New in 2017.8: Windows Firewall Fortification

New in 2017.8: Windows Firewall Fortification

2017-8-update-blog-banner

As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall.

To resolve this vulnerability, we’ve developed a new Firewall Fortification feature for Emsisoft Anti-Malware’s Behavior Blocker as part of our 2017.8 release. Firewall Fortification detects and intercepts malicious actions from non-trustworthy programs in real time before they can cause any damage.

behavior-blocker-firewall-alert

Behavior Blocker alert: Firewall manipulation

All 2017.8 improvements in a nutshell

Emsisoft Anti-Malware

  • New: Firewall Fortification feature that blocks illegitimate manipulations of Windows Firewall rules.
  • Improved: Forensics logging.
  • Fixed: Rare program freezes on opening the forensics log, confirming of surf protection notifications and during malware detection.
  • Fixed: Computer restart instead of computer shutdown executed, when set for a silent scan.
  • Several minor tweaks and fixes.

Emsisoft Enterprise Console

  • Improved certificate handling to avoid connectivity issues.
  • Several minor user interface improvements.
  • Several minor tweaks and fixes.

Emsisoft Emergency Kit

  • New: Forensic Log: A condensed timeline that shows all events and user actions in an easy to read form.
  • Several minor tweaks and fixes.

How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great, well-protected day!

  • Gürgün Dayıoğlu

    Thanks, Emsisoft. As always you did a great job and at first, I was really wondering if removing the firewall was a good thing or not but when I saw the Firewall Fortification feature I was again really confident that this is a great step at keeping the software bloat-free and letting you guys focus more on the anti-malware part :D

    • Laser_Beam

      So now the Firewall suddenly becomes “bloat” to justify this move? Come on…

      • This is not what we meant, the firewall in Emsisoft IS while useful was not a absolute necessity in term of protection for home users , main reason is that they are covered by both their NAT router and Windows Firewall. We just decided to move the outbound connection control from the firewall to the Behavior Blocker this control is what most of our users need; then remove the Firewall module.

        • Just talking in general:
          a) You assume everyone has a NAT router.
          b) You assume everyone uses, or cares to use, the Windows Firewall.
          c) You forget that people may want things they don’t need. Heck, a computer may not be an absolute necessity, you could technically survive without one, right? Same for security software on it, for that matter.
          d) You forget that Emsisoft is a niche player, so those who chose it likely did so for specific reasons, probably after looking through the more popular options and discarding them. Going the same way as those shouldn’t be the way for you, you should be looking at those with specific needs and desires that don’t fit what “most” want or use.

          • a, I do not know a single person, who does not, with the shortage of IPv4
            b, people who do not care about WF, use it by default, so no problem there
            c, anti-malware should be just that, not to serve coffee or add bloatware (AVG)
            d, creating a product for 0,01% users is hardly any company’s goal

          • a) You do now.
            b) Was referring to those who do not want to use it.
            c) So what does one who does want more than plain anti-malware use? Keep in mind that stuff adding such controls may conflict with anti-malware solutions and vice-versa, so not having it as part of a security suite can cause problems at any point.
            d)
            – So where does that minority go?
            – Highly doubt it’s just 0.01%.
            – Even so, 0.01% of Windows users worldwide is still some 150k people. Quite a chunk of people to just toss aside.

          • a, congrats, you are unique, btw, using a public IP is actually the worst idea from the security point (most people have to pay for it extra)
            b, they can use any other 3rd party firewall, but most of them have died out for the same reason, they are useless, they do not offer anything extra, but a different GUI. I really liked PrivateFirewall and Outpost.
            c, it should not cause conflicts, unless it is a rubbish software or a combo like anti-malware with a firewall, which can interfere, even if its other modules are disabled, thus solo products are the best
            d, Windows users are not Emsisoft users, besides most people like it, if they would get a lot of negative feedback, they would reconsider it, but thus far, there are only a few lonely rangers out there, who do not like it

        • namitutonka

          So, my understanding is Emsisoft IS will automatically update with an included Behavior Blocker specific to Windows Firewall. What does “then remove the Firewall module” mean?

