Review: ZoneAlarm Security Suite 6.0

Zone Labs offers the latest and feature-packed version of its excellent firewall/anti-spam/security software package

August 10, 2005

5 Min Read
Network Computing logo

Zone Labs' ZoneAlarm Security Suite is a clean, neat, light-on-its-feet suit of armor built around what is arguably the best software firewall currently available for consumers and small businesses. The outfit for battle comes complete with anti-spyware, anti-virus, program control, e-mail protection, privacy features, IM security, parental control, popup blocking, and ID lock software.

ZoneAlarm is easy to use for beginners, but comes with advanced options. The security core was designed so users can let the whole thing go on autopilot and choose how much they want to be