NetBarrier -- yes or no?

IMHO -- a resounding "No!!!!!!" regarding NetBarrier.

Well, and I'm not being flippant...it depends.

First of all, Netbarrier doesn't exist any more, all of it's functionality has been combined with Intego's anti-virus programs into a single application called Virusbarrier. So, do you want to pay for an anti-virus that you don't need? Or maybe you spend a lot of time interacting with Windows systems and want to not be a Typhoid Mary and do want it (or have a network security policy that requires all clients to have anti-virus).

The OS X built-in firewall is, in my opinion, a VERY basic application layer firewall. If you don't need more than very coarse-grained control (such as restricting network access by application), then it is probably fine. If you want very fine-grained control (such as restricting access by application to specific ports and protocols, or run-time behavioural analysis of the applications) then you may want something like Virusbarrier.

There are a few other features in Virusbarrier that may be useful, too. But ultimately it all depends on your threat-risk assessment and your requirements. And pocketbook, too, I suppose.

Jimy --
Have you read this yet?
http://www.reedcorner.net/thomas/guides/macvirus.
It's written by a great contributor here, Thomas Reed.
Lots and lots of really good and fair information.

I haven't had any anti-virus apps on my Macs since OS 8.6. . .
So for me, since after 1993. No viruses, no problems, no slow-downs due to AV apps.

In all fairness, I don't think he's concerned about viruses. He asked specifically about firewalls. While there are certainly no OS X viruses, network security is (or should be) a concern for everyone.

g --

I understand . . .
I also know how many people come here with crashes all over the place,
can't access websites, and the culprit turns out to be Intego/NetBarrier.

It is just my opinion, as I said.

Well, that's a valid point. Unfortunately it's probably a valid point for any third-party software that loads kernel modules.

All I can really say is that I've never had any significant problems with VirusbarrierX6 that wasn't the direct result of me doing something actively stupid (like running a port scan from another computer on my network to confirm some security settings in a way that caused my gateway to be blacklisted...which I didn't notice until a few hours of no internet frustration had passed...)

I guess that's on the neutral side of the equation.

On the plus side, I've found their customer support to be outstanding. To the point where I've sometimes gotten updates directly from their customer support a week in advance of general releases for testing, after submitting bug reports...leading me to believe that bug reports I submitted were being immediately addressed by their technical staff. I can only think of a few companies I've dealt with that gave that level of response.

On the negative side, I only upgraded to VirusbarrierX6 because I was already using NetbarrierX5. I didn't really want or need the virus scanner. And while I'm sure there are good business reasons they decided to drop down to two integrated products, I personally preferred when they had a larger line of separate products so you didn't have to buy stuff you didn't need.

But anyway, having said al that, my opinion is that he needs to do an assessment of his vulnerabilities and threat/risk profile. Then he'll be in a position to determine what he needs for protection and if Netbarrier, or anything else, if an appropriate solution.

What kind of router are you using? Generally, the Mac OS X Firewall is unnecessary if you are behind a NAT router.

I agree, Barney.

Netgear?
I believe all of theirs block all incoming connections by default, but I don't know enough about them to say they are sufficient. Reading their documentation, I would say yes.

I have firewall in modem and then netgear router/switch with logging and can see what type of traffic there is.

Even when my Netgear modem NAT default says it blocks, I still find I need to add and configure services and rules for its firewall to filter and block, with option to block outgoing as well as incoming or all.

I assume , since you have a laptop, you use it in more than one location. Hardware firewalls (built in routers) are the perfect solution, unless you require portability.

Door Stop X is a good (stateful packet) firewall solution and latest version is SL (10.6.x) friendly.
http://www.opendoor.com/doorstop/DoorStopFeatures.html

Little Snitch is another good firewall solution.
http://www.obdev.at/products/littlesnitch/index.html

These firewalls work with SL's excellent Application firewall. These allow more flexible configuration
options, allowing you to grant specific permissions to your trusted applications or to prevent
others from establishing particular Internet connections at all. Also you can shut select ports
off completely if desired, additionally, detailed information of all incoming and outgoing
network traffic is logged.

If you want the ultimate security when bouncing around mobile, then use a vpn tunneling
service like anonymizer universal. Anonymizer Universal, and SL's firewall is definitely the
complete mobile solution.
http://www.anonymizer.com/universal/

Kj

sounds like most of the posters would do well with noobproof: http://www.hanynet.com/noobproof/

It's free, open source, and you can park a truck of rulesets in it if you want to. They also have another free, advanced firewall config app: http://www.hanynet.com/waterroof/index.html

Don't depend on os x application firewall settings. You can't really be safe unless you enable ipfw rulesets, and since Apple knows most users don't know how, noobproof becomes a really great middleground.