        • luna

          For me, for one, this is a good thing. I have an Acer laptop. The
          bloatware that is McAfee disables the windows firewall to try and force
          you to use there own. I’ve never used McAfee that is on my laptop but in
          the past I was unhappy with it anyway because it didn’t do what I
          needed to do, and frankly, I read the TOS and was not amused by the
          standard of basically putting more effort into taking info for ads and
          whatnot and how it basically says they can do whatevs with your
          information. We had the version of emsisoft, when it was available, that
          had the firewall and were disappointed when it disappeared. I do agree
          maybe it might make people mad if they have a firewall they prefer
          already… but to a a lot of people, especially people like us who were
          screwed over my bloatware and the apparent inability to get rid of it
          without someone who knows scripting apparently(to make sure every bit of
          it is gone entirely and no ill effects are left behind for it to
          continue to screw around with stuff)… emsisoft was the only firewall I
          had. Now I just don’t have one because even though I refuse to enable
          McAfee, it’s still causing my firewall to just not activate. So for
          us… we want the firewall back. We had it, now we don’t, and it’s a bit
          distressing… but I understand how if someone doesn’t want it or need
          it and feels they are protected by what they have, adding it like that
          to merge things like that might just make them mad, especially as many
          programs like mcafee disable other firewalls and will not work with
          another firewall otherwise. They do this to force you to pick, in hopes
          you will pick them. With my old computer I never had the problem. I had
          two firewalls going, the microsoft firewall and Emsisoft firewall, now I
          have niether and it’s not a comfortable place to be but I am not paying
          a company that essentially holds your computers safety hostage and uses
          tactics like that to make you feel like you have no choice like
          Mcaffees bloatware did. My phone isn’t much better, actually I don’t
          like emsisofts mobile suite. I’ve found too many other things that work
          better. For computers and laptops though… they are the best as far as I
          am concerned. I like my tech but I am not a script kitty nor do I have
          any sort of hacker tools to fix things companies break forcing things on
          us so… emsisoft helps me deal with threats on my computer where I
          cannot manually do so and where other programs hamper it because they
          are selfish bastards more concerned with obtaining your data than
          protecting your actual stuff. Even the business suits to an
          extent-albeit they are usually less obvious about it and more subtle. I
          grew up building computers so while I may be limited by the whole not
          knowing scripting thing… there isn’t a whole lot that gets past me.
          There IS however a whole lot that urks me when it comes to bloatware,
          especially when it does harmful and underhanded things, or like on my
          phone, comes with a companion app that communicates with those apps even
          if you disable them-to still collect your data even though those apps
          are supposed to be disabled and be doing nothing, and literally cannot
          get rid of it without rooting it… which can be expensive or turn your
          device into a brick if anything goes wrong. After some apps started
          trying to shut down my vpn.. I’ve considered rooting more heavily for my
          phone… but as for my computer, there isn’t much I can do but hope
          emsisoft puts the firewall back. I don’t believe emsisoft has ill
          intentions or intentions of greed doing what they are trying to do. I
          will be watching, like many others, to judge for myself whether or not
          that initial assessment is an accurate assessment, however it seems they
          have good intentions at least. At the very least, I want the firewall
          back. It originally came with the suite I have. It was no longer even
          offered when I went to renew recently. I for one would like to have it
          back but then I wanted it to begin with.

    • thank you, indeed we want Emsisoft Anti-malware to deliver the best experience to all of our users by offering efficiency via simplicity :)

    • David Requena

      No fortification’s gonna help with a poor firewall configuration enforced via GPO though.

      Take any SMB with VoIP telephony. You guess what’s a very prevalent firewall GPO? You guessed right: disabled firewall!!

  • Robert Gregory

    Thanks a lot!!! Emsisoft is the BEST!

  • Richard Clark

    So does this mean I need to turn Windows firewall on in the control panel ??

    • ddmeltzer8

      Yes,if it is turned off u must turn it on again.
      Never turn off ur firewall!!!

      • Well, definitely turn it off if you’re using another firewall. Two firewalls can get in the way of each other.

    • If it is Off then yes :)

      • Rick Steadman

        If you have turned Windows Firewall off, does “yes” mean leave Windows Firewall off?

        • Laser_Beam

          Obviously not. Your own question was: “do I need to turn the firewall on?”
          The answer was: “Yes”
          So again: turn the Firewall ON. If it is already ON, you obviously cannot set it to ON again. So, make sure it is ON and be done with it.

        • Six_Tymes

          HAHAHA! wait, are you serious?

      • Richard Clark

        My understanding was that Emsisoft Internet security had its own firewall and if I left windows firewall on they would interfere with each other. Is that incorrect ??

  • Now that I was here when the notification popped up (I’m on delayed, so was just updated to 2017.6, 2017.8 should normally get shoved my way at some point in October), can confirm my suspicion of a long-lasting bug: After a news notification pops up, EAM no longer shows up in taskbar when open (except briefly at the end of an update if done with it open). So I’m talking of the taskbar tab when it’s open, not the notification area icon.
    Problem existed for a long time but wasn’t sure what triggered it, more recently got to suspect it was this but this is the 2nd news notification in a row when it worked before and stopped working right after. (Also, those notifications appear twice, can see it slide in twice and then have to either close twice or click to view one and then still need to click to close, because the second is still there.) Not something I can make a debug log of though, unless I’d get a heads up of when another news notification will appear in advance.

