The release of the original free Zone Alarm utility in 1999 effectively created the personal firewall market. Over the years, that initial simple tool has evolved into a range of security products, with Zone Alarm Extreme Security 2010 at the top of the food chain. Though the company never abandoned their original free utility, they did let it languish without significant updates for quite some time. Zone Alarm Free Firewall 9.2 (free, direct) streamlines basic firewall protection and adds significant bonus features, bringing the product back to preeminence in the personal firewall realm.
Interface
Zone Alarm’s main window offers the expected overview of security status and access to configuration options. It also displays several features that are not present in the free edition such as anti~virus/anti~spyware protection, Download Protection, and OS Firewall (which detects malicious program behavior). Clicking one of these takes you to a Web page with more details about the paid products and an option to buy, but it is not a hard sell. The page even notes that you may already have the missing pieces, supplied by another vendor.
Solid Protection
A full~blown personal firewall should protect your computer from attack by hackers and also prevent misuse of your Internet connection by local programs~Zone Alarm excels in both areas. It puts up maximum protection for connections in the Internet Zone~public networks, coffee~shop wireless, and such. Your local network goes in the Trusted Zone; it is still plenty secure, but you can share printers and files without hindrance. Zone Alarm passed all of my port~scan tests and fended off all Web~based attack tests.
Program control is the feature that makes some personal firewalls horribly annoying. When any program attempts to access the network or Internet, the firewall must decide whether to allow it or not. The firewall in Norton Internet Security 2010 makes all of those decisions itself, allowing access for known good programs, terminating known bad programs, and carefully watching unknowns. Zone Alarm Extreme Security makes those decisions by relying on a feature called Smart Defense Advisor, which taps into a massive database of known programs (resulting in far fewer queries for the user). The free Zone Alarm, however, has always been known for its deluge of confusing popups that ask the uninformed user to make important security decisions. Not anymore.
ZoneAlarm Free Firewall 9.2, much like Zone Alarm Extreme Security, leverages the Smart Defense Advisor. According to Check Point, this feature automatically configures firewall settings 97 percent of the time, so where the old free firewall would have overwhelmed the user with 100 popups, the current one would just display three. The only popups you will see relate to uncommon programs (ones not in Zone Alarm’s database), so you should stop and pay attention in those rare cases when Zone Alarm Free asks what to do.
Comodo Internet Security Suite 4.0, which includes a free firewall, takes a different approach to minimizing popups. Initially it assumes that all programs already on your system are valid and should be allowed network access. For each program that connects with the network it not only allows access, it creates a rule to always allow access. Thus any malicious programs already present on your system will get a free pass. I prefer the approaches taken by Norton and by Zone Alarm.
Advanced Protection
Ever since the first personal firewall appeared malware authors have been seeking ways to evade program control. Typically they will try to connect with the Internet by manipulating or masquerading as already~trusted programs. The OS Firewall feature in paid Zone Alarm products specifically detects and blocks most of these sneaky techniques, but even without that feature Zone Alarm Free does a pretty good job.
To start, any attack that relies on manipulating Internet Explorer will fail. Check Point’s Jordy Berson explained that the firewall protects its own processes using Zone Alarm’s ForceField technology, and that this protection extends to Internet Explorer. I saw this feature in action with my own test programs that launch and terminate instances of Internet Explorer. My programs had no trouble launching IE to open specific Websites, but they could not shut it down. Note: Internet Explorer is the only browser protected; you will need Zone Alarm Extreme or the standalone Zone Alarm Force Field for full protection.
I challenged Zone Alarm with a collection of leak tests, harmless programs that demonstrate techniques use to evade program control. Between the browser protection and the firewall’s own capabilities, Zone Alarm blocked all but one of the tests. Not surprisingly, Zone Alarm also resisted my every attempt at disabling it the way a malicious program might. I could not terminate any of its processes or disable its essential services. When I tried to change a Registry value to turn the firewall off I got “access denied.”
I also attacked the test system using the Core IMPACT penetration tool. Some products, Norton among them, detect and report such Web~based exploits even when the system is fully patched and hence not vulnerable. Zone Alarm Free does not do so. None of the exploits managed to penetrate the test system, but Zone Alarm took no note of those attempts. I would much prefer to know when a Website has attacked me, even if the attack failed.
Bottom Line
This new version of the ever~popular Zone Alarm firewall eliminates most popup firewall queries and adds a toolbar that blocks phishing and malware~hosting websites. The result is an excellent, free firewall.
Pros
Protects against hack attacks. Controls how programs access the Internet. Resists attack by malware. Smart Defense Advisor cuts way down on popup queries. Toolbar blocks phishing and malware~hosting websites. Includes online backup and identity protection.
Cons
Does not report attempted Web~based exploits. Toolbar includes numerous features not relevant to security.
by: Neil J. Rubenking
Please check the blogroll for link.