The Real Pro--ZoneAlarm Pro 4.0
Written: Oct 02 '03
|
Product Rating:
|
|
|
Pros: Stealth Technology. LAN setup made easy. Very easy to set up and use.
Cons: Take a few percent more resources than I'd like.
The Bottom Line: Firewalls are not an option. ZoneAlarm--in all three versions--is the best I've found.
|
|
|
| happy2000usa's Full Review: ZoneAlarm Pro 4 |
Author's Note:If the Internet had a White Hat Award for good guys--uh, good people--Zone Labs would get my vote. I do volunteer work with senior citizens, teaching computers and repairing their machines. While, like all of us, they absolutely need firewall and antivirus protection, these folks are on a limited income. Since its inception, Zone Labs has offered ZoneAlarm free of charge to home users. To my friends at the local retirement community, everyone at Zone Labs is a hero.
...On to the Review
I'm a freebie junky. I lurk CNET and ZDNET as well as other sites to catch new programs that interest me. These programs, as a rule, have a very short life on my computer. A few--you can count them on one hand--have become a staple in my software arsenal. ZoneAlarm is one of them.
I first loaded ZoneAlarm years ago, before I really needed--or thought I needed--a firewall. It was a freebie, and I was intrigued with its approach. True, it blocked detected intrusions, but its real staple was putting your computer in the stealth mode. That means when some nefarious hacker is bouncing around the web looking for a computer with an open port, your computer won't register on his or her radar. You computer hears the ping. It just doesn't respond.
The day I went to broadband, ZoneAlarm ceased being a curiosity and became a necessity.
Firewall Basics
When Robbie boomed out, "Danger, Will Robinson," I think he was warning young Will about the people who amuse themselves by putting deleterious programs on the net. Ten years ago, Virus protection was nice to have, but if you were careful about the source of your floppy disks, not necessary. When the world went online, it became essential.
Firewalls protect your computer from direct intrusions. Again, before the Internet, you didn't need one. Five years ago, before hackers developed their current expertise, they were simple. Hackers could only attack certain ports, and all the firewall program had to do was monitor and protect those ports.
Simplified, there are two firewall approaches. The first method--stemming from the earliest programs--intercepts inbound data and blocks it. The operator can override the protection, if they so desire, but it automatically defaults to the safest situation.
This approach was extended to cover computers who had already been infected with trojans and spyware. The firewall also looks at your software when it attempts to send data out of your computer. Again, the operator can override the protection by designating programs that actually have business transmitting data.
This first method is akin to standing in the schoolyard screaming, "C'mon. Hit me!" The firewall is constantly slapping down attempted intrusions and unauthorized outbound data packets. There's a better way.
Remember the old WWII submarine movies? Some poor sub captain hears the ping as an enemy sonar operator locates him, knowing the next sound will be torpedoes in the water. Our friend, the captain, would have given anything to absorb that ping, denying the attacker position and range information. While our WWII hero may have spent the next several, exciting minutes of the movie dodging torpedoes, times have changed. Some computer firewalls do absorb the ping, leaving the enemy wondering why you're not online. That's protection!
The Evolution
In the old days, ZoneAlarm came in two forms. There was the free version and the paid version. The main difference was use. If you certified you were using the program at home, it was free. If you had it loaded on a business computer, you had to pay.
It was basic firewall. The Stealth Mode was the main feature touted by the programmers, and that was enough to make it stand out. As the newer versions evolved, more features appeared. Perhaps the neatest one was a trace back capability. You got a read out of the intruder's IP address and, if you were interested, could use that on the Zone Labs website to find the name of the company/individual who owned that address. I took great delight when--after someone tried several times to access my machine--I could an email to their ISP suggesting they terminate the $#%^$#'s internet privileges.
What amazed me was the number of times my ISP checked my computer to see if I was still alive and well. I suspect this had nothing to do with their concern for my health. They were more interested to see if they could knock me off line to reduce server load.
About this time, I went to broadband. That, of course, led to sharing the DSL modem with all my various home computers. It was a new experience. Prior to that, each machine had a dial up modem, and the first one on line got the connection. With broadband, they could all surf together. ...Along with that newfound flexibility came Excedrin headache 844. I had to assign individual IP addresses to the LAN's computers and program various software applications--including ZoneAlarm--to recognize them. I found this a humbling experience.
In the subsequent years, ZoneAlarm kept evolving. Like antivirus software, as the hackers get better, firewalls have had to improve. Zone Labs added a feature to check incoming email for suspicious attachments or files. The blocking programs improved. The control panel and options got better. Then came the Pro version.
