Easy to use-and effective
- By Bill English
ZoneAlarm is a personal firewall product that protects individual computers
from intrusions and malicious attacks over the Internet. Long known for
its "stealth mode," ZoneAlarm performs complete port blocking and can
make an individual PC invisible on the Internet. In addition, it protects
installed programs from being used maliciously, as well as safeguards
e-mail and user privacy. It's currently used by more than 17 million users
Because ZoneAlarm is used by experts and beginners alike, it's designed
for both ends of the spectrum. For instance, a "set and forget" configuration
allows the novice to get instant security with just a couple clicks of
the mouse. At the other end, ZoneAlarm allows itself to be completely
configured by advanced users who wish to have total control over its functions.
ZoneAlarm has the ability to watch both incoming and outgoing traffic.
This feature helps eliminate unwanted transference of critical information
from a user's PC to an attacker on the Internet.
Earlier versions of Zone Alarm, while effective, had a less-than-friendly
user interface. With the advent of Zone Alarm Pro 3.0, the user interface
(UI) has been redesigned from the ground up and is greatly improved. The
UI includes an online tutorial that instructs the user on how to use this
If you want to know who's connecting to your PC, you can use the new
graphical utility that maps the physical location of the IP address that's
connecting to your PC, without revealing your own identifying information.
The only problem with this feature is that is requires Internet connectivity
for both the "who-is" lookup and the IP address mapping. However, it's
helpful if you want to know where a user's connection is coming from.
For instance, while writing this article, I was probed by a computer in
Brazil, which ZoneAlarm quickly blocked.
Other security measure include new privacy protection measures with a
new cookie control feature that permits you to enjoy personalized Web
pages from trusted sites while, at the same time, blocking the transference
of personal information back to these sites. ZoneAlarm's alerts have been
improved as well. In addition, greater logging abilities help keep track
of the alerts.
When you first install ZoneAlarm, you'll be taken through a wizard that
asks about your Internet connection and your level of security knowledge.
On the Privacy Settings page, you can block pop-up and pop-under ads,
as well as third-party cookies. You can also choose the level of alert
notification that is comfortable for you-from being notified of every
alert to never being notified of potential threats.
The setup wizard will also ask you for a password, so be ready to give
it one. This password protects the ZoneAlarm software from others user's
creating their configuration set of values. If your PC is used by more
than one individual, setting this password is a good idea.
If you're sharing an Internet connection in a workgroup environment,
ZoneAlarm can be configured to guard this connection. During the initial
setup, you'll be given the opportunity to select a check box labeled,
"Setup ZoneAlarm for Microsoft Internet Connection Sharing."
One annoying element that continues to exist is also one of ZoneAlarm's
greatest strengths: the ability to "fingerprint" applications at the .DLL
(Dynamic Link Library) level rather than the application level. This means
that in the ZoneAlarm UI, you'll sometimes see icons in the programs area
that represent .DLLs, not an entire program. If you hover the mouse over
the icon, you'll be given either the name of the .DLL or the service it
represents. If you don't know the application with which the file or server
is associated, you'll find yourself wondering if that file or application
really needs to be running on your system. Zone Labs should find a way
to make this part of its reporting features friendlier for the novice.
Bill English, MCSE, MCT, CTT, is an author, trainer, and consultant specializing in network security and the Microsoft Exchange and SharePoint platforms. He owns Networknowledge, (www.networknowledge.com) a consulting and training business, and has co-authored four books on Exchange 2000 Server, including The Exchange 2000 Server Administrator's Companion (Microsoft Press) and Exchange 2000 Server: The Complete Reference (McGraw-Hill/Osborne Media). He's currently working on a new book from Addison Wesley on SharePoint Portal Server 2001.