Hi ,ive used zonealarm for a couple of years now,its ok most of the time,but then plays up now & then,not letting me connect to the internet etc,Then i tried Sygate,no problems easy to use & set up,dont know about the other firewall you mentioned,forget the xp firewall its useless.Hope this may help.
Enyo when you say...Tiny is a very powerful solution .... are you referring to the newest version they have or are you also referring to the older free version that looks similar to the older Kerio version. I think the version numbers are something like 2.1.x
Sorry, Kerio is a replacement of the old Tiny firewalls, kerio 2.1.4 and above are indeed better than the old Tiny builds.
The new tiny firewall is often mentioned as the powerful one, it has stateful packet inspection and sandboxing for example.
Tiny's most notable for being a full blown "sandbox", with a somewhat confusing packet filter component (hint... dropping the straightforward rule structure that Kerio continued to use for that silly "object oriented" metaphor was a HUGE mistake, if you ask me... hint... go back to the simnple structure of Kerio ) ...
It's very good, though a packet filter's a packet filter, and if that's all you want (ports-IP's-apps-permissions), go with Kerio, it's a great packet filter, lots simpler, and free.
Tiny's biggest claim to fame, now, is the sandbox... and yes, that's entirely unique, in the current market. Best in class. It's also a little steep on the learning curve, for some.
What a sandbox does is to control access between applications and between apps and the OS at the application layer. That's quite powerful. To give a rough idea what it does, your trojan and virus scanners looks for ports, filenames, registry entries, and so forth, and then compares them with a database ("signature file") that has to be up to date, and can only reflect known exploits, and variations on known exploits. A sandbox works on the fly, looking for behaviors that are usually suspect, and are quantifiable because an OS and an API only has a certain set of potential activities. Therefore, no databases are needed, you simply force applications to "play in their own sandboxes." That is, you monitor and control what they can access outside of their own subset, and you monitor and control what can access them...
Crude explanation, I fear ... but hopefully gets the point across. There are really no other "consumer" apps, at least yet, that employ sandboxing effectively. Tiny's "Trojan Trap," the crown jewel of what's now the firewall, is a direct descendent of what was once called Secure4U, and drew inspiration from the CMDS enterprise security suite that Tiny has been developing in partnership with. Essentially, they're products of the high security enterprise environment. As of this time, my own opinion is best, if not "only", in class in this type of software. Others have released similar concepts, but Tiny's the only entry in the market available, right now, that's not a very limited, sort of buggy-iffy implementation.
Just to wrap up, Tiny split into two development threads, some time back. The new Tiny is built mainly around the sandbox. Kerio continues the old "basic packet filter" Tiny line of development, although it's adding new features in the 3.x beta releases, without sacrificing its legendary small resource profile by much doing it.
Hope that helps you sort out the players... as of this time, though, Tiny and Kerio are quite different animals in the firewall world. Both share a common ancestry, but they've definitely branched each into its own direction. As of now, Kerio is heir to the "old Tiny" simple packet filter model, and Tiny is heir to the "Trojan Trap" pedigree...
Kerio uses about 4MB mem (peak 4MB), very little CPU time indeed, normally does not even register on performance counters (remains on 0 secs time) after a full 8 hour session, so you see it needs very little processing time.
Kerio is also a single-process firewall, whereas NIS/NPF tend to use multi-process / multi-module adding to resource requirements.
Kerios low level driver is also very small, as i say above the process itself does not use much in the terms of CPU time, this is mainly because the low level driver does all the processing, again very little.
You wont notice a performance loss with Kerio but as it goes with Norton products your PC should be a little more able in order to run them well, i myself did not notice the differance between the two but in terms of raw data Kerio beats it.
Dealer, the two combined is great but i would not move to sandboxing and ditch the RT scanner just yet the implimentations right now dont really appeal to me. Kerios "Sandboxing" is not enougth for sure.
I have not spent much time with sandboxing applications, Kerio annoys the hell out of me with process spawning alerts its a pain and i dont like it.
Tiny is OK, too powerful for home use and complex, a little OTT in some respects.