The Pro Version, in my mind, was just the paid version of ZoneAlarm. As it evolved, however, some of the features that used to be available on the free version were discontinued and migrated to the premium program. That's not to say the free version was less effective. It's still a great firewall. The Pro version just offered a paid alternative for the home user who wanted a bit more.
Now ZoneAlarm comes in three versions. There's still the basic, free version for the home user. A ZoneAlarm Plus version adds Hacker ID, Advisor Services, Password Protection, Mobile PC Protection and Expert Controls. That's $39.95. The Pro version includes all of that, but for $10 more, you get cache cleaning, cookie control, and popup/spyware blocking.
So What’s New? How is ZoneAlarm Pro Better?
The problem, as I've said many times in my reviews, with each subsequent version, programs often become bloated. Programmers add features that are of doubtful benefit to the average user. Microsoft Word is a good example. It evolved from a solid Word Processor to a behemoth with more features than I can understand--let alone use.
That's why I'm leery checking out new, improved versions. In ZoneAlarm Pro's case, I'd tested earlier Pro versions on trial, so I wondered what version 4.0 could possibly have that I couldn't live without. The program solved my dilemma immediately, knocking my socks off during the installation process.
If you're on a LAN, and if you've ever installed ZoneAlarm, you'll remember going from machine to machine, setting up the trusted zone of local IP addresses. After a session like that, it makes one want to take up a simpler hobby, like learning Mandarin Chinese or Russian. Take those razor blades away from your wrists, my friends. ZoneAlarm Pro 4.0 sets up your LAN automatically. Your only input is to name the network.
The Inbound Email Protection has been extended to 47 file types. (The standard version only checks one file type.) I'm unsure if this covers all the file types checked by my antivirus program as it looks at my incoming mail, but every backup is appreciated.
The Outbound Email Protection is new. Again, I've no comparison as to its effectiveness when compared to my antivirus program, which does the same thing, but every bit helps. This, of course, keeps you in a good supply of friends. Many viruses raid your address book and email themselves to people listed therein, often using the listings as return addresses. ZoneAlarm will help prevent your having to mass mail apologies. (Is that SPAM?)
Hacker ID used to be available on the free version, as noted above. No more. It is available on the Pro and Plus Version--and I love it. When ZoneAlarm blocks an intrusion, you can ask for more information. One tab describes the type of intrusion and the computers involved. Another tab makes suggestions on what you should do. Should you allow the intrusion or not? A third tab uses Whosis to look up the offending computer's IP address. This also includes the administrator responsible for the IP address, usually an ISP, or if the computer has a static IP, the offender's email address. See the possibilities here?
ZoneAlarm Pro 4 has Password protection. This, of course, is very significant if you're a system administrator. It's also very important to those of us with teenagers in the house. The miniature adults tend to mess with protection programs to suit their needs, usually to facilitate file transfers or IM programs. I speak from experience. I found my LAN under attack from a Trojan and discovered my little computer genius had disabled his firewall.
Advisor Services. One of my pet peeves is software without support. I don't buy software so the techies can take my money and leave on a Caribbean vacation. Knowledge bases are helpful, as are FAQ files, but they don't hack it any more than being online with a computer tech who's really a computer. I need human ears to burn! I want my pound of flesh when a program doesn't work as advertised. ...Then I need a human to whom I can apologize when--as is usually the case--the only problem with the software was the operator. Zone Labs is very responsive. Maybe not same day responsive, but you'll get your answer.
I'm not sure I should even mention Expert Controls. I am decidedly not an expert. Suffice it to say that from a philosophical standpoint, the standard, free ZoneAlarm is for standalone computers. The more advanced versions--the premium software--are for LAN's. Hence the Expert Controls.
I hinted above I was unsure if the Mailsafe feature was necessary since I run an antivirus program that checks both incoming and outgoing mail. When I questioned this, Mischa Dunton at Zone Labs made a valid point. The antivirus program is your seatbelt. ZoneAlarm is your airbag. It doesn't rely on definitions, just patterns. So, if you get a new virus in your email, one your antivirus program hasn't been updated to recognize yet, ZoneAlarm will catch the file and quarantine it. I like that! We all know there is a short delay between a new virus hitting the web and new definitions being formulated to update the antivirus program.
I suppose we could also argue about other features added to ZoneAlarm Pro 4.0. I have programs (2) that block popups. I have other software that cleans out the spyware. There are five programs on my hard drive capable of cleaning the cache and managing my cookies. Do I need ZoneAlarm to do that? That's an individual choice, but if you follow my premise of KISS--keep it simple, stupid--maybe you can replace all those other programs with one--ZoneAlarm Pro 4.0.
