I need to pick a firewall. Here's my situation:
-- Cable Broadband connection (Comcast@Home)
-- Linksys 4-port switch (not router)
-- Win 98 Laptop (mine), Win 98 Desktop, Win ME laptop
-- Use VPN connection on my laptop to connect to office network.

I need a firewall that:
-- I can install on all three computers
-- Will allow me to share my desktop drives with the laptops without exposing them to the internet.
-- Won't interfere with the office network
-- Doesn't cost a lot
-- Can be installed and used effectively with little knowledge of ports and rules, etc. (Tiny set up overwhelms me).

Will Norton Personal Firewall meet these requirements? (since I also need a virus program). Would Zone Alarm be better? Are there others I should consider?

Thanks in advance for your kind advice.

Well I would say use ZoneAlarm. I use it and I have a network set-up and it doesnt interfere at all. It costs Nothing and you dont have to know a lot.

I have use Zone Alarm and Norton and I prefer Zone Alarm. I prefer it due to the fact that you can control every program that wants to access the internet, set levels of security and it less complex when trying to stop and aplication from doing something. IMHO

Matt has put you on ther right track.
ZoneAlarm at www.zonelabs.com
or
Sygate at www.sygatech.com

I could suggest Outpost from Atignum but as it is in beta you may have a few problems with it. Great product though and due for release soon.

Croc.

Most (read: good) VPN solutions have an integrated firewall on the client side. I know this is the case for Symantec's Raptor Firewall. (Now Symantec Enterprise Firewall) Think about it like this: If you are connected to your corporate net without a firewall supporting your laptop, all a hacker/cracker/script kiddie would have to do is hack YOUR machine to have access to the corporate net. It is very wise for most firewall manufacturers who also make VPN clients to integrate the "personal" firewall solution.

Other than that, I have had great success with ZoneAlarm. The free version is just fine. The $$$ version only incorporates email filtering which most antivirus suites already take care of.

I do penetration testing as my 9-5 and I have never once been able to break into my mchine at home.

Hope this helps.

Thank you all for your excellent advice.

I downloaded and installed the free ZoneAlarm firewall and, except for minor issues, it has worked great. However, It has slowed my web browsing substantially and has made my VPN connection so slow as to be worse than a dial up connection.

Can this be corrected or is it the nature of the beast? Would using a router be a better solution? Is it true that routers have built-in firewalls? Would they be as slow? If I should get a router, I've been looking at the Linksys EtherFast Cable/DSL router. Would this meet my needs.

My Cable ISP (Comcast@Home) requires that I change the name and workgroup of my computer to one they assign and say that I have to buy additional "addresses" for my other two computers. If I had a router, can I avoid having to buy the two additional addresses @$7/month each. If so, this would certainly justify the cost of the router.

I have not experienced any lag due to ZoneAlarm being installed, however, you may want to tweak the settings - possibly move from high to medium security if that's the case. Also, make sure you are running the latest version and patches of your internet browser.

I also haven't seen any personal/home routers with a built in firewall. Most of these types of routers are reserved for companies with money to burn.

Next, unless you have Remote Access Services turned on, meaning you are allowing people to dial INTO your computer, you shouldn't need to keep zone alarm turned on while you are connected via VPN. VPN traffic by nature is encrypted, the host you are connected to is trusted, therefore there is no real reason to have a firewall filtering the traffic coming in thru the VPN tunnel.

My suggestion is to grab that old computer you were about to throw away, load your favorite flavor of linux on it and use the ipchains firewall and web proxy service. This will allow you to kill 2 birds. A) You have a really good firewall looking at all traffic coming to your system and B) This will allow you to subnet any other machines if you want to create an internal network.

I stand corrected. Just got done reading the info that Linksys has on their at home router. This looks like it might be a viable solution for you. Let us know how it turns out.

Regards

HistoryBuff Try the new release of sygate that just came out it has more settings Plus you will be able to set a advanced rule for your VPN and is free. www.sygate.com version 4.1 Build 814 was just release a few weeks ago. GoodLuck!;)