[Full-disclosure] PC Firewall Choices

I am looking at supplementing the Windows XP (Pro) SP2 Firewall with a third party product on a bunch of Windows machines. I am trying to determine what product to go with and wanted to solicit some opinions from this mailing list. The four that I really come across and have used in some cases are ZoneAlarm, Sygate, Norton, Kerio, and Tiny. My understanding is that Norton has actually acquired Sygate and that the Sygate Personal Firewall probably wouldn't be the best choice of these now. With that in mind I am looking for a product that easy to setup, easy to use, works well, and does not take up too much in terms of system resources or harddrive space ( I also don't want it to add 20 minutes to the boot process either).

I am not looking for e-mail protection, anitivrus, or any other non-firewall type services to be included. I do however want it to be able to manage applications and their internet usage. (i.e. if they install something new that tries to access the web (trojans included) they will get a popup telling them something is doing this).

Any suggestions and opinions on the above products and any others that I might not have mentioned are welcomed.

Also -- on top of this if someone knows of software/hardware that can scan these machines and verify whether or not both the SP2 FW and/or the 3rd part FW -- and perhaps prevent them network access if they are not running -- please let me know. [I am not sure what security products have these capabilities]



_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/