Tokyo PC Users Group
	  Home Page
Members Only
Become a Member
Meeting Info & Map
Corporate Members
Workshops & Training
Other Clubs
Job Hunting?

Zone Alarm Pro 3.0 Review

By Mike Lloret

I've been using Zone Labs' Zone Alarm--the free version for individual, private users--on my computers since Ralph Sumner wrote glowingly about it in the newsletter quite a while back. I know that lots of other TPC folks have been, too. I'd been happy with this security utility and firewall, had no special trouble installing or upgrading it, and was pleased enough that I was planning to buy the Pro version soon, mostly because I wanted to get back the ability to trace the origins of unwanted attempts on my systems, which is now available only in the Pro version.

Thus I jumped at the chance to review the newly released Pro 3.0 when Ken Cotton pointed one of the Zone Labs marketing people to me as the AJ editor. I'll let you find out the basics of what Zone Alarm does by reading Ralph's article in the AJ archives or by reading any of the many reviews--most of them highly positive, and rightly so--on the internet. My intention, in this article and in some brief follow-ups over the next couple of months, either in separate articles or in my Midnight Writer column, is to let you know what it is about the Pro version that makes it worth buying, when you can get the excellent and very functional free-for-individual-use version just by downloading it.

First of all, a brief rundown on my computers and how I use them. For work I've been given a Compaq Armada E500 notebook PC I've christened Twilight, and when I'm in the office it's online by dial-up connection through its internal modem pretty much all day. When I'm at home it's plugged into a wired LAN, together with Basilisk, my homemade P3 desktop system; another notebook PC; another desktop; a scanner and a couple of printers; and one of my old machines that's been given a new lease on life as a kind of gateway/file server/pseudo- router, connected to a cable modem; plus one more recently added PC connected to the LAN by wireless connection, physically located in a building across the street. So, from a security point of view, I need to be online pretty much all the time, sometimes with as many as six machines in the network, and to be able to shift files around among and to run apps, browse and do email from several machines at once, but to exclude Internet intruders. I'll discuss the other machines' roles sometime, but right now I'd like to focus on how Zone Alarm relates to the Twilight and Basilisk machines, the former sometimes networked and sometimes not, the latter always networked.

Now, ZoneAlarm Pro lets you secure your computer quickly and easily so that the trusted machines with which you're networked can access your shared resources, but Internet intruders can't use your shares to compromise your system. To configure ZoneAlarm Pro for secure sharing, all you have to do is:

  • Add the network subnet (or, in a small network, the IP address of each computer with which you're sharing the network) to your Trusted Zone.
  • Set the Trusted Zone security level to Medium. This setting allows trusted computers to access your shared files.
  • Set Internet Zone security level to High. This setting makes your computer invisible to non-trusted machines.
After uninstalling the previous version of Zone Alarm and doing the very simple installation of the new version, ZoneAlarm Pro detected my network automatically and displayed the New Network Alert. I was able to use the alert itself to add the network subnet to the Trusted Zone. A couple of other simple configuration decisions made, and I was up and running in a nice secure environment, literally in minutes. This worked the same with Basilisk and Twilight; I installed it first on Basilisk when Twilight was connected to the network but still running the old version of Zone Alarm, then I installed it on Twilight when it was not connected to the network, and reconnected it to the network later. All of the appropriate network recognition and configuration options worked as they should, without a single glitch. I should mention in passing that I recommend using Zone Alarm in connection with a good anti-virus program, and that I've had no compatibility issues between Zone Alarm and Norton AntiVirus, nor with any other app so far, including a different firewall/security program on one of the other machines in the network.

So, What's New In ZoneAlarm Pro 3.0?

The Zone Labs folks say:

New and enhanced features in ZoneAlarm Pro 3.0 include:
  • Improved user interface
  • More robust security features
  • Powerful new privacy features
  • Improved support for wireless networks
  • Improved user control
  • Improved program advice and analysis engine
I haven't been using it for long enough yet to discuss each in detail, but I will add what comments I can to what they say.

ZoneAlarm Pro 3.0 is completely re-designed with a more intuitive interface so that all users, no matter what their skill level, can secure their PCs quickly and easily. An updated tutorial and new program wizards help new users become familiar with the product while a new security overview details system security status at a glance.
I found the original interface sufficiently intuitive, even though I'm far from being a power user. The new interface is, indeed, more intuitive though, and the easy interface and the clear and helpful wizards, tutorial, and overview make setup a snap.

