December 9, 2004 - Both of these firewalls have introduced "Driver-Level
Protection" features apparently intended to detect malicious activity by
Trojans. Unfortunately, it appears that both of these products are not
designed to allow legitimate third-party NDIS protocol drivers to send
packets on the network.

In the case of the SyGate product it is necessary to disable the
"Driver-Level Protection" feature of the SyGate firewall to allow legitimate
third-party NDIS protocols to send packets on the network.

In the case of the Symantec Firewall it appears that the only choice is to
disable the firewall entirely to allow legitimate third-party NDIS protocols
to send packets on the network.

Other firewall choices such as BlackIce and ZoneAlarm allow legitimate
third-party NDIS protocols to send packets on the network.

Unfortunately PCAUSA does not have contacts with either SyGate or Symantec
beyond first-level technical support - which is not a productive route for
suggesting improvements in this area.

If there are SyGate or Symantec developers on these lists, please consider
making improvements to SyGate and Symantec firewalls that allow legitimate
NDIS protocol drivers to send packets without requiring Trojan detection
features (or the complete firewall) to be disabled.

Warm regards,

Thomas F. Divine
President, PCAUSA