    As for the firewall issue, as I said on the other post as well, I’m using Comodo so just hoping it won’t interfere. But, in general, what I expect from a firewall isn’t just security, but monitoring and control of my system being fully in my hands. That means prompts for connection attempts not matching existing rules, being able to decide whether the answer to such a prompt will apply just to that attempt or a rule will be created, being able to quickly, from the prompt, determine the scope of said rule and have plenty of further customization options available in settings, such as destinations, protocols, ports, everything anyone may want, also being able to block connections to certain places for all programs if desired, and of course extensive monitoring of connections, to quickly see at any moment which programs are connected and where and what traffic they generate. And, in recent years, settings which could quickly be activated to counter Microsoft’s snooping would be much appreciated. The Windows Firewall is completely useless in all those respects, which of course also goes for any security solution relying on it.

    • Laser_Beam

      From what I’ve been reading today (just heard about the “merge” news – hardly a merge though, it’s a discontinuation), it seems users like you (and me, and others) are being treated as a small niche, and these features are being axed because “no one ever used them anyway”.

      A sad state of affairs.

      • luna

        I used them. A lot actually. Whatever gave them the actual idea nobody used them? Emsisoft itself requires a lot of manual individual setting as is. Did they even ask people if they used it or did they just assume?

    • i won’t say Windows Firewall is useless but its lack of outbound control can be interpreted as a weakness, it is why we decided to add this control to the behavior blocker; by this move we simplify our product but keep you safe. For them it will not change their experience much .

      • namitutonka

        I just used Win10 firewall advanced settings settings screen and changed quite a few outbound rules for Win10 native OS applications. I was also able to create new outbound rules governing a specific program in C:Program Files (x86)

        • luna

          it still lacks control. Like how even though I have certain apps disabled on my phone there companion ‘system apps’ still are pinged back on my vpn and I still have to deny them access manually. It’s similar with a computer unfortunately, just I don’t have a vpn for my computer. I’ve yet to find a good one and I don’t know how to make one, not surprising since it requires scripting.

          Unfortunately Microsoft has proven it cannot be trusted. There ARE ways to manually see what is trying to access the internet and what for and what servers… so it’s not all that hard to know stuff still goes on and undermines what you actually want by the very company who apparently thrives on giving the illusion of choice in the matter.

          Unfortunately umbra is right on that one. It doesn’t give a whole lot of control and when it does it’s more of an illusion than actual honest control.

          One of the many reasons I hate windows ten in particular as it gives more illusion like that than previous versions who pretty much just screw you and hope you don’t notice.

  • Horus Lupercal

    Maybe you don’t need an antivirus either, because there is superb Windows Defender in Windows? Maybe you just want to collect our money?

    • Music Mugger

      Windows defender? HAHAHA I know who I would trust, and Microsoft will be at the bottom of the list just above Google and facebook. As the song goes. I spy for the FBI, and my backdoor is wide open

      • TheSeeker11

        You’re not a Windows user then?

        • luna

          try to find a computer that doesn’t come with window’s pre installed. I called over a dozen stores at one point, right after windows ten came out. It was the only system for sale at all on disk in the stores and the only system that came on any new computers.

          Using it doesn’t mean people like it or trust it. When a monopoly happens, that is common and Microsoft, and Apple have a monopoly. Anything else that crops up, they edge out so they can keep it. All safe guards that are supposed to be in place against monopolies in the USA have failed.

          So it wouldn’t surprise me if he was a windows user.

          Just remember, that isn’t a valid reason to invalidate someone, what they think, or how they feel. If anything it’s more telling that the person likely knows quite intimately how little Microsoft can be trusted through using the program.

  • head Gr.

    Great idea to take Windows built-in firewall under control! You’re best! Keep going!

  • Music Mugger

    Maybe now Emsisoft is taking control things might improve, but I doubt it will prevent Microsoft continuing their injection of spyware, and their open backdoor policy

    • Six_Tymes

      as if macs are any different… puuulease.

    • namitutonka

      You can still add or change Windows firewall rules. Try it yourself in the firewall’s ‘Advanced settings’.

    • luna

      Don’t we all know it. Its really very annoying to say the least.

  • Robert Colin

    Great news the Firewall fortification feature is going to make emisisoft the best performer thanks.

