ZoneAlarm Plus & ZoneAlarm Pro v3.1

ZoneAlarm Plus & ZoneAlarm Pro v3.1

Reviewed by: Howard Carson, send e-mail
Published by: ZoneLabs, go to the web site
Requires: IBM PC or 100% compatible, Pentium 450 MHz or higher, Microsoft Windows 98/Me/NT/2000 and XP, 64MB or higher, 10MB hard disk space
MSRP: US$39.95 (Plus), $49.95 (Pro) )

A computer firewall is a program which runs in the background, quietly scanning all requests for information trying to enter or exit your computer via the phone line, cable/DSL modem or network to which your computer is attached. Firewall software is designed around a set of access rules which can be modified or at least controlled to some extent by a user. Any information request which doesn't obey the rules is halted, after which the user is either notified and asked for further instructions or the offending request is simply aborted and logged for later viewing and investigation.
<MAP NAME="boxmap-p8"><AREA SHAPE="RECT" COORDS="14, 200, 103, 207" HREF="http://rcm.amazon.com/e/cm/privacy-policy.html?o=1" ><AREA COORDS="0,0,10000,10000" HREF="http://www.amazon.com/exec/obidos/redirect-home/kickstartnews-20" ></MAP><img src="http://rcm-images.amazon.com/images/G/01/rcm/120x240.gif" width="120" height="240" border="0" usemap="#boxmap-p8" alt="Shop at Amazon.com">

What's an offending request? Everything from pop-up advertising, web sites trying to place an executable (program) on your system, Trojan Horse viruses trying to send data from your computer to someone else, e-mail attachments trying to run on or enter your computer, or another computer user attempting to enter your computer via one of the so-called ports in your network, e-mail or Internet access setup.

I've been a registered user of ZoneAlarm Pro for several years. I started using a personal firewall when Network Ice released their BlackIce product. But after seeing BlackIce more or less derided by Steve Gibson's online security test (Gibson Research at www.grc.com) I decided to switch to the freeware version of ZoneZlarm. A brief experimental period with the very capable Norton Personal Firewall in 2001 didn't convince me to switch.

In any event, you need to use protection. Cable, DSL, satellite and dial-up Internet service providers don't provide firewalls. If you're diligent about not opening file attachments unless they've been checked by fully up-to-date antivirus software, and if you're also diligent about keeping specious interests out of the home and office, and if you stay away from questionable web sites, the final loop which closes the basic security net is likely to be firewall software. If your whole operation - from a single home computer to a two computer home network, all the way up to a large office network - sits behind a router, then you're already experiencing some firewall protection. In such a situation, it's likely that anyone outside your network can only see the router's connection to the Internet, not your individual computers.

Of course larger networks require open ports for all sorts of reasons, creating greater vulnerability to attacks. There are also lots of worms, trojans and other computer viruses which enter home and business computers via file attachments, install themselves, then propagate further by sending information through any available Internet connection. One of the key features of ZoneAlarm has always been its ability to monitor incoming and outgoing traffic and force you to give specific permission for a program to access the Internet. After ZoneAlarm (any version) is installed, it asks you for permission to allow Internet and network access to programs as you use them. You can set a flag to always permit access by certain programs so ZoneAlarm doesn't have to ask again. If a program you're unfamiliar with requests Internet or network access, ZoneAlarm's dialog pops up. You can look up the program and its function before allowing access.

But is it any good you ask? The answer is a resounding yes! There are a couple of caveats mind you, the most important of which is that you absolutely have to read the product documentation before customizing the default installation of the software.

ZoneAlarm is available in three flavors: ZoneAlarm (freeware), ZoneAlarm Plus (retail) and ZoneAlarm Pro (retail). While it doesn't have the deeply comprehensive configuration options of Plus or Pro, ZoneAlarm is free and more than sufficient for the majority of home users. Plus is meant for moderately active Internet users and SOHO (although most small businesses can also make excellent use of Plus). Pro is designed for power users, SOHO, small business and big business.

We'd really like to see ZoneAlarm integrated with some Antivirus software. The combination is natural and should be irresistible to many consumers. SystemSuite 4 (originally owned and developed by Mijenix then Ontrack and now VCOM - www.v-com.com) is a great example of a solid, comprehensive system utility combining top-ranked virus protection with an effective and thoroughly tested firewall. Symantec's Norton Internet Security bundles top-rated virus protection and a good personal firewall. ZoneLabs has decided to continue concentrating on their excellent and nearly eponymous firewall software without expanding into or bundling with an antivirus program. Basic protection from unusual e-mail attachments is provided by ZoneAlarm however - it will rename the file extension of any unknown attachment to prevent it from executing automatically.

Cons: If you're using SystemSuite 4 or higher, disable its built-in NetDefense firewall because it does not get along with ZoneAlarm Plus or ZoneAlarm Pro. Unfortunately, some programs apparently don't like their processes interrupted by ZoneAlarm's protective activity (the pop-up access request dialog) and will either halt or, in rare cases, crash. We can't tell if this is a Windows or an application problem. If you use one of the newer home routers and ZoneAlarm, good luck get up and running with Microsoft's NetMeeting. You'll need to open about 7 ports using ZoneAlarm's configuration settings and the configuration settings in your Router - not for the faint of heart.

Pros: The new user interface is much better than v2.x. There are AlertAdvisor improvements, configurable start-up XML firewall rules and optimized installation. Smart blocking of slow-loading ads on Web pages. Effective pop-up ad blocking. Home and office network users will love the way this version of ZoneAlarm allows identification and naming of all detected networks - very handy when firewalling computers connected via Wireless Access Points. Protects against incoming hacker attacks as well as preventing outgoing information from programs you haven't authorized for Internet access. Best of all, you don't need to know anything technical about any of this because the user interface and the configuration is set up properly right out of the box. Best of Breed to date. Recommended.

Letters to the Editor are welcome and occasionally abused in public. Send e-mail to: whine@kickstartnews.com