What is the ImproveNet system and why is it useful for me?
ImproveNet is a system of optionally collecting users’ firewall configurations and having Agnitum security experts review them centrally and create new application access rules and global firewall settings to be distributed to users. The goal of the system is to learn about new Internet-accessing applications promptly and prepare automatic configuration rules so you don’t have to do it manually.
What information is sent to Agnitum from my computer, and how might that change in the future? How can I be confident that no personal information is sent to you?
The only information sent to Agnitum is data which helps to identify a web-enabled application when it requests network or Internet access, along with the technical details of that connection. In future versions, additional information that impacts new functionality, such as component control, may be added, but you can rest assured that nothing will be transmitted to our engineers that personally identifies you. Here is a complete list of the data sent:
For the application: name, version number, local path, fingerprint (checksum).
For the connection: direction, protocol, port number.
In place of MAC or IP addresses, the following connection type ID is sent: Internet, local (localhost), or local network of class A, B, or C.
Why are so few presets available after Outpost is installed?
We will be updating and expanding the current configuration library with ImproveNet-distributed presets. Program rules are created as necessary. For each application, we will only include rules which have been requested at least once. Application rules are applied only in cases when the information of the particular application (its fingerprints) matches that written in the presets files. If there is no match, the Rules Wizard will be displayed and you can select the appropriate action from the drop-down menu in the usual way.
What does automatic application of network access rules mean for me?
With this system, rules that govern how various applications on your computer access the Internet are automatically configured and applied in Outpost Firewall Pro. This helps eliminate the firewall’s pop-up questions when a new connection is initiated on your PC and shifts the task of correctly—and most importantly—securely configuring the firewall to the experts at Agnitum. So not only is managing Outpost Firewall Pro easier now, but you can also be sure that it is as secure as it can be.
You will see far fewer requests for confirmation about how to deal with application communication issues. In addition, the ability to automatically update the rules allows Outpost to block existing third-party vulnerabilities until the vendor is able to issue security updates – so-called zero-hour protection.
Thanks to ImproveNet, if an error in the existing firewall rules is detected, we can fix it and distribute an update almost immediately through the ImproveNet infrastructure.
If for any reason you don’t want to use the automatic application of new rules, you can disable it and instead make settings manually, although with a recommended choice which can be optionally followed when the rule creation dialog box appears.
How are these rules created and how do I get the updated firewall configuration?
Based on the configuration sent to us through the ImproveNet program, Agnitum security engineers collect and evaluate information on thousands of network-enabled applications submitted by participating users.
After the evaluation is completed and a set of new automatic access rules is prepared, this configuration is distributed via the Agnitum Update service to users. New rules are automatically applied on the users’ machines and Outpost Firewall Pro is set to work automatically with programs listed in the newly-received configuration.
Tell me about the auto-rules - how secure are they?
Thanks to the ImproveNet technology, we know not only about the rules that are missing from users’ configurations and the questions their Outpost installation asks, but we also learn about attempts to bypass the protection. Based on reports following the release of Outpost 3.5, we can see that the rulesets are much safer.
Where the former configuration consisted of a large number of rules which were quite insecure because any malicious application could edit the presets file and thus go online, plus the presets file didn’t feature program ID check based on its fingerprinting, the new configuration is significantly more secure and has less redundant entries because it only stores what’s needed.
Users’ configurations now consist only of rules that are required by their particular system setup. And if users install Outpost with a clean configuration and auto-application of rules enabled, new rules are created specifically for the requirements of their system. So the automatic application can be discontinued after a day or two, because the necessary rulesets will already have been created. Users can then tweak those rules using the Rules Wizard alerts if they wish, but there is no real need to do so.
Users can also regularly download new presets. Even if you have auto-application of rules turned off, you will find it useful to refresh the rulesets at intervals to allow for updated Rules Wizard settings for updates of installed applications. We have intentionally tightened up a number of the rules because of the automatic application.