  • Armando G. Lagos Barba

    It is well known that Microsoft spies its users. Is the new firewall arrangement going to protect us from such bad intentions or are we going to be at the mercy of Windows firewall to get from us whatever they want? I like your firewall because it is up to me if I allow any communication to and from my computer including attempts from Adobe, Microsoft and the rest of the big ones. If it is going to be the same control I will continue with your software, if not I will start looking elsewhere.

    • Laser_Beam

      I don’t believe the Windows Firewall is secretly involved in such activities. You can never know of course, but someone would’ve probably found out and it wouldn’t look good for MS. Other components of Windows 10 do that (Cortana is one of them), and you can still block them if you wish.

      • Sokrates

        MS doesn’t seem to set much store by the public opinion, considering the turmoil they blithely raised by forcing Win10 up their users’ throats…

      • namitutonka

        I’ve blocked all outbound from Bing, Windows Cloud Experience, Cortana, and more…

      • luna

        It’s not secret because it’s not much of a ‘secret’ if its so easy to figure out.

        I tried windows ten when it force updated me at one point, managed to get back down from it and all that but yeah, it wasn’t great at all. In fact Cortana communicates with them constantly even if you ‘disable’ cortana and attempt to block her. Wanna know how I know that? Because it’s not hard to monitor and pay attention to what is communicating to outside of your computer and it doesn’t take a genius to know a disabled program shouldn’t be doing that at all let alone as much as cortana does, which is pretty much the same whether you have her ‘disabled’ or not.

        Unfortunately it’s the illusion of shutting cortana down that you get, not actually shutting it down.

        • Sokrates

          Alas! I found Cortana factory-installed on my cell-phone and there seems to be no way to get rid of it. Of course I never activated it and still every now and then a sexy female voice pops out of nowhere to tell me that she didn’t understand what I said. What do you think?
          Anyway my Nokia is still a pretty good camera and as such I’ll keep using it (paying good attention to what I photograph), but to communicate I’ll have to buy a new cell-phone with some non-MS OS.

    • TheSeeker11

      Can you provide evidence of this spying?

      • luna

        oh for the love of all that is holy… go look it up or you know, look in your own computer if you have windows on your computer. It’s not exactly hidden. Just not in your face if your not one to get your eyes on your internal systems. It’s not even anything deep. pressing control alt delete and switching tabs to see where the activity is, because one of your tabs will do that(you’ll figure it out) and it’s all there. Some versions have it a little different in display… the higher version of windows you have the more it shows from a basic standpoint. There are more ways to see what’s going on and communicating with what but considering the comments I have read from you… It’s obvious to me you’ve never bothered to even do that. To be fair… lot’s of people don’t. It’s how they miss it so easily and that is what they bank on, the fact people don’t look because they are given an illusion there privacy is being respected while Microsoft goes and does whatever they want anyway.

        Sorry to burst your bubble but yeah, they even admit to it in the TOS-if you actually read it. I mean they basically TELL you they are going to do whatever they want in it, in laments terms to shorted way too many pages into laments terms. Actually they get REALLY understanded and surround it with a bunch of repetitive mind numbing crap first and burry it in there along with links they know you cannot follow without agreeing to first… and what is in it… I don’t think anyone would ever willingly submit to but ya know… you don’t read it then how do you know what you’ve agreed to?

        Seriously. Read every TOS you ‘agree’ to. Always. Sometimes they are so confident people don’t read it, they all but say ‘oh and we are also spying on you and doing all this other stuff too’. Don’t even get me STARTED on the ‘end user agreement’. Always read anything legally binding like that before you agree to it. Seriously.

    • namitutonka

      Some Windows firewall rules are not configurable, but many are. From Window firewall’s advanced settings you can add rules. I added a rule to block all outbound traffic for a specific program I had installed. The few non-configurable parameters on some native Windows OS applications are most likely to preserve OS stability.

    • Microsoft spies me? Do you think they can tell me something about myself and my cyber habits that I do not already know? Will they label me as an Emsisoft fan and relegate me to good protection from EAM with Windows Firewall Fortification?

      • luna

        I wouldn’t joke about that. Google searches are now ‘evidence’ when crimes are committed. It takes nothing at all for them to obtain. We aren’t far from someone using Microsoft in just such a way. It takes less than you think to get from where we are to that point.

        And considering what they actually DO… I doubt it. To answer anyway what I assume is meant as sarcasm.

