Rappore Shield 1.1

Picture this scenario-- one day you decide to go to the local Internet cafe (with a wireless hotspot, of course) to sip a latte and browse the Web. You probably use various wireless security features at home or work (WEP , MAC Filtering, etc.), and maybe a personal firewall , but you need to turn all that stuff off in order to access the public network in the cafe. As you peruse the financial Web sites and lament the condition of your tech stock-laden 401(k), another patron in the cafe (or in the apartment above, for that matter) may be remotely rummaging through your computer unbeknownst to you -- copying or deleting data, installing Trojan horses, or maybe even shadowing your Web sessions.

The $69 Rappore Shield from Rappore Technologies aims to prevent this scenario from happening by taking the concept of a personal firewall one step further. For starters, it's able to distinguish between a wireless and wired network adapter, so it lets you specifically control what traffic passes through your wireless NIC . It can block any, all, or some types of traffic, minimizing your vulnerability when participating in a public network. Perhaps more importantly, it can automatically change its security posture depending on what wireless network you're connected to, whether at home, work or on the road.

Unfortunately, Rappore Shield supports only Windows 2000 or XP. I tested it on a notebook running Windows XP Home, and the installation was straightforward and uneventful.

Rappore Shield installs a low-level driver that binds to your wireless network adapter and provides three built-in levels of security--full, limited, and none--plus a user configurable custom level. Essentially, the product allows you to keep open only the ports you need in a given situation. The only thing you need to set up is the shield level (what ports are blocked) and your location (see below).

As you might imagine, the full setting blocks all types of traffic, while the none level opens up all ports and lets network traffic flow unfettered. The limited setting allows a subset of well-known types of traffic through. This includes the most common types of traffic like Web, e-mail, and DNS, as well as various streaming media and instant messaging formats. The limited setting also permits VPN traffic like PPTP and L2TP to pass.

As mentioned earlier, Rappore Shield recognizes different location settings, defined as Home, Work, Roaming, and Alternate. One nice feature: It can automatically adjust its security posture as you move from location to location. In so doing, Rappore Shield lets you keep open only the ports you need for a specific location, and saves you the trouble of switching the settings every time you move around.

The Rappore Shield's user interface takes the form of the Microsoft Management Console (MMC) which debuted with Windows 2000 and is the standardized framework that many if not most vendors use to let network administrators configure their products in a corporate environment. Anyone who has experience working with MMCs will likely be comfortable configuring the Rappore Shield; novice users might have difficulty finding their way around as the MMC can be a bit idiosyncratic.

You can view the various configuration settings for each location by navigating through an expandable tree. Colored icons denote the level of security each location is set for: Green for full, red for none, and yellow for limited or custom. The same color scheme outlines the Rappore Shield icon in the Windows tray, providing at-a-glance status.

When configuring custom settings, it's important to know what ports your applications use, since it's not always apparent or advertised in the documentation. Although the Rappore Shield program doesn't include a list of common ports and their applications Rappore says they'll be maintaining one on their Web site for reference. There are also resources on the Web that can provide this information.

So do you need the Rappore Shield? If you never leave home with your network and already have a firewall in place, the answer is probably not. On the other hand, if you move a mobile computer with wireless access between work, home, airport, and everywhere in between, the Rappore Shield will provide you with an extra measure of convenience and security.