A Downside?
I am big on resources. I complained to Norton how much they're hogging mine with their latest antivirus versions. I was unhappy when I transitioned from the standard ZoneAlarm to the Pro version and lost yet another 4%. (Both Norton Antivirus and ZoneAlarm seem to take more with each new version. I guess it's understandable because they now have to counter an enormous number of potential threats.)
The folks at Zone Labs suggested I clean my computer and rid myself of old ZoneAlarm archive files. I did and got a fresh installation. That recovered a few percent. (Note: Other users have said the newer versions of ZoneAlarm require fewer resources. That's not been my experience.)
This cleaning process brought up a second problem. My antivirus program wouldn't load. This, I discovered, was because it was loading after the firewall, and the firewall was blocking a web check program used by Norton for both the antivirus and utilities. From the ZoneAlarm control panel, I designated the program as 'approved' and all worked fine.
The third problem has less to do with the program than my DSL router. It has the capability of loading ZoneAlarm Pro for inbound protection. The problem with this is it will only let computers running a ZoneAlarm Pro firewall access to the Internet--blocking machines running any other firewall program, even ZoneAlarm Standard. In my case, this would require buying five licenses, an expense I'm unwilling to incur. It also creates special problems for me because I use one computer to test--beta and otherwise--software. I'm currently running a different flavor of firewall on that machine, proving the value of ZoneAlarm products.
I'm sure this requirement for ZAP on every machine on the LAN has much to do with the purpose of ZoneAlarm Pro. It's designed for LAN's, but is geared to the business user. In that form of LAN, there's usually a gateway server or computer. Each end user plus the gateway should--no, must--have firewall protection. Since it's a business, the free version is not an option.
I ran a gateway for awhile. Then, like most home users, I discovered routers were cheaper than the software needed to run a gateway, and a lot less hassle. In the router configuration, computers on the LAN are essentially standalones. They can access each other and trade files. They share the broadband modem. They're still fully functional on their own--no gateway or server required. I opted NOT to install ZoneAlarm Pro on the router. That way, I have the option of running the standard ZoneAlarm on each computer.
Note: I have suggested to Zone Labs a modification to the Pro version for home users who are eligible for the free ZoneAlarm. It would involve buying ZoneAlarm Pro for the router and still being able to run ZoneAlarm Standard on the LAN computers. I guess I'm a glutton for punishment, wanting to go through the hassle if they take my suggestion. Maybe it would be worth buying a Pro license for each computer just to let it automatically configure the LAN setting on the firewalls.
Options
Zone Labs has agreements with several software companies and offers a few optional bundles with ZoneAlarm. For a small increased price, you can opt for MailWasher, Anonymizer Private Surfing, or PestPatrol.
MailWasher is an anti-SPAM program that also checks for email viruses.
Anonymizer hides your private data, including your IP address, while you surf. If 'they' don't know who you are, then 'they' can't add you to any databases.
PestPatrol removes Spyware and Adware, Remote Access Trojans (RATs,) Keystroke Loggers, Denial-of-Service (DoS) attack agents, and has probe tools that search for vulnerabilities a hacker can exploit
As a general rule, if you purchase the ZoneAlarm bundle, you'll get a discounted price on these other programs.
Worth the Price?
To me, it's worth counting the moths in my wallet, but each person has to make his or her own decision. The standard--free--version works well, but lacks some whistles and bells I really like: Password Protection, Hacker ID, and that nifty auto-recognition program to set up your LAN.
If you want to consolidate cache cleaning, blocking popups/adware, and cookie control, the Pro version is for you. If you don't, I think the Plus version is an excellent alternative. It also comes with multiple license discounts if you intend to put it on several machines.
No matter what version you decide upon, ZoneAlarm remains the best--in my opinion--firewall program available. A few of the others I've tried have come close, but no banana. I just keep coming back to Zone Labs products.
Recommended:
Yes
|
|
|
|
Epinions.com ID:
happy2000usa
|
 - Top 1000 |
|
Member: Wayne Arnold
Location: Tracy, California, USA
Reviews written: 97
Trusted by: 170 members
About Me:
Writer, editor, beta tester, pilot, traveler. I'm an easy mark, always evaluating new software.
|
|
|
- Add to My Yahoo!: 
- Add to Google Homepage: 
© 1999-2008 Shopping.com, Inc.