        • To be honest it was not meant as sarcasm. In today’s technological world a person cannot breathe without being recorded in some way. This includes telephone communications, computer operations, television viewing habits, and even walking down the street (everyone has a camera on their cellphone). I am not paranoid about what I am discovered doing/researching on the internet. The best I can do in all of those instances is to monitor when/if that information is compromised and adjust accordingly. There are tools available to monitor what the Windows Firewall is allowing in and/or out and believe me, I’m not important enough as an individual for anyone to care what I am doing online. I don’t care about ‘evidence’ being obtained in searches because I am not committing crimes…either online or anywhere else. If I don’t stand in the fire I will not get burned.

          • luna

            I am not ‘important enough’ either(nor am I breaking any laws) but I still value my privacy and resent the violation thereof.

            I DO care about ‘evidence’ being obtained, without a warrant, from google searches as it violates our constitution and that NEVER leads to anything good down the line or otherwise. (it is especially worrying as it is entirely circumstantial and to have someone convicted based on a google search is worrying as circumstantial evidence isn’t supposed to carry that kind of weight in a court of law and a mildly related search shouldn’t count as evidence anyway as it doesn’t actually connect them with anything and the person could have simply been curious-but here we are, in a society where this has been done)

            I DO care about all the things spying on us. I DO care about all the stuff that goes on. Literally you could leave your laptop open and be getting it on and someone can be watching you and you’d never know. In fact, its happened. It’s rare you find out about it but… it HAS happened and it’s sick and wrong and I resent how resigned people often seem to have become because our government spies on us, companies spy on us, and somehow this somehow is there reasoning for ‘not having a problem with it’.

            I for one, cannot imagine NOT having a problem with it.

          • Sokrates

            “If you have nothing to conceal, you have nothing to fear”… where did I already hear it? Gestapo? KGB? Holy Inquisition?

  • Sokrates

    A legitimate question would be who is taking control over whom: Emsisoft over Microsoft, or the other way around?

    • namitutonka

      Windows firewall rules are configurable and new program specific inbound/outbound rules can be created. If Microsoft removes this functionality with upcoming non-configurable OS updates, that would be bad. As it is, the new October roll out of Emisisoft seems perfectly fine with me.

      • Laser_Beam

        You are right. If Microsoft starts removing functionality from the WF (and Microsoft tends to do that…), then all products that rely on it are affected. Let’s hope it doesn’t come to that.

  • David Requena

    OK, so not a big deal, the firewall you’ve been shipping since Online Armor’s demise is just a joke anyway.

    But… what about the interaction of Windows Firewall with Domain Group Policy? Unfortunately many organizations have very lax (or even disabled fw) fw policies enforced by GPO.

    Will us, poor conscious power users be able to override AD’s fw GPO? I don’t think so.

    I don’t think you’re fully aware what a mess you’re getting into either…

    • Fabian Wosar

      If the owner of the system in an organisation feels like disabling the Windows firewall, we won’t interfere with that. That being said, the behaviour blocker always has been detecting local (as in not via AD) changes to the group policies. So yes, malware trying to disable the firewall through that has always been blocked even before the fortification feature.

      • David Requena

        The net effect of your move is: you’re leaving some amount of previously safe Emsisoft users with poorly configured or no firewall at all.
        Say as you might, but this does not match at all the high principles that have had me stand with Emsisoft all these years.

        “That being said, the behavior blocker always has been detecting local (as in not via AD) changes to the group policies”

        So then, where is this new astonishing feature that allows to you just stop shipping a proper firewall? Your words..as it seems your just selling smoke to justify scrapping the last remains of a former outstanding feature.

        Seriously, why not simply announce “We’re getting out of the firewall busyness” and be done with it?

        Then we could talk about how Emsisoft is going to reimburse me the 374 remaining licensed days of firewall use on 3 computers? I distinctly remember paying a premium for Internet Security (with firewall) as opposed to Antimalware (without firewall) at the time.

        I’m quite sure I didn’t opt for paying for a firewall feature to be “substituted” along the way for something the regular Antimalware behavior blocker has been doing from the begining.

        • Fabian Wosar

          The default configuration of both the Windows firewall and the EIS firewall is equivalent. There is no difference between those two. Quite frankly, the EIS firewall by default is even less restrictive than the Windows firewall is by default, as EIS allows incoming connections to trusted processes by default while the Windows firewall does not.

          It also seems you missed the original announcement of us merging the two products:

          http://blog.emsisoft.com/2017/08/10/merging-emsisoft-internet-security-with-emsisoft-anti-malware/

          Most importantly: “Should you still be unhappy with the upcoming changes, we’re happy to do partial refunds for your remaining license period.”

          We already offered to refund the unused license time to everyone who isn’t happy with the change. Simply send an email to [email protected] with your order number and ask for a refund.

