I apologize in advance if this is elementary question has been asked before, but would gratefully appreciate a clear answer from the Lions den.

Is a Firewall necessary when using Sandboxie ? Also, do we really need an AV ?

The very concept of a virtual system appears to make these two programs at least in theory redundant.

Many thanks

The Virus FAQ addresses this question and a few others. You should take a look --

http://www.sandboxie.com/index.php?FAQ_Virus

Dear Ronan,

I have looked at the link you gave, but cannot see a categorical answer that Sandboxie eliminates the need for a FW or AV. I would be very grateful to have a positive YES or NO. Alternatively a technical explanation.

I tried to phrase the fifth answer to give a categorical answer. The answer starts with "no" to the question "Should I use Sandboxie instead of anti-virus software?"

This kind of questions are not so simple to reply.

Do you want that the FW asks you when a program wants to send a packet? If the reply is affirmative then Sandboxie can not do that. If you just want to block outgoing connections without any question, then Sandboxie can do it.

So to the question you made, you are the only one that can reply it, because for some people Sandboxie may eliminate the need for a FW but for other people don´t.

About AVs... the same. If you are going to download with Sandboxie some software and run it out of Sandboxie, then you should have an AV. If you never ever are going to do that, then you should not need it.

Buster,

I really appreciate your comments and presume I will get no better response.

Well, thank you very much. I guess that it is a gray area where some do and some don`t.

Replies from other users on the web, show mixed bag but no definitive answer, just as you say.
Some users only use Sandboxie and choose to have no FW or AV at all and they are very happy indeed. Being more technical minded, I did want a more conclusive answer, but it looks like I am not going to get one.

To summarize, on the basis of other users, it is advisable to have a FW and AV in addition to Sandboxie, but is nowhere near as critical as users who do not use Sandboxie.

The basis for my question is that the FW issue becomes a critical and over indulgent matter when trying to compare numerous third party FW`s. The message is put over that life depends upon them with all their gimmicks and ultra safety features. Same with AV`s.

My conclusion ? YES I do have a FW and AV, but it is of no mortal necessity. I have 100% confidence in Sandboxie and regarding FW`s, Windows is perfectly satisfactory under my circumstances. I just need a good FW, not one that makes coffee. AV ? So long as it is a recognised product - same answer.

I currently use ZA and AVG and do not let either one of them dominate my life.

Having said what I already commented I can give you now a more technical reply: in my opinion, using a properly configured Sandboxie I don´t think you need a FW or AV... until you run any software out of Sandboxie, moment when you would need them.

I have been running malwares (without FW nor AVs) under Sandboxie´s supervision for years and I have been safe (with two exceptions that tzuk fixed pretty fast after he knew about them) all this time. How? Having Sandboxie configured properly. In my case just denying internet connections was enough.

Other users may match their needs with other configurations: mainly with path restrictions.

And don´t forget about the most important security tool: the backup.

Buster ! You are great !

What an honest, down to earth and informative reply. I am very grateful.

I perhaps am not so clever as others to configure Sandboxie to be my only Minder. I will stick with my existing FW and AV, but will not become engaged in the wonderful world of comparisons and competitive ploys for these products that the industry so readily provokes. if one believed the vendors of these products, one would conclude that without their many fancy features, we would all be subject to being completely annihilated by a Tsunami of monumental threats.

Bottom line in the face of all others is - Sandboxie, Windows FW and an AV is a perfectly safe combination.

Your reply has greatly eliminated my concern over the critical dependency of both a FW and an AV when using Sandboxie.

When using Sandboxie, the use of an AV is not required at all. Why? Because as no permanent changes to disk will be produced, you don´t care if a malware infects your machine. As soon as you terminate sandboxed processes, all the malware activity will be stopped on its tracks.

At this point there is a question that usually arises between Sandboxie users: should I delete sandbox folder contents or not?

My suggestion: if you have visited well known and trusted sites, I don´t see any need for that. If you have visited sites of more dubious nature, then yes.

