Review: NetBarrier 2.0.3
Developer: Intego (product page)
Price: $59.95; $29.95 (upgrade from 1.x)
Requirements: Mac OS 8.1 (Mac OS X version forthcoming)
Since my last review of NetBarrier 1.5.1 a little over a year ago, the program has moved up to version 2.0.3, with a number of new features and improvements. If you’re not familiar with the program, I suggest you check out that review before reading this one. While the biggest area of new features is NetBarrier’s filters, small-but-nice improvements have been made to the Firewall portion of the program, and there are a few completely new features. The manual, updated for the new version, is still excellent; I really wish all programs were this well-documented.
The first thing you’ll notice with this version of NetBarrier (whether you’re upgrading or not) is the new interface, which, oddly, looks Aqua-like. That’s odd because the program only runs in Classic; the OS X version is forthcoming. Its appearance on a 9.x machine is a bit disconcerting, with all other windows adhering to settings in the Appearance control panel.
There’s also a new Net Update feature to—you guessed it—update your copy of NetBarrier (or other Intego products). It’s very easy to use: just select it from the NetBarrier menu, and it polls Intego’s server for the most recent versions of their programs. Items that are up to date are grayed out. The others can be selected and updated. Optionally, you can configure Net Update to run automatically, though I prefer to do all my updating manually, just to keep track of what’s going on with my computer.
Finally, NetBarrier has added a Control Strip item to allow convenient access to certain settings, and to display useful information. You can choose from among several different configurations (if you’ve defined more than one), change your Firewall settings, and activate/deactivate various types of Web filtering (see below). You can also see lights come on for incoming or outgoing network traffic, of any of several possible types, or all IP traffic of any kind. This is actually a feature I really love on Virtual PC (it flashes a light while network communication is taking place), so it’s nice to have it on my Mac.
The basic options for NetBarrier’s firewall are unchanged…and they didn’t need any changing. There are several simple pre-programmed sets of rules from which a user can choose, or you can define (at your own peril) a custom set of filtering rules. In this version of NetBarrier, the filtering rules you’ve selected show up on the “General” pane, making it easier to view what rules you’ve made if you’ve gone the custom route.
The gauges for monitoring different types of network activity have been moved onto a new tab, and there’s one small but very handy improvement to the gauges: you can, from a pop-up menu, specify which kinds of activity you want the gauge to monitor. The pane can also be miniaturized, either vertically or horizontally, into a small window just showing the gauges, so you can keep an eye on network activity as you’re working. Of course, you can also just look at the control strip module for that information, depending on your needs.
My criticisms of the log feature in 1.5.1, unfortunately, still stand. Small niceties like the ability to copy one or more lines from the log for pasting into another application have been added, but overall the logging capabilities of NetBarrier leave a good deal to be desired. If logging is a major consideration to you, you might want to consider DoorStop, whose logging capabilities highly impressed me, especially combined with the ability to “Learn More” about a particular incident. By contrast, NetBarrier’s “Info” popup shows nothing whatsoever when you click on an incident in the log. If you mouse over the “Kind” column, you can see the port for a rejected connection, but there’s no way to enlarge the window so the information fits without the mouseover, much less sort by the port number.
I mention the Anti-Vandal feature of the program here only for completeness; it is virtually unchanged from the previous version of the program, nor did it need changing. Its purpose is to prevent deliberate intrusions on your computer, port scanning, ping flooding, and the like. It is now possible to specify Ping Sensitivity, but the scale for doing so is unlabeled, ranging simply from “Low” to “High,” and the manual is uncharacteristically silent on specifics.
Most of the new features to this version of NetBarrier are in its filters. Moving well beyond blocking certain data from being sent from your computer, the program now provides filtering to block banner advertising, cookies, and spam from getting to your computer. Filter is also the feature I had the most problems with in the previous version, so I’ll go into some detail on this set of features.
The Data filter in 1.5.1 gave me a lot of problems, and I’m sad to report that those problems have not been addressed in the new version of NetBarrier. This filter allows you to specify a string of text not allowed to leave your computer (such as unencrypted passwords or credit card data, or confidential documents), a great idea, if only it would work right! Just as in the previous version, however, when an alert is displayed telling you that protected data is trying to leave your computer, your only options are to allow the data to pass or to “stop list” the computer the information is being sent to…and if you pick the latter option, your computer conveniently freezes up. (In 1.5.1, it eventually unfroze on its own after several minutes, cutting you off from the machine you were sending data to; in my experience with 2.0.3, the freeze never thawed, and I was eventually forced to restart my Mac.) And that’s only the most basic problem I had with the Data filter; check out the original review for all the gory details.
While Intego didn’t fix the problems with the data filter, they did make it a bit more versatile. Now, when you specify data that can’t go out, you can specify services (by port number; there’s a drop-down menu of some common ones) through which the data can be transferred. Unfortunately, that’s as far as it goes: you can’t specify specific IP addresses (or a range) to which the data can be transferred, which would be quite useful.