          • David Requena

            Yes, I did indeed miss that announcement. See? no trouble on my side actually answering to what I’m told. I’ve to say that extend or refund licensing adjustment options offered seem quite fair to me. Issue closed

            I’ll take your word WF & EIS default cfg equivalence. I won’t go into WF’s (many) shortcomings either. Of course none of this is related at all to my expressed concern of GPO’s overriding what up to now was purely local configuration.

            The fact remains: an undetermined amount of previously safe Emsisoft users are left with poorly configured or no firewall at all. That’s their AD admins fault in the first place, yes. But, again, the fact remains

            Honestly, this might be the last nail in the coffin. For me Emsisoft has been the last bastion of sanity in the Windows world. I’ll probably switching to Linux-only at home. At work I’ll keep trying to get management at the various customers I work for to allow sane WFW GPO configuration *for everyone*. That ought to be easy but as most things in life, it’s not.

            As things stand this is a step back in overall security of EIS customers.
            It’s a pity…

          • luna

            I myself have been looking into Linux though information seems hard to
            find on it. Everytime I use a conventional search engine they throw
            adverts about windows 10 and other older Microsoft systems at me.
            Everything but what I want. Also a really old version of linux… that
            apparently isn’t really used anymore. Like I said REALLY old. I cannot
            seem to find anything new(or at least current) for it. If you have suggestions though, I am
            all ears.

            While initially I thought they were restoring the
            firewall… after I lost it mid subscription some months ago and had not
            seen the notice about it.

            I wasn’t happy when we went to renew
            and it wasn’t even offered anymore. Sure they offered a reduced price…
            but… that still doesn’t give me what I want or need.

            Also… I am smart enough to know it isn’t the same and our windows firewall is disabled by bloatware that came with my laptop so… it’s pretty essential we have something and just an accessory to windows firewall… isn’t going to cut it. Obviously.

            I am pretty fed up with windows and emsisoft was really the only thing that made it bearable to use it because if it tries underhanded things… emsisoft had features that when pointed in that direction could catch and stop a lot. Now… they seem to be gutting themselves. Seems self destructive to me, a bad business move for sure. Especially for a company that had a product good enough they didn’t have to advertise because word of mouth and all that… now… if they keep going in the direction they have started down now… I don’t see that continuing.

          • namitutonka

            Thank you for this option.

        • namitutonka

          I can see your point about getting what you paid for. Maybe it would be better to give the end user the option of keeping their current Emisisoft IS premium product including support updates for the built in firewall, until the licensed and paid for usage contract expires. the other option Emisisoft is offering to it’s loyal customers is a discount for the remainder of the licensed contract, Still a third option should definitely include a partial refund for the term of the contract, for those people who will switch to another vendor’s security package.

          I’ve always gotten great responses from Emisisoft support in the past. It is surprising they won’t go the extra mile for users like you, rather than pulling the rug right out from under you. No matter if they think, or their newer product coming oun in October is actually better than the old. I say bring out the new only for new subscriptions and/or renewals.

          • David Requena

            They’re offering indeed offering to partially refund. As stated elsewhere, their compensation options are fair.

            What they mean to be missing is all EIS customers explicitly choose
            to buy a firewall. We always had the option of using Windows FW, and EAM
            behavior blocker always intercepted registry edits related to Windows FW.
            Still, we bought a fw.

            This is just a business matter, the fw effort in
            development/maintenance does not pay off well, so they’re scrapping it.
            Then they make their case justifying their decision based on our
            supposed well-being.

            It’s Emsisoft Online Armor’s demise all over again. EOA.. boy, that was a firewall! Pity it was replaced with the current
            dismal fw feature in EIS. Similar arguments were thrown at us at that
            time, WTW..

            No way security is raised by this. Emsisoft has no control whatsoever
            about Windows FW’s present or future quality/behavior for one. Not to talk about
            the surface attack exposed by a standard Windows module relative to that
            of a custom third party fw.

            Well, all is said and done I think.

            Does anyone know of a windows software firewall other than buggy Comodo, crappy Zone Alarm or non-rule-based Glasswire? Hey Emsi, do you?

          • namitutonka

            Indeed this firewall issue is a deal breaker with Emisisoft IS, as a two-way firewall is a huge component in online security. I want a functional firewall which can block any outgoing behavior I choose, not only incoming threats. Bitdefender has a two-way firewall.

          • I tried binisoft “paid” version for a while before reverting only to Windows Firewall, it is quite good , played nice with EAM and will satisfy those needing outbound control. (note that the free version wont give outbound alerts)

          • I prefer Sphinx version, it uses 0% CPU and works, unlike binisoft.
            Glasswire has an awesome GUI, but takes about 3% CPU nonstop.

