Total Firewall Protection: No firewall is complete without protection from both hackers and viruses. Viruses do much more damage than hackers, yet firewalls allow them into your network. WinProxy is the ONLY firewall available that combines both of these functions for total firewall protection. WinProxy software sits right at the doorway to the internet and scans all incoming packets as they come off the wire. Its all done automatically, and the software is updated as often as daily to catch the latest viruses. Viruses are killed immediately as the come in, before they have an opportunity to infect any computer on your network. No other firewall gives you this critical protection! Running virus protection on your individual client computers does not protect you from viruses that are spread by emails and downloads over the internet. In fact, most virus protection catches the virus after it has done it's damage. WinProxy Firewall Protection is the only firewall that will stop the viruses before they enter your network.

WinProxy's firewall is one of the new generation of 'hybrid' firewalls. These firewalls are a synergistic combination of packet-level and application-level firewalls.

The packet-level firewall inspects the headers of every packet. Decisions to allow or disallow the packet are based upon source and destination addresses as well as source and destination ports. This inspection has little to do with packet content or subsidiary headers like URLs. "Stateful" packet filters - like WinProxy - allow the firewall to correlate new packets with previous traffic as part of the decision process.

WinProxy's packet-level firewall lives 'close to the wire', between the network card and the tcp/ip stack. This firewall makes its decisions before the packets even reach the tcp/ip stack, and well before any applications might see them.

The application-level firewall regulates the tcp/ip stack from above rather than from below. It cannot change how your system handles individual packets, but it is well-suited to making session decisions. Communication sessions can be limited by any number of rules, all of them available to the administrator. These can include decisions based upon the content of the packets.

WinProxy's application-level firewall allows virus scanning, site restrictions, caching, and a host of other features.

Interface distinction: WinProxy makes a careful distinction between your internal and external network interface. Many application-level firewalls do not, and allow the user to inadvertently open holes in their firewall. These are the basis of many known well-known firewall exploits.

How it works: Positioning the packet-level works as close as possible to the wire gives you a couple of important advantages. One, WinProxy can make sure that every packet must pass through the firewall. Second, WinProxy can prevent other applications on the machine - including the operating system itself - from unintended Internet contact. Windows, for instance, has a well-known port that is always open to contact regardless of any Windows settings. An application-level firewall cannot close this port or prevent unseen contact, but WinProxy can - and does.

Stealth firewall: There is more to it than just denying contact. How you deny contact makes a difference. The usual way that the tcp/ip stack employs is to return a packet that means 'no application listening'. Yelling "nobody home" at the door is not always the best way to hide. WinProxy will instead just drop any unsolicited packets. To the sender, their questing packets just vanish as if there were no computer there at all.

To test the firewall go to: www.grc.com and use the Shields Up firewall tester. WinProxy comes up in the "Stealth" mode. Most competitive products come up as "open".