I wanted to start this topic to provide some feedback to developers. However, if we notice here something we most benefited from CFP, new users learn more things about it.
Firstly, for me, the best part of CFP which I benefit is “Application Monitor”. This magic baton is very skilfull. See below log:
Sometimes speed of Internet is getting very slow at the work. After a packet analysis I saw that 50% of our Internet traffic is about “239.255.255.250 upnp-mcast” and it is unnecessary. There is firewall on DSL modem but there is not an “Application Monitor”. I could make no rule on modem’s firewall to stop this traffic. CFP on client’s computers can do this. I believe it patches a huge insufficiency.
This was only an experience from me. What about you?
Let’s see… I think my take is Advanced Protocol Analysis + Intrusion Detection. My gateway/NAT server used to be so slow… an analysis of the log shows a lot of malformed packet. Such attacks stopped after CFP is installed, I guess because CFP makes wannabe-intruders’ procedure so slow.
The easy-to-understand Network Monitor also helps me tame the users of the NAT server, so they are forced to browse via a proxy.
Now, if only my settings are password-protectable…
One feature? Hmm. Coming from firewalls without this type of setup, I think I’ll go with the layered security.
It took me a little bit (as I think it has with many users) to get my head around the idea of creating both application and network rules to allow traffic (or block it, for that matter). Once I got that figured out, I have as much control over my applications connecting, as I want. I can be a ultra-paranoid MS/govt conspiracy freak, or an ultra-liberal bleeding heart for my applications’ connectivity… ;D A full range, indeed. I like that.