          • Laser_Beam

            There’s another issue here. I believe Microsoft is making it harder (with various restrictions) for 3rd-party software firewalls on W10 and I would like a confirmation and perhaps some more info from Emsisoft on this.

            I could be wrong, but software companies have either the choice to ‘resign’ and base their solutions around the native Windows Firewall (which has both strong and weak points), or keep going with their own firewalls, with the risk of creating ‘bulky’ software since additional drivers/layers etc. are required. More info would be welcome.

            My opinion is that Emsisoft should have prepared a Firewall interface, before “throwing” their users right into the messy WF interface. At least there are some good solutions available.

          • Fabian Wosar

            They don’t. Microsoft introduced a common technology base with Windows Vista that is called the Windows Filtering Platform which in conjunction with the NDIS Filter Driver is used to build every single firewall, from the Windows Firewall to any third party firewall. Those APIs haven’t gotten more restrictive. Quite the contrary. Microsoft kept them up to date and even added support for new application models like the Windows Apps that were introduced with Windows 8, that can’t be restricted properly using old technologies like TDI that were prevalent in Windows XP days.

          • Laser_Beam

            Thanks for the info.

  • Six_Tymes

    good idea. I’m in.

  • PHIL GARDNER

    Emsisoft ROCKS! Incisive and pragmatic.

  • exothermic

    I’ve only just read about this upcoming change today and I am in two minds about this.

    I am currently a windows 7 user with no intention to upgrade to windows 10 any time soon.

    -Is my protection using windows 7 firewall going to be worse than if I was a windows 10 user and to what degree is there a disparity (if any)?

    -How is this feature going to be implemented? Are you going to integrate controls for the firewall into EAM (similar to how other products like Glasswire integrate windows firewall controls into their software), or will I have to use the default windows firewall interface to set my firewall preferences?

    -What are my options, should I not want to continue with EIS for the rest of my service?

    • 1- No much difference between 7 and 10 , however XP….
      2- The outbound control feature of EIS was moved to the behavior Blocker of EAM; so for you no much changes in that aspect. If you want block a legit process/program to connect to the internet, you can via the the Application Rule or the Behavior Blocker settings tab.
      3- Switching to EAM is the best move, anyway if EAM detect a malware, if wont connect out.

      I use Windows Firewall since Windows 8 , never get compromised.

      • Laser_Beam

        2) is a bit confusing. Can you really use EAM to block specific applications from accessing the internet? The outbound controls you mention are only available in EIS.

        • correction: only modifications of Windows Firewall’s rules by malicious will be blocked. Sorry for the confusion. (i edited my post above).

      • exothermic

        1 – You’ve said there isn’t much difference, but that implies there are some differences. For example, does the windows 7 firewall have vulnerabilities that 10 does not? Really, that is what I was getting at with my question.

        2 – Integration of firewall controls in the product is of importance to me. Ideally, I want all things security related to be modifiable within the one product and that includes the firewall.

        You are saying the new EAM has the ability to block specific outgoing connections via behaviour blocker. That is definitely good but what about other controls for inbound and outbound connections. Obivously, they are modifiable within windows firewall UI but do you intend unify the controls into EAM or to keep them as seperate entities from each other?

        • i correct, only malicious modifications will be blocked; if you want to block specific non-malicious applications, you must use Windows Firewall with Advanced Settings and create a block rule.

      • tom b

        same here even though i used the free upgrade and got win 10. i still have not been infected because the Behavior blocker and zemana antimalware takes care of everything for me. Even tho i have EIS right now i have no issue of u guys mergeing,as i put all my trust in u guys knowing what u are doing.. To all the ones crying about this change why not just get a refund and switch to another internet secuirty suite so u will have your own firewall lol

  • nuncius

    Hi there. Could you also check responsiveness affect of your EAM? As lately I have noticed that it is causing serious lags even by common PC-use circa last two or three months – moving cursor, scrolling down internet browser, opening folders and such similar (by mouse, trackpad, keyboard),

    I am using Emsisoft anti Malware for about 4 years and this is its first period when it is causing such annoying side effects. After pausing its protection is everything fluent again…

    • I dont have this issue on my machines (even on a very low end mini-laptop) , you should ask on the support forum with your detailed configuration including other security softwares installed (if any).

  • Indeed A Great Software :)

  • João Andrade

    If we install a third party firewall lets say Zone Alarm free, does Emsisoft Anti-Malware provides the same layer of protection?

    • Emsisoft Anti-Malware’s Firewall Fortification apply only to Windows Firewall, however its other features (web filter and behavior blocker) will still apply to protect your system.