But even if you keep a malware inside the sandbox folder, it will not go nowhere if your configuration is good.

The use of a FW is a different question because by default Sandboxie will allow internet connections so it could happen that a malware sends information that you don´t want to leave from your computer over internet.

I suggest you review the forum to learn how to configure Sandboxie in order to prevent this kind of situations.

With a properly configured Sandboxie, when using Sandboxie the need of a FW is eliminated too.

And I think that´s all you should know about Sandboxie, AVs and FWs.

Buster,

I am amazed at getting such useful and unexpected information. I don`t reckon I could have done any better than receive the comments you have made on any Forum.

I will "try" to understand Sandboxie configuration, although I must confess that it does leave me a little cold.

The reason I posted in the first place is that I have had FW trouble and am fed up with all the sales jargon mush that accompanies these products.

My ZA says it is protecting me, but the log viewer does not record FW activity by the minute like Windows FW does. It comes in slugs as and when it feels like it. The current log is now 24 hours old, but I have no choice but to stick with it. The program log is OK. I have Windows FW enabled.

Comodo kept crashing, Outpost was a 2009 version and Online Armor never recorded any FW events at all, although again the program log was OK.

Thank so much, you have answered my query perfectly.

You are welcome!

I can't tell if you are running ZA and Windows firewalls at the same time but if you are, two firewalls at the same time can cause real problems.

Three of my favorite places to keep up on security are Wilders Security Forum ('What is your security setup these days' in 'Other anti-malware software' is fun to follow), MajorGeeks, and Gizmo's Freeware.

From what you have said, I would suggest you run Windows firewall and PandaCloud Free AV with Sandboxie. Some other programs that won't hurt are Malwarebytes Anti-malware, Hitman Pro, Emsisoft Emergency Kit and a good system image program such as Macrium Reflect. A new program that I really like is Webroot SecureAnywhere.

I prefer CloneZilla.

I'll chime in and say that besides what Buster already said, the only truly safe environment is a virtual system. You can give full Internet access to a virtual computer and do whatever you want without ever worrying about host infection and data loss or theft. While I particularly like virtual computers, the main reason I'm using Sandboxie is because it's the best solution on the market that allows for seamless integration of virtual space with the host system while keeping things separated and organized.

The answer to your question (if we need a firewall and antivirus) depends on how well you want to get informed and how much control you want to have over certain aspects. While an antivirus is never needed for sandboxed stuff, it may be needed for stuff outside sandboxes or for stuff you want to take outside sandboxes. Also, an antivirus will make you aware of a potential threat, even if it can cause no harm to your system while sandboxed. Almost the same goes for the firewall: it's not needed if you block Internet access to any sandboxed application, but it may be needed for stuff outside saboxes. Also, as far as I know, Sandboxie doesn't allow for rules creation, so you need a firewall to control an application which requires Internet access to function properly by allowing it to connect to trusted addresses and blocking unwanted hosts. You could just give Internet access to a sandboxed application and block it from accessing paths to sensitive data.

Throughout a decade, I have used numerous anti-virus solutions (BitDefender, AVG, Kaspersky, ComodoAV), but just one firewall that couldn't be beat by any other when it came down to satisfying my needs for control, and that's Jetico Personal Firewall (accompanied by NetLimiter for special readings and traffic limitations). So yeah, while I do not rely on anti-virus software to keep my system safe and I do not intend to be kept up to date with all existing threats, I do care about network connections (who and what's sending or receiving).

I suggest you try Jetico Personal Firewall if you're interested in getting detailed and precise logging with the ability to filter what's logged or not and set different warning levels. What makes JPF the best though is the control it gives you over creating rules.

Thanks so much Michael for such a detailed reply. I have found that the responses on this small thread have helped me very much.

Michael - I have looked on the web at Jericho Firewall and cannot decipher whether it is Freeware or a pay job although I have tried all the usual reputable download sites. I would love to try it, but it MUST be freeware. Can you give me a safe download link for FREEWARE ? I must have the latest version, there seems to be a variation problem. Version 2.1.0.10 looks popular.