I have previously used Agnitum Outpost as my personal firewall.
One obvious difference between the two products is that Outpost has a set of standard firewall rules that is applied according to the behaviour of the application. If a program accesses the internet via port 80, Outpost will pop-up and ask “Is this a browser?”, and if yes, a set of standard rules for browsers are configured for this application.
With CPF it seems that if you allow an application to access the internet, the standard is that all communication in one direction is allowed. If you want to limit the application, you have to create the rules yourself. While this certainly creates fewer problems, I wonder if the security is the same. Maybe I have not completely understood the workings of CPF. Is there any way of preventing allowed applications from using other protocols than the ones they are supposed to use? I do not expect an email program to use other ports than normal email ports,a nd I would like my firewall to alert me when it happens.
Another difference is that Outpost alerts me when a program has been changed (updated), and asks if this is OK. It seems that CPF merely asks for sets up new rules for the updated program without actually informing me that this program already has a set of rules. This would leave outdated rules in the system, and it would mean that I have to set up the same rules whenever a program has been updated.
I only installed CPF yesterday, and I have only updated a single program, and I might have gor something wrong, so I apologise if I am wrong.
If you click on SECURITY - APPLICATION MONITOR, you will see a list of the application rules in CPF. Double clicking one of these displays the current settings for that app. In this dialogue you can fine tune to your hearts content - protocol, direction, port, source, destination - as tight or as loose as you want.
If a program gets updated, CPF will detect the change in cryptographic signature and alert you accordingly. If allowed, the pre-existing rules for the application will still apply to the updated version.
I have found that setting the alert level to high will make CPF generate the appropriate rules. And the trick about double-clicking the application in the application monitor works beautifully, especially how superfluous rules are automatically removed if you have broadened a rule!
I still think that having names rule sets that could be applied to an application would have been a fine idea, but that would be another product, or perhaps another time!
Hmm, I have just found that having determined the correct rules for Firefox, I cannot just copy the rules to Internet Explorer. Or can I? Do you know a way to copy rules, especially how to add an extra rule for an application without having to type the details for an application all over again?