IPNetSentryX

IPNetSentryX is not so much a firewall as a firewall companion. It watches your network for unusual or dangerous traffic, and then blocks it. It’s geared primarily toward users who have a fair amount of technical knowledge, who know their UDP from their TCP, and who don’t need a fancy firewall front end. Simply put, it’s not for novices.

Once you’ve installed the application, you’ll have to configure it without the help of any setup wizards or assistants. Also, there’s no preference setting to have IPNetSentryX start up automatically when your Mac starts up. So, you’ll need to launch the program manually every time you boot or add it to a user account’s Login Item list.

IPNetSentryX protects against many known attacks, including several Windows-based threats (such as the Nimda virus) that might not worry you, but which could concern Windows users on your network.

Power users will find IPNetSentryX’s filtering capabilities extraordinary. With its fine-grained configuration options, you can build extremely sophisticated filters. For example, you can configure the app to not only look TCP header information, it’s also possible to have the program look for specific text strings within packets or to filter packets that are originating from a specific MAC address. The program also has excellent logging tools and bandwidth utilization controls, which advanced users will find perfect for getting a grip on what’s taking place on their network. So, if someone on your network is sucking up bandwidth by downloading large files or streaming audio or video content, you can lock them down using IPNetSentryX.

Macworld buying advice

IPNetSentryX is not for novices, nor will it protect your Macintosh single-handedly. But, if you understand how to analyze network traffic and want to keep using OS X’s built-in firewall, IPNetSentryX can be a powerful weapon in your security arsenal.

[ Jeffery Battersby is a network analyst and a regular contributor to Macworld. Testing performed by Daniel Adinolfi. ]