When NPF 2004 detects an attempted intrusion, it puts up a simple alert.
If you're upgrading from an earlier edition, NPF 2004 now migrates your customer firewall settings. For our informal tests, we updated a system that had been running NPF 2003 without losing a single setting.
NPF 2004's interface is almost criminally simple: green check marks mean everything's OK, while red check marks signal that detection files are out-of-date. This simple design is best suited to beginners who just want protection and don't care about mucking with settings. To get to advanced features, such as firewall rules, you must dig through at least four screens. Some settings, such as those for ActiveX Controls, are hidden even deeper. We'd prefer to access these setting via fewer clicks. Unfortunately, NPF 2004 doesn't add any features worth its $30 upgrade price. There are, however, two minor changes worth mentioning. The first, Network Detector, is a new feature that automatically employs different rule sets for different networks. This tool is handy for laptop users who haul their notebooks from, say, home to office to wireless cafe. The second noteworthy feature is integration with IE that turns ad and pop-up blocking on and off. The toolbar will also launch the NPF 2004 display and selectively block any cookies on the current site.
NPF 2004 now automatically detects a change in network connections--handy for notebook users moving from the home to the office.
Other than that, NPF 2004 remains much the same as NPF 2003, offering an intrusion-detection system that sniffs out possible attacks, an ad blocker, and a petite privacy module that prevents personal data such as credit card numbers from being transmitted via browser, instant messenger, or e-mail. (You pick which data it protects.) If you want, you can also trace back an attacker to his or her originating domain (or at least the one that the hacker spoofed). And as each desktop application tries to access the Internet, the program either automatically assigns a firewall rule for that app or gives you the option of allowing or denying access by flashing an alert in the lower right-hand corner of the screen. We ran NPF 2004 against Steve Gibson's ShieldsUp port tester. In stealth mode, our PC was entirely invisible to the world, which is the best result a firewall can get.
More information about how we test firewalls can be found at CNET Labs. Symantec's tech support varies in quality and cost. Online support is free and generally excellent, although the new Support Assistant, a small app that downloads to your PC, didn't lead us to resolve our test problem as we had hoped. Searching the knowledge base manually, however, got us clear and concise assistance for most of our problems.
Locating Symantec's online e-mail tech support could be a lot easier. After endless clicking, we found this buried link.
E-mail to tech support isn't slick. It's almost impossible to find the form on the Symantec site, then you must use it to query the help desk; then it takes Symantec a good 48 hours to respond. In our case, the tech didn't answer correctly even when he did respond.
Finally, you can call Symantec for tech support, but the price--$29.95 per incident or $2.95 per minute--and the limited, weekday-only 6 a.m. to 5 p.m. PT hours left us cold.