The data filter is still easily the worst part of NetBarrier, and as good an idea as it is, I suggest you avoid using it. If someone tries to access protected data (or you inadvertently start sending it to someone), preventing the send will freeze your machine, at best for several minutes, and at worst you’ll have to force restart it. I really wish Intego had fixed this feature’s problems instead of just padding it with more options.
While there are few more praiseworthy goals than filtering ads and spam, NetBarrier is just not a good choice of program to achieve that goal…through no fault of NetBarrier’s own. I should note up front that I am undoubtedly spoiled by iCab’s phenomenal banner filtering and Mailsmith’s virtually unlimited filtering capabilities. If you are someone who has to use IE or Netscape for your browsing, you will likely find NetBarrier’s filtering to be better than the nothing built into your browser.
Why don’t I like NetBarrier’s filtering? Say you see an ad banner on a Web page. In iCab, you’d control-click, select Filter Image…, and it’d give you hoards of choices for filtering, either by size (automatically filling in the size of the selected image), URL, Server, filename, or path (of the image), or any of those things for the page being linked to. Whichever of those options you select is automatically filled in with the appropriate value for the image you control-clicked.
With NetBarrier, the process is not nearly so simple. First you have to find out the URL of the image…you can mouse over to get the page the ad links to (sometimes, if there isn’t a text message that appears instead of the URL), but that isn’t necessarily what you need. You have to filter the ad image, you can’t filter by what it links to, and sometimes the images are on a server other than the one they point to. Your best bet is to control click the ad, Open in New Window, and copy the URL. Then, you have to open NetBarrier, click the Filters button, then the Banner tab, then “Add,” paste the URL, delete the part you don’t want, maybe change one or both drop-down menu options (Host Name/URL Path and Contains/Is), click OK, close NetBarrier, and resume surfing. That’s a lot of steps.
Finally, in iCab, if you want to load a filtered image, it’s as easy as control-clicking to Load Missing Image. With NetBarrier, you have to figure out what the URL is, go to NetBarrier, figure out which filter criterion is keeping the desired image from loading, disable it, return to your browser and reload. You could more simply turn off banner filtering from the control strip, but then you’d get all the ad images next time, rather than just the one you want.
The Mail filter suffers from similar problems. I haven’t tried it, because of this line in the (highly impressive) manual: “If you receive an e-mail with [a filtered] subject, NetBarrier will erase it on your mail server, so you never have to download it.” You will never see a filtered message, so if it was a legitimate e-mail, you’ll never have a chance to rescue it, and you’ll never know you missed it.
The filter options are Subject/Author/Sender and Contains/ls. It’d be dangerous to use “contains”… no matter how careful you are, you’ll probably end up losing an e-mail you want to receive at some point. On the other hand, with “Is,” you’d likely only filter the one spam you received, and no others: spammers vary subjects, author names, and senders all the time.
A considerable number of spam messages I receive, however, have subjects ending in a large number of spaces followed by a four-digit number. Mailsmith lets me filter for that; most programs can filter e-mails with, say, four consecutive spaces in the Subject field, putting them into a “spam” folder. Scroll through real quick, verify that they’re junk, and delete them…or see that a friend’s e-mail got caught in there and rescue it. Since NetBarrier deletes offending messages from the server, you don’t get that chance to rescue misfiltered mail.
NetBarrier also doesn’t allow you to filter by the body of the message, or elements of the header other than those mentioned above. In the end, you’re much better off using the e-mail filtering capabilities in your e-mail client, which are certainly safer and likely more robust.
Finally, on the “Surf” tab, you can turn off, count, and delete (all) cookies. Sort of. This might be an issue with iCab, just because it’s a less popular browser than Netscape and IE, but the delete cookies button just plain doesn’t work (it leaves all the cookies I’ve accepted intact), and the count feature counts cookies I don’t accept (perhaps it counts every cookie that’s offered to your computer, rather than every one you accept?). Fortunately, most if not all Web browsers now offer some form of cookie management, at least having an option to ask the user about accepting a particular cookie, or specifying one to delete.
You can also, from the Surf tab, prevent your computer from revealing which computer/browser you’re surfing from and the last Web site you visited. Again, I do this through iCab, but if you use another browser, these options might come in handy…just be aware you might get error messages from some sites saying your Web browser isn’t compatible with the site as a result of not revealing your (perfectly compatible) browser’s name.
NetBarrier, already a very powerful and versatile network security program, has added a number of very nice tweaks and several entirely new features in this latest version. While the Web-related filtering capabilities are well-intentioned, and NetBarrier arguably does as well with them as can be expected, such filtering really needs to be done by browsers and e-mailers if it is to be robust and friendly enough for most users. Major problems with the data filtering, and inadequacies in the logging capabilities, have not changed with the new version, however, preventing the program from receiving a higher rating than the last reviewed version. That said, I do recommend NetBarrier to anyone who needs a firewall program: it’s highly customizable, and should meet the needs of anyone from the home user to the server administrator.