already a feature in Trend Micro products with their Smart Protection Network. See: http://us.trendmicro.com/imperia/md/content/us/pdf/serviceproviders/titanium_wp_titanium3-and-the-windows-firewall.pdf

[Guest JOHN]

What's preventing IMMUNET from adding Firewall & Anti-spyware to have complete Internet Security?-JOHN

[biter]

agree, I heard about ProteMac NetMine ( www.protemac.com ) a lot of positive reviews...

[trickpirata]

Just wanted to re-up this thread. Is Immunet gonna make this possible? If immunet wants to compete with panda cloud(which has now have an firewall), immunet should make this happen.

[Pedersen]

A cloud firewall isnt on he board "yet". It might happen that ISP is included into Immunet through Sourcefire solutions.

 

 

Best regards

Pedersen

[Ooli]

wanted to voice my need for something like that too

[johnjonson121]

This is really great idea.

[LimboSlam]

Agree, this definitely a good idea! Hope it comes soon in the next release!

[Adrenaline]

I feel like I need to bump this. It would be killer to have a firewall.