Elemental Forums
I used Outpost firewall before and it felt cool to customize everything. Like when I configure my router. Feels 1337 
But the Windows firewall I haven't EVER had to configure anything at all except approving things accessing internet.
So is the firewall in Windows 7 64 good enough?
to test whether the windows firewall is doing it's job, go here https://www.grc.com/x/ne.dll?bh0bkyd2 this is a site designed to test your firewall called shields up. disable your outpost one and then enable the windows firewall and run the tests, then turn windows firewall off and re enable outpost and run it again to compare the two. I use the windows firewall on this laptop and ran shields up and got a perfect score so i don't use any other firewall, But on my desktop i run AVG 2011 internet security and it's own firewall which also got a perfect score. Good luck mate 
Never used anything except Windows Firewall plus free virus scanner and other free tools. Now running Avast! Free Edition plus occasional scans with MalwareBytes. No viruses ever. No worms. Maybe couple pieces of mild malware couple years ago.
But also very conservative about sites I visit, try to keep a low internet profile.
I just use the W7 firewall, way back in the day I used Zone Alarm. The W7 fire wall can be modified and allow program through firewall. I use Micro$oft Security Essentials (MSE) as my AV, I also use Maleware Bytes, Super Anti Spyware and Spyware Blaster.
I use a hardware firewall (my router) and shields up says I don't even exist on the interweb... 
So I have no need for a software firewall....
FYI
There is an "advanced view" to the windows firewall. If you're all about having more granular control........that view should blow your mind. 
YES, the firewall included with Win7 is very good at doing it's job. Not necessary in the least to give away more transport-overhead just to "think" or "feel" safer.
Some might disagree with me (feel free) however my opinion has been formulated by years of in-depth networking knowledge and not on sales pitches or user reviews. I'd be willing to bet those same people who might disagree would also be the ones deriding Microsoft's ISA/TMG (threat management gateway) in favour of say a Cisco-PIX or whatever hardware appliance......there they would also be wrong.....but whatever.....I know what I know.
EDIT:
Also, just using an EDGE firewall (ie. router) is the old '80s "eggshell" mentality toward security. These days a granular and multi-tiered approach is necessary not just recommended. Besides, the firewalls on routers that have maybe a 100MHz proc with 16MB of RAM CANNOT possibly inspect each and every data-packet and or verify each and every connection. Just browsing to one single website can open multiple connections to and from your system. Unless you're running a network-EDGE hardware device that has cost you at least $500.00 the firewall on your router is not much more than "marketing".
FYI, "shields-up" saying you're "stealthed" is very much to be taken with a grain of salt and a whole pound of real networking understanding.......just sayin...
Unless you want to manage outgoing traffic or are using public networks, there's little reason to use any firewall software on a machine that's behind a NAT router (which is most routers). Any unsolicited inbound traffic will be ignored at the router unless you've expressly forwarded the port it's coming on.
Though granted (concerning outbound traffic) most people these days would rather have an app to tell them what's going on rather than exercise caution and awareness regarding browsing and install habits.
It's not quite as simple as that kryo. Although basic NAT should reject all unsolicited traffic, what level of NAT-endpoint filtering (filtering applied to incoming connection requests on active ports) is applied from router to router is not the same and in many cases not even evident. This is important because its once connections have been initiated that most "badies" sneak into a network. For example SOHO routers that do allow one to configure the level of NAT-filtering are the D-Link GamerLounge routers probably because changing NAT-filtering settings might be important for gamers/hosting etc.
Ex.
For example on my son's gaming-router there are 3 settings for NAT-endpoint handling for both TCP and UDP traffic (each can be set independently of the other). The following is taken directly from the router's help file:
1. Endpoint Independent
2. Address Restricted
3. Port and Address Restricted
This is why having basic but good (ie. Windows Firewall) software rules also present on any system residing behind the NAT makes for good "defense in layers" which is never a bad thing. Routers can be fooled.
That being said, I would NOT suggest giving away the additional transport overhead for more "robust" software firewalls which claim to inspect the STATE of traffic etc. Plus as I've stated before many times SOHO routers claiming to perform SPI (stateful packet inspection) aren't much more than a fancy marketing ploy since most SOHO routers have weak proc's and limited RAM with which to perform such "inspection".
the Monk
I just tested mine and all came back nicely except the ping thing. How do I prevent my laptop from getting pinged.
I believe that if your firewall is working properly you can't be pinged. that is a purpose of the firewall, to be invisible.
to answer the question; yes, it seems to work pretty damn good.
Behind the router's hardware firewall, I use Win 7's integrated software firewall in conjunction with a couple of precautionary measures as well, and I find this quite adequate with safe surfing practices
[staying away from pron sites on the 13th (especially Fridays) of each month helps 
].
Along with Iobit's Security 360 for added peace of mind, I use the Tea Timer function in Spybot Search and Destroy to immunize and protect my system in real time at the browser level. Since I have been using this combination [about 4 years now] I have yet to turn up a nasty in any of my AV/Spyware/Malware scans.
As for my A/V, I use Avast Free {complete with pirate talk] and find it most acceptable. I once had a dubious link/download in a Yahoo search result and Avast warned me instantly that it was unsafe to open.... phew, as I had intended to go there prior to...
starkers,
Again....(as I've already stated above) unless your "router" has more than a 100MHz proc with 8 or 16MB of RAM it's "firewall" isn't much of a firewall. Running software tests like "can I be pinged" or....."which ports are open etc." are not really an indication of being "firewalled" by todays standards. A true firewall performs traffic checks based on ALG's and has a proc/mem that can actually properly perform SPI (for what it's worth). The reason for this is so that traffic can't "pretend" to be other traffic in order to fool your network devices.
For Example: So you can't be pinged, and every port is closed for unsolicited traffic.......big woop.......when you go out on port 80 (web traffic) to view something on the web what exactly is your network device doing to ensure that something else which isn't "web-traffic" (and therefore shouldn't use TCP port 80) isn't in fact using port 80 to come back into your system? That's right.....NOTHING. Unless you run a hardware device which is truly capable of using ALG's or performing SPI you are "trusting" that everything coming in on tcp 80 is in fact http traffic.
Also...."immunizing" your browser (which amounts to protecting certain registry keys from being edited) is something I'd rather trust to the system's local security policy and/or by not running/browsing from an ADMIN account. If you are already doing that then there is no need to give away the extra system over-head away to a third-party program.
Avast doesn't have the greatest record, but that nonwithstanding using/editing your system's "local security policy" is again a much better way of ensuring baddies that slip in can't fully function (and can then be cleaned out later with no issues), rather than again trusting some third-party program to not lapse and be your EDGE-protection.
Of course protection in layers is important. Please don't assume that running various different third-party software is doing that. Protection-in-layers means that while you might have some software installed to run scans etc. for "peace-of-mind" the ACTUAL protection of your system is trusted to running everything on your system from a LEAST-priviledge-needed mindset, properly understanding and configuring your built-in local security policy and if one can be afforded a true hardware firewall at the network EDGE.
Software isn't infallible.............however a security-centric mindset (including least-priviledge-thinking etc.) puts the odds more heavily in your favour.
the Monk
Welcome Guest! Please take the time to register with us.
WinCustomize Forums
Sins Forums
Stardock Forums