@ Archean
Assuming your question was directed to me... I am still on an xp system :haha:
but I have been looking seriously for my next computer, and researching what will be needed for it.
Jobeard is the one who
most recently assured me of the adequacy of Win7 Firewall.
He also is the one who alerted me to
Kerio by Sunbelt.
Route44 pointed me to
Comodo and especially
Online Armor. I have used both of these, and prefer OA. :approve:
From my (incomplete) Anti-Malware training...
In anti-malware circles, Comodo and OA are most often recommended.
Avira and Avast usually get the highest marks for AV. (I prefer Avira).
I also have MBAM, and SAS, and Spybot, (but do not care for their Teatimer - I have had issues, and have seen too many others with issues).
I also recommend periodic av on-line checks, such as with Kaspersky.
No av is 100%, but these, with safe surfing, should keep you adequately protected.
Jobeard also has been educating me on the need for a "layered" security plan.
Jobeard said:
Security is provided in a LAYERED approach, each layer presenting a bump in the road for attackers to get over.
That said, the USER presents the weak link regardless of how many layers are in place.
Why? Because every time you click on a link to visit a page or open an email attachment, you have no idea what is actually received by your computer.
Summary of the "Layers" -
- First Layer - Router between modem and system.
- "This creates a NAT (Network Address Translation) LAYER to stop alll direct attacks from the Internet.... "
- Second Layer - A Software Firewall, on the Workstation -
- Needs to control both inbound and outbound traffic.
- Third Layer - Access control to ensure you don't access known infected sites.
- (ie black and whitelist systems, including a "hosts file")
- Fourth Layer - AV product - Should scan inbound email.
- BUT this cannot catch links in email to sites that will infect you simply by visiting...
- Hence the warning above about the User being the weak link!
- DO NOT CLICK ON EMAIL LINKS!
- Fifth Layer - NEVER EVER go on-line from an Administrator account.
- Always use a "user account" with restricted privileges.
- Sixth Layer - Safe Surfing -
- Avoiding known malware vectors like "filesharing" (including music) and "pron" etc.
If this kind of approach is consistently implemented, I believe it should not be necessary to add the seventh layer of a VM or "sandbox" (unmentioned in Jobeard's tutorial).