ZoneAlarm Pro 3.0 provides more robust security features over previous versions because it 'fingerprints' not only the applications that have been granted permission to access the Internet, but also the components of the applications at the .DLL level. This helps ensure that rogue code masquerading as a trusted application in order to gain unauthorized access cannot be inserted onto a PC .
In the course of investigating this claim, I learned some interesting stuff I hadn't known, and was led to reading about "Firehole". I'm going to be doing some more testing of this, but initially it looks as if very serious security improvements have been made.

In addition, ZoneAlarm Pro 3.0 adds powerful privacy protection features as well as ad blocking features. ZoneAlarm Pro 3.0 safeguards private information with a new cookie control feature that permits personalized Web pages from trusted sites but blocks the unapproved transfer of personal information to third-party sites. In addition, ZoneAlarm Pro 3.0 blocks Web bugs that track personal information, which can be unwittingly transmitted by viewing HTML e-mail or personalized Web pages.
Just as they say, you get a lot of control, with an easy interface, over how cookies will be handled. Experiments so far have shown me that I can set things up so that if I want I can be told--quickly and clearly but unobtrusively enough to suit me--when cookies have been blocked.

The exclusive performance-based ad blocking features found in ZoneAlarm Pro 3.0 automatically cut out slow-loading ads without affecting page loading performance. Pop-up ad control eliminates both pop-up and pop-under ads. Granular ad blocking control provides users with the ability to separately block banner ads, pop-ups/pop-unders and animations. Users may choose from traditional or performance-based ad blocking.
I'm still playing around with this feature, and I'll be reporting any further findings later, but so far I like this set of features a lot. You can, for example, choose to block any add that takes longer than 3 seconds (or another time parameter of your choice) to load. Pop-up and pop- under ads have been very smoothly blocked while the pages loaded very quickly and without trouble; when I have a bit more time, I'm going to see how it responds with some sites that I know to be very heavily mousetrapped. Stay tuned for more information about this, but my guess is that it'll come through with flying colors. Even the limited testing I've done of these features so far makes me feel that they alone would be worth the price of the Pro 3.0 version, frankly.

A redesigned, more informative AlertAdvisor includes more information about alerts generated by ZoneAlarm Pro 3.0 so users can make better decisions about the security events occurring on their PCs. In addition, ZoneAlarm Pro has improved logging facilities for better real-time analysis of these alerts. A graphical utility that maps the location of an IP address that is attempting to probe a PC protected by ZoneAlarm Pro 3.0 makes hacker tracking more useful and intuitive. A world map plots the origin of blocked probes for at-a-glance identification of the source.
Unlike other such graphical utilities, identifying information about the PC blocking the probe is not revealed while locating the perpetrator, so the user's security and privacy is not compromised
A detailed review of this functionality is going to have to wait until I have more data, but judging from how many attempts the old version blocked for me, it shouldn't take too long for me to come up with a sufficiently large sample.

ZoneAlarm Pro 3.0 contains enhanced support for local area networks, including wireless networks. Installation and maintenance of ZoneAlarm Pro 3.0 on a local area network is streamlined so it is simpler to manage network security settings for both traditional and wireless networks. A new network status display details which networks are active and whether they are 'trusted' or 'untrusted'. As new networks are identified, including wireless networks, pop-ups allow naming of the network and assignment to a trusted or untrusted Zone for easier administration.
I didn't find the installation and maintenance for network support that difficult before, but I was certainly pleasantly surprised at how effortless it was to install and configure in this new version. It's very agile about adapting to changes in the network, to the extent that I could test. I'll be experimenting some more in this area, too, but so far I have nothing but praise to offer from both the adaptability and the ease of use viewpoints.

So far, then, I'm very happy indeed, and even without having seen everything that it can do I feel that the approximately 5000 yen investment would be justified for many if not all potential users...and that means just about anybody who logs onto the Internet, in my opinion. Zone Alarm Pro 3.0 gets my recommendation already; I'll be talking more about its merits (and any demerits if I encounter such) in months to come.

© Algorithmica Japonica Copyright Notice: Copyright of material rests with the individual author. Articles may be reprinted by other user groups if the author and original publication are credited. Any other reproduction or use of material herein is prohibited without prior written permission from TPC. The mention of names of products without indication of Trademark or Registered Trademark status in no way implies that these products are not so protected by law.

Algorithmica Japonica

May , 2002

The Newsletter of the Tokyo PC Users Group

Submissions : Editor

Tokyo PC Users Group, Post Office Box 103, Shibuya-Ku, Tokyo 150-8691, JAPAN