  • Sokrates

    Disregarding the faithful claque (“Bravo!”, “You rock!”, “You are the best!” without much of supportive arguments) most of the people here seem to trust Emsisoft and distrust Microsoft.
    Years ago (still in the good old Windows XP times) I used to share entirely that point of view – until all of a sudden someone at Emsisoft turned about and decided that Microsoft was very trustworthy, which shifted the choice between trusting them both or distrusting them both. Being suspicious by nature I reluctantly opted for the latter.

    (By the way: I’m still on XP and thanks to a sound anti-malware software and to a set of tricks and expedients thus far I never suffered any malware-related inconvenience. Whenever I mention it the usual reaction is “Ah WinXP, those were the good days!”)

  • namitutonka

    No way Emisisoft! I want to choose what goes OUT as well as what comes IN through my firewall. Windows firewall has no functionality to choose or limit anything outgoing from my PC. Bitdefender has this functionality.

    I’ve had Emisisoft for about three years, I doubt there will be a fourth.

    • you have , it is calls Windows Firewall with Advanced Settings, sure it is not automatized and practical like a popup , but you can block or allow connections based on protocols, IP, progrram , , etc…

      • namitutonka

        Thank you Umbra. I just blocked a few Windows features with Windows firewall advanced settings. I was also able to add rules for specific programs. For one program I successfully blocked all outgoing connections while keeping inbound connections open. I’m becoming more favorable to this impending change to Emisisoft IS.

        • Great, with time you will (as i did) master it properly, Windows Firewall is not so complicated to use, a rule can be created in 10 seconds. :)

  • MeMyself

    This is a bit of a disappointment. I choose Emsisoft years ago for two reasons: 1. It has its own firewall and 2. it does not put some activity in the cloud (as, e.g, F-Secure does). Also, it can be set to disregard PUPs (F-Secure wanted to remove all my Nirsoft tools and in later versions could not be set to whitelist them). BitDefender also fulfills these requirements but has a bit of “bloat”. So I liked Emsisoft better – at least until now. By the way, I would not mind to pay a bit extra for the Emsisoft firewall…
    Can someone advice on optimal settings for the Win7 firewall (and for Win10, for the ones who have it)? And on the best separate firewalls?

    • Thank you for your feedback :)

    • Thank you for your feedback.
      About the settings of Windows Firewall, you don’t have much to do, unless you want to block a particular program.
      About a 3rd party firewall, there is many available but i suggest you to try them and see which one fits you the best.
      Also, you can just keep using Windows Firewall and use one of the many extensions that will give you a easier way to manage it (like Binisoft Windows Firewall Control or Glasswire).

      • Majik thise

        Why do you believe extension for Windows Firewall = Stand alone firewall?

        If people wanted the windows firewall they would not be using a better 3rd party application, something you seem to have forgotten when you decided to kill OA and ripped it out of EIS

  • Majik thise

    I love this contempt for your user base, this is the exact thing that you did when you dropped support and purchase for Online Armour.

    You basically gave the middle finger to Power Users under the banner of “simplification” and “hey you don’t need HIPS” and with that we lost the ability to monitor connections requiring a 3rd party program to give the same functionality.

    Now your given solution to “improving” security is to tell people to use a worse firewall and run your product over the top of it? Is that really the best solution you could come up with or is it more that you don’t want to spend your time supporting a wanted and in some cases needed product?

    Is EAM going to allow inbound and outbound port blocking or IP ranges? Is it going to stop GPO manipulation if something gains privilege? How are you going to prevent secondary accounts impacting others?

    We’re lowering you security coverage but “Have a great, well-protected day!” suffices to say once my licence is up I’ll be dropping EMSI as part of my security package an looking to people who support their userbase and does not see advance users as a hindrance and low usage cases. Next you’ll be telling us that AM and AV are unimportant and we should just run Windows Defender with your product over the top as a “hardening solution”

    I also got a good laugh out of “they are covered by both their NAT router and Windows Firewall” assuming that everyone is still on IPv4 and they are running two firewalls at the same time. “We just decided […] this control is what most of our users
    need” is also a good one, sometimes what you “need” isn’t what you should have, by that logic your product is irrelevant since most people don’t “need” your firewall any more.

  • Pieter van Duijn

    Is there a secure banking option?

  • Pieter van Duijn

    Is there an option for secure banking?

    • Like a dedicated feature? not exactly, but the cumulative protections of Emsisoft Anti-Malware (behavior blocker + dual-engine) will prevent keyloggers to compromise your banking session.

      • Pieter van Duijn

        Ok, thanks for the reply. I’ll have to do it with that then. :)