14 DAY TRIAL // Firewalls are generally regarded as complicated software programs that cannot be easily handled unless you are an experienced user.
Lately, this perception has been sweetened through the development of user-friendly software that can be easily handled by less advanced users.
SpyShelter Firewall has been designed as a simple alternative to similar solutions that can fend off malicious attacks without putting the user through complicated settings.
The application does not come free of charge, but it can be fully tested for a period of 14 days. You can purchase a lifetime license for $45.95 / 35 EUR (VAT not included); this means that all subsequent updates are available at no additional cost.
Although this is a firewall solution, it is not much different from SpyShelter Premium, whose main mission is to keep you protected from activity logging applications. Actually, it provides all the settings and protection modules available in the Premium version.
These include mainly capturing keystrokes, screen grabs, audio logging, webcam captures, and copying clipboard content.
As such, the product also integrates anti-logging capabilities along with the firewall feature.
Installing the application is pretty simple and the only stop you have to make is for enabling keystroke encryption driver, which can scramble up input in any application, leaving any intercepting utility with useless data; only the window currently in focus receives the unencrypted information.
This step of the installation also allows you to set the default protection level (high or medium), which has an impact on the number of alerts generated. Restarting the system is required in order to complete the installation process.
The interface is exactly the same as in the case of SpyShelter Premium but with an added firewall module, which can be disabled just like the anti-logging features.
Configuring the two-way firewall is limited to allowing or denying connections and defining the trust level for the networks. It works based on rules that are created by the user from the alert panel triggered when a process initiates a connection.
The choices at hand can permit or restrict the passage of data once or permanently, in which case a rule is created and you will not be bothered in the future for similar alerts.
There is also the possibility to disable monitoring for all protection modules for the respective process.
What SpyShelter Firewall falls short of is the option to customize the rules, which would result in fewer notifications from the get go. On the other hand, the developer makes available the possibility to build white/blacklists with files and folder from their context menu.
Apart from setting up rules, the program’s alerts can be controlled through the security level chosen, which relies on the certification of a process as well as an internal database with safe applications. You can also choose to automatically allow only programs that have been signed by Microsoft and decide yourself for the others.
During our tests, we found it susceptible to a very small number of malicious activities. One of them relied on Windows Background Intelligent Transfer (BITS) to connect to the internet.
Even with a firewall this aggressive, a less experienced user might allow the connection, which could deliver malicious files on the computer. However, it is highly unlikely that the activity of the threats would remain undetected when attempting communication outside the computer.
Tests run by the security experts showed the product’s efficiency in a test conducted on a previous version, ranking it fourth on the list of recommended firewalls, with a score of 85%, just one unit under Kaspersky Internet Security 2013.
Lack of configuration in SpyShelter Firewall has been explained by the developer by focusing on more dangerous malware such as keyloggers and threats targeting financial information; but there are plans to extend the lists with safe applications and for editing the rules in future releases of the product.
The list of actions monitored by the firewall component includes incoming network packets, outgoing network access, execution of an application, control of a program via DDE (Dynamic Data Exchange) and accessing the network through the DNS Resolver service. You can find the entire list under the “Settings” tab in the main application window.
The Good
It includes protective measures against terminating its process from Task Manager as well as for access to the main application window.
Keystroke protection component makes sure that only the intended applications receive unencrypted keyboard input.
