 | Home | |
|
| Members Only | |
|
| Newsletter | |
|
| Newsgroups | |
|
| Become a Member | |
|
| Meeting Info & Map | |
|
| Officers | |
|
| Members | |
|
| Corporate Members | |
|
| Photos | |
|
| Workshops & Training | |
|
| Other Clubs | |
|
| Job Hunting? | |
|
| Constitution |
Zone Alarm Pro 3.0 Review
By Mike Lloret
I've been using Zone Labs' Zone Alarm--the free version for individual, private users--on
my computers since Ralph Sumner wrote glowingly about it in the newsletter quite a while
back. I know that lots of other TPC folks have been, too. I'd been happy with this
security utility and firewall, had no special trouble installing or upgrading it, and was
pleased enough that I was planning to buy the Pro version soon, mostly because I wanted to
get back the ability to trace the origins of unwanted attempts on my systems, which is now
available only in the Pro version.
Thus I jumped at the chance to review the newly released Pro 3.0 when Ken Cotton pointed
one of the Zone Labs marketing people to me as the AJ editor. I'll let you find out the
basics of what Zone Alarm does by reading Ralph's article in the AJ archives or by reading
any of the many reviews--most of them highly positive, and rightly so--on the internet. My
intention, in this article and in some brief follow-ups over the next couple of months,
either in separate articles or in my Midnight Writer column, is to let you know what it is
about the Pro version that makes it worth buying, when you can get the excellent and very
functional free-for-individual-use version just by downloading it.
First of all, a brief rundown on my computers and how I use them. For work I've been given
a Compaq Armada E500 notebook PC I've christened Twilight, and when I'm in the office it's
online by dial-up connection through its internal modem pretty much all day. When I'm at
home it's plugged into a wired LAN, together with Basilisk, my homemade P3 desktop system;
another notebook PC; another desktop; a scanner and a couple of printers; and one of my
old machines that's been given a new lease on life as a kind of gateway/file server/pseudo-
router, connected to a cable modem; plus one more recently added PC connected to the LAN
by wireless connection, physically located in a building across the street. So, from a
security point of view, I need to be online pretty much all the time, sometimes with as
many as six machines in the network, and to be able to shift files around among and to run
apps, browse and do email from several machines at once, but to exclude Internet
intruders. I'll discuss the other machines' roles sometime, but right now I'd like to
focus on how Zone Alarm relates to the Twilight and Basilisk machines, the former
sometimes networked and sometimes not, the latter always networked.
Now, ZoneAlarm Pro lets you secure your computer quickly and easily so that the trusted
machines with which you're networked can access your shared resources, but Internet
intruders can't use your shares to compromise your system. To configure ZoneAlarm Pro for
secure sharing, all you have to do is:
- Add the network subnet (or, in a small network, the IP address of each computer with which you're sharing the network) to your Trusted Zone.
- Set the Trusted Zone security level to Medium. This setting allows trusted computers to access your shared files.
- Set Internet Zone security level to High. This setting makes your computer invisible to non-trusted machines.
So, What's New In ZoneAlarm Pro 3.0?
The Zone Labs folks say:
New and enhanced features in ZoneAlarm Pro 3.0 include:
- Improved user interface
- More robust security features
- Powerful new privacy features
- Improved support for wireless networks
- Improved user control
- Improved program advice and analysis engine
ZoneAlarm Pro 3.0 is completely re-designed with a more intuitive interface so that all users, no matter what their skill level, can secure their PCs quickly and easily. An updated tutorial and new program wizards help new users become familiar with the product while a new security overview details system security status at a glance.
I found the original interface sufficiently intuitive, even though I'm far from being a power user. The new interface is, indeed, more intuitive though, and the easy interface and the clear and helpful wizards, tutorial, and overview make setup a snap.
ZoneAlarm Pro 3.0 provides more robust security features over previous versions because it 'fingerprints' not only the applications that have been granted permission to access the Internet, but also the components of the applications at the .DLL level. This helps ensure that rogue code masquerading as a trusted application in order to gain unauthorized access cannot be inserted onto a PC .
In the course of investigating this claim, I learned some interesting stuff I hadn't known, and was led to reading about "Firehole". I'm going to be doing some more testing of this, but initially it looks as if very serious security improvements have been made.
