eEye Digital Security

Please read this post first as it explains the process of getting Beta releases: http://forums.eeye.com/forums/p/829/3568.aspx#3568

This release addresses these issues:

   - Fixed a Firewall issue causing traffic to be randomly denied
   - Fixed an issue causing the Fortigate SSL VPN to not connect when the Anti-virus engine was enabled
   - Fixed an issue where when reading email over IMAP, email folders would appear in uppercase and in duplicate
   - Fixed rare BSODs caused on non-Vista systems with heavy traffic when IPS was enabled.

The attached registry file will need to be imported to make Blink re-download the update (required in order to get either a new Beta or the final release when available)

NOTE: If you used the Reset Configuration option in Blink Personal 4.1.4, it had the undesired side effect of disabling the System Firewall (with no visual indication that this has happened). To recover from this error and re-enable it, shut down Blink and run this command "C:\Program Files\eEye Digital Security\Blink\blink.exe" /s. This command will re-enable the firewall and start Blink.

lnicula:

NOTE: If you used the Reset Configuration option in Blink Personal 4.1.4, it had the undesired side effect of disabling the System Firewall (with no visual indication that this has happened). To recover from this error and re-enable it, shut down Blink and run this command "C:\Program Files\eEye Digital Security\Blink\blink.exe" /s. This command will re-enable the firewall and start Blink.

Is this problem fixed in the Beta as well? 'Cuz I've noticed that whenever I reset configuration I'd get DNS related questions even if the top rule is checked in the system firewall rules.

No, this was discovered too late to be fixed in this release. It will be in 4.2 though.

 Alright, I just tried that command thing, and I'm not getting those questions. So it was only that section that wasn't working? The firewall would still be doing it's job by protecting the computer, right?

Yes, it was only the system firewall section. The Application firewall still worked.

Nicula,

     Now, correct me if I am wrong, but Blink was designed to protect you still without the Application or System Firewall turned at all correct?

That is correct! Most of our Blink Professional customers don't even use the firewall.

 For a home user environment, it could be useful though if you don't use a router with a firewall (but most users do that already)

lnicula:

That is correct! Most of our Blink Professional customers don't even use the firewall.

Really?

     Quite frankly if I was put in charge of a company network, using the firewalls would make my life (as an SA) easy!  Using what was on the software baseline for my company and what was installed on each client and server system, I would then create preset firewall rules allowing only those applications to contact the internet.  Anything else would be denied.  I guess if you really don't care what your users are doing on their systems, then yeah, I would turn the firewalls off.  If you properly configure a firewall about 90% of the "ignorant" or intentional actions that users make on a daily basis on your network can be stopped locally by policy.

lnicula:

For a home user environment, it could be useful though if you don't use a router with a firewall (but most users do that already)

True, but even with a router I think it is highly recommended to use them still.  Most consumer routers, unless you want to do a lot of pre-configuration in them ahead of time, blocking outbound connections per application or by process basis is difficult.

Blink allows you to fine tune a system's setup, so what you said really surprised me from being a SA myself.  :)

Does the IPS component still prevent (block) network based attacks if the firewall component is disabled?

 Yes. Banned and Trusted works too.