ZoneAlarm Pro 4.0 Review

By Eric Grevstad | Posted July 07, 2003

It may not be a hit at the box office, but this summer's comic-book movie The Hulk offers a memorable image — a cute, fluffy French poodle turned into a snarling Hulk dog. Zone Labs' software firewall ZoneAlarm has become a hit in much the same way — as we noted when reviewing the previous version, the program is so novice-friendly and easy to configure it practically wags its tail, yet deters network hackers and DSL- or cable-modem probes as effectively as a ferocious Doberman.

This month's ZoneAlarm Pro 4.0 offers a handful of helpful refinements to its predecessor's recipe — not only beefing up the firewall that fights would-be hijackers or Trojan horses, but adding outbound as well as inbound e-mail scanning to ensure you don't inadvertently help to pass along the next Bugbear or Sobig, and improving its cache- and cookie-management options for protecting your privacy and saving hard-disk space as well as blocking annoying pop-up ads.

Its retail price is unchanged at $50, though Zone Labs' Web site is currently offering the 4MB download for $40 with one or $60 with two years of updates and support. (A version that adds Web-site filtering to keep kids from seeing smut or hate sites is $20 more.)

Our biggest complaint 14 months ago is still true today — ZoneAlarm Pro isn't a complete PC protection package, because it doesn't include an antivirus program as Symantec's $70 Norton Internet Security does. Nor does it help you fight the fastest-growing headache of the past year, e-mail spam. But though 4.0 isn't the major upgrade that 3.0 was, it still gives both beginners and firewall power users a lot to like. It's the Hulk poodle of the online-security world.

The Strongest Icon in Your System Tray
From a simple setup process through hand-holding tutorial and help screens, ZoneAlarm Pro makes adding firewall protection a no-brainer, even for users who don't know a port from a packet. The default settings provide ample protection for either dial-up or always-on Internet connections; while you'll need to enter your gateway system's IP address if you're using Windows' Internet Connection Sharing, ZoneAlarm otherwise takes care of the process of detecting networks — whether wired or Wi-Fi — and, in this version, walks telecommuters through the worst of virtual private network (VPN) configuration.

You can leave the program's mini-dashboard on your screen for at-a-glance viewing of Internet activity (plus a panic button to lock down your Internet connection if you're under attack), but most users will mostly leave ZoneAlarm Pro sitting quietly in the Taskbar system tray — where they won't see it unless the utility pops up a notification that it's deflected a would-be snooper. You can configure the firewall to interrupt you for every drive-by intrusion attempt, only the more serious ones (identified by a red rather than orange alert caption), or just to stay in the background.

As in past versions, each alert's "More Info" button offers thoroughly detailed yet understandable and reassuring explanations of what's happened and how ZoneAlarm Pro foiled the threat. Version 4.0 extends the utility's whois and location-map identification of doorknob-rattlers with optional forwarding of the fiend's information to the MyNetWatchman service, which tallies reports and squeals on repeat offenders to their ISPs. You and your PC remain anonymous the whole time.

Firewall Fine-Tuning and Hard-Disk Housekeeping
Version 4.0 also catches up to some firewall competitors with the option of adding your own firewall rules, supplementing its strong generic protection with ultra-precise control over allowing or blocking access attempts from specific IP addresses, sites, gateways, or subnets, using specific protocols or ports, at specific times on specific day, or any combination of the above.

Expert users can set up groups of rules, or save (back up) and restore all their ZoneAlarm Pro settings, in addition to requiring password access for any firewall adjustments. And the program is just as vigilant when it comes to outbound rather than inbound Internet traffic; while the default settings permit Internet Explorer to access the Net, ZoneAlarm's "learning mode" pops up an alert whenever an unrecognized application tries to send data — you'll naturally say "Yes, don't ask me again" for your e-mail or messaging client, but welcome the warning if it alerts you to hidden spyware on your system.

As before, ZoneAlarm's program permissions monitor not only whole applications but DLLs and other components, and sound an alarm if an Internet-allowed program has changed (possibly altered by a virus or other malware). A new feature in version 4.0 applies a similar test to outgoing e-mails: ZoneAlarm Pro's MailSafe already quarantined more than 40 types of e-mail attachments to give you a chance to think twice before opening that script or screensaver of unknown origin, but the new edition also verifies that a program has permission to send mail and warns you if a process — such as an e-mail worm — attempts to send messages to more than 50 recipients or send more than five messages in two seconds. (The parameters are adjustable.)

Put to the test on our cable-modem connection and Windows XP SP1 desktop, ZoneAlarm Pro 4.0 aced the intrusion-detection and -prevention exam at HackerWatch.org and — like version 3.0 last year — showed only one vulnerability at both the Symantec and Gibson Research ShieldsUp firewall test sites: Our PC operated in full "stealth mode," not only blocking access but not even revealing the existence of a hackable computer, on every port except port 5000 — the Windows Universal Plug and Play (UPnP) channel used to simplify connection of peer-to-peer networking devices. Real-world port 5000 threats are infinitesimally rare, but we'd still vote for disabling the port by default (you can open and close it with Gibson Research's 22K freeware utility.

ZoneAlarm Pro also protects surfers' privacy by letting you control Web sites' placement of cookies on your hard disk; the default settings say OK to temporary (session) or persistent cookies — such as your log-in or local weather information — from the sites you visit, but no to cookies from third parties (advertisers) and the private headers and "Web bugs" some sites use to track your online comings and goings.

This year's edition improves the feature by working with a new Cache Cleaner module — which offers on-demand or scheduled erasure of accumulated browser cache files, document-history lists, and temporary files — to let you specify which sites' cookies to keep and which to let Cache Cleaner sweep away.

We'd also estimate that ZoneAlarm Pro blocked some 90 percent, up from last year's 80 percent, of annoying pop-up ads (it can also block regular banner ads, animated images, and embedded JavaScript, ActiveX, or other code), though it's still maybe half a step behind our favorite, Panicware's Pop-Up Stopper — the Zone Labs interceptor fumbled occasionally on the admittedly tough job of telling pop-ups from links that open (desired) new windows.

ZoneAlarm Pro still isn't perfect — ironically, you can still argue that its toughest competitor is the firewall-only but fine-for-home-use free version of ZoneAlarm — and the company's reliance on online, with no telephone-based, tech support is still a minus sign. But it's still an exemplary combination of tech-savvy power and casual-user convenience, and our first pick for pairing with a good antivirus package as the two pillars of a smart, set-it-and-forget-it PC protection strategy.

Adapted from WinPlanet.com.

Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date