In addition, ZoneAlarm Pro 3.0 adds powerful privacy protection features as well as ad blocking features. ZoneAlarm Pro 3.0 safeguards private information with a new cookie control feature that permits personalized Web pages from trusted sites but blocks the unapproved transfer of personal information to third-party sites. In addition, ZoneAlarm Pro 3.0 blocks Web bugs that track personal information, which can be unwittingly transmitted by viewing HTML e-mail or personalized Web pages.
Just as they say, you get a lot of control, with an easy interface, over how cookies will be handled. Experiments so far have shown me that I can set things up so that if I want I can be told--quickly and clearly but unobtrusively enough to suit me--when cookies have been blocked.
The exclusive performance-based ad blocking features found in ZoneAlarm Pro 3.0 automatically cut out slow-loading ads without affecting page loading performance. Pop-up ad control eliminates both pop-up and pop-under ads. Granular ad blocking control provides users with the ability to separately block banner ads, pop-ups/pop-unders and animations. Users may choose from traditional or performance-based ad blocking.
I'm still playing around with this feature, and I'll be reporting any further findings later, but so far I like this set of features a lot. You can, for example, choose to block any add that takes longer than 3 seconds (or another time parameter of your choice) to load. Pop-up and pop- under ads have been very smoothly blocked while the pages loaded very quickly and without trouble; when I have a bit more time, I'm going to see how it responds with some sites that I know to be very heavily mousetrapped. Stay tuned for more information about this, but my guess is that it'll come through with flying colors. Even the limited testing I've done of these features so far makes me feel that they alone would be worth the price of the Pro 3.0 version, frankly.
A redesigned, more informative AlertAdvisor includes more information about alerts generated by ZoneAlarm Pro 3.0 so users can make better decisions about the security events occurring on their PCs. In addition, ZoneAlarm Pro has improved logging facilities for better real-time analysis of these alerts. A graphical utility that maps the location of an IP address that is attempting to probe a PC protected by ZoneAlarm Pro 3.0 makes hacker tracking more useful and intuitive. A world map plots the origin of blocked probes for at-a-glance identification of the source.
Unlike other such graphical utilities, identifying information about the PC blocking the probe is not revealed while locating the perpetrator, so the user's security and privacy is not compromised.
A detailed review of this functionality is going to have to wait until I have more data, but judging from how many attempts the old version blocked for me, it shouldn't take too long for me to come up with a sufficiently large sample.
ZoneAlarm Pro 3.0 contains enhanced support for local area networks, including wireless networks. Installation and maintenance of ZoneAlarm Pro 3.0 on a local area network is streamlined so it is simpler to manage network security settings for both traditional and wireless networks. A new network status display details which networks are active and whether they are 'trusted' or 'untrusted'. As new networks are identified, including wireless networks, pop-ups allow naming of the network and assignment to a trusted or untrusted Zone for easier administration.
I didn't find the installation and maintenance for network support that difficult before, but I was certainly pleasantly surprised at how effortless it was to install and configure in this new version. It's very agile about adapting to changes in the network, to the extent that I could test. I'll be experimenting some more in this area, too, but so far I have nothing but praise to offer from both the adaptability and the ease of use viewpoints.
So far, then, I'm very happy indeed, and even without having seen everything that it can do I feel that the approximately 5000 yen investment would be justified for many if not all potential users...and that means just about anybody who logs onto the Internet, in my opinion. Zone Alarm Pro 3.0 gets my recommendation already; I'll be talking more about its merits (and any demerits if I encounter such) in months to come.
© Algorithmica Japonica Copyright Notice: Copyright of material rests with the individual author. Articles may be reprinted by other user groups if the author and original publication are credited. Any other reproduction or use of material herein is prohibited without prior written permission from TPC. The mention of names of products without indication of Trademark or Registered Trademark status in no way implies that these products are not so protected by law.
Algorithmica Japonica
May , 2002
The Newsletter of the Tokyo PC Users Group
Submissions : Editor
Tokyo PC Users Group, Post Office Box 103, Shibuya-Ku, Tokyo 150-8691, JAPAN