Product Reviews

Robust Security

Easy to use-and effective

ZoneAlarm is a personal firewall product that protects individual computers from intrusions and malicious attacks over the Internet. Long known for its "stealth mode," ZoneAlarm performs complete port blocking and can make an individual PC invisible on the Internet. In addition, it protects installed programs from being used maliciously, as well as safeguards e-mail and user privacy. It's currently used by more than 17 million users worldwide.

Because ZoneAlarm is used by experts and beginners alike, it's designed for both ends of the spectrum. For instance, a "set and forget" configuration allows the novice to get instant security with just a couple clicks of the mouse. At the other end, ZoneAlarm allows itself to be completely configured by advanced users who wish to have total control over its functions.

ZoneAlarm has the ability to watch both incoming and outgoing traffic. This feature helps eliminate unwanted transference of critical information from a user's PC to an attacker on the Internet.

Earlier versions of Zone Alarm, while effective, had a less-than-friendly user interface. With the advent of Zone Alarm Pro 3.0, the user interface (UI) has been redesigned from the ground up and is greatly improved. The UI includes an online tutorial that instructs the user on how to use this redesigned program.

If you want to know who's connecting to your PC, you can use the new graphical utility that maps the physical location of the IP address that's connecting to your PC, without revealing your own identifying information. The only problem with this feature is that is requires Internet connectivity for both the "who-is" lookup and the IP address mapping. However, it's helpful if you want to know where a user's connection is coming from. For instance, while writing this article, I was probed by a computer in Brazil, which ZoneAlarm quickly blocked.

Other security measure include new privacy protection measures with a new cookie control feature that permits you to enjoy personalized Web pages from trusted sites while, at the same time, blocking the transference of personal information back to these sites. ZoneAlarm's alerts have been improved as well. In addition, greater logging abilities help keep track of the alerts.

When you first install ZoneAlarm, you'll be taken through a wizard that asks about your Internet connection and your level of security knowledge. On the Privacy Settings page, you can block pop-up and pop-under ads, as well as third-party cookies. You can also choose the level of alert notification that is comfortable for you-from being notified of every alert to never being notified of potential threats.

The setup wizard will also ask you for a password, so be ready to give it one. This password protects the ZoneAlarm software from others user's creating their configuration set of values. If your PC is used by more than one individual, setting this password is a good idea.

If you're sharing an Internet connection in a workgroup environment, ZoneAlarm can be configured to guard this connection. During the initial setup, you'll be given the opportunity to select a check box labeled, "Setup ZoneAlarm for Microsoft Internet Connection Sharing."

One annoying element that continues to exist is also one of ZoneAlarm's greatest strengths: the ability to "fingerprint" applications at the .DLL (Dynamic Link Library) level rather than the application level. This means that in the ZoneAlarm UI, you'll sometimes see icons in the programs area that represent .DLLs, not an entire program. If you hover the mouse over the icon, you'll be given either the name of the .DLL or the service it represents. If you don't know the application with which the file or server is associated, you'll find yourself wondering if that file or application really needs to be running on your system. Zone Labs should find a way to make this part of its reporting features friendlier for the novice.

About the Author

Bill English, MCSE, MCT, CTT, is an author, trainer, and consultant specializing in network security and the Microsoft Exchange and SharePoint platforms. He owns Networknowledge, ( a consulting and training business, and has co-authored four books on Exchange 2000 Server, including The Exchange 2000 Server Administrator's Companion (Microsoft Press) and Exchange 2000 Server: The Complete Reference (McGraw-Hill/Osborne Media). He's currently working on a new book from Addison Wesley on SharePoint Portal Server 2001.


comments powered by Disqus

Subscribe on YouTube