2.2  Conflicting software

WinRoute can be run with most of common applications. However, there are certain applications that should not be run at the same host as WinRoute for this could result in collisions.

The computer where WinRoute is installed (the host) can be also used as a workstation. However, it is not recommended — user interaction may affect performance of the operating system which affects WinRoute performance badly.

Collision of low-level drivers

WinRoute collides with system services and applications the low-level drivers of whose use a similar or an identical technology. The security log contains the following types of services and applications:

  • The Internet Connection Firewall / Internet Connection Sharing system service. WinRoute can detect and automatically disable this service.

  • The system service Routing and Remote Access Service (RRAS) in Windows Server operating systems. This service allows also sharing of Internet connection (NAT). WinRoute can detect if NAT is active in the RRAS service; if it is, a warning is displayed. In reaction to the alert message, the server administrator should disable NAT in the RRAS configuration.

    If NAT is not active, collisions should be avoided and  WinRoute can be used hand in hand with the  RRAS service.

  • Network firewalls — e.g. Microsoft ISA Server.

  • Personal firewalls, such as Sunbelt Personal Firewall, Zone Alarm, Norton Personal Firewall, etc.

  • Software designed to create virtual private networks (VPN) — i.e. software applications developed by the following companies: CheckPoint, Cisco Systems, Nortel, etc. There are many applications of this type and their features vary from vendor to vendor.

    Under proper circumstances, use of the VPN solution included in WinRoute is recommended (for details see chapter 23  Kerio VPN). Otherwise, we recommend you to test a particular VPN server or VPN client with WinRoute trial version or to contact our technical support (see chapter 26  Technical support).

    Note: VPN implementation included in Windows operating system (based on the PPTP protocol) is supported by WinRoute.

Port collision

Applications that use the same ports as the firewall cannot be run at the WinRoute host (or the configuration of the ports must be modified).

If all services are running, WinRoute uses the following ports:

  • 53/UDPDNS module,

  • 67/UDPDHCP server,

  • 1900/UDP — the SSDP Discovery service,

  • 2869/TCP — the UPnP Host service.

    The SSDP Discovery and  UPnP Host services are included in the UPnP support (refer to chapter 18.2  Universal Plug-and-Play (UPnP)).

  • 44333/TCP+UDP — traffic between Kerio Administration Console and  WinRoute Firewall Engine. This service cannot be stopped.

The following services use corresponding ports by default. Ports for these services can be changed.

Antivirus applications

Most of the modern desktop antivirus programs (antivirus applications designed to protect desktop workstations) scans also network traffic — typically HTTP, FTP and email protocols. WinRoute also provides with this feature which may cause collisions. Therefore it is recommended to install a server version of your antivirus program on the WinRoute host. The server version of the antivirus can also be used to scan WinRoute's network traffic or as an additional check to the integrated antivirus McAfee (for details, see chapter 13  Antivirus control).

If the antivirus program includes so called realtime file protection (automatic scan of all read and written files), it is necessary to exclude directories cache (HTTP cache in WinRoute   see chapter 8.5  HTTP cache) and tmp (used for antivirus check). If WinRoute uses an antivirus to check objects downloaded via HTTP or FTP protocols (see chapter  13.3  HTTP and FTP scanning), the cache directory can be excluded with no risk — files in this directory have already been checked by the antivirus.

The McAfee integrated antivirus plug-in does not interact with antivirus application installed on the WinRoute host (provided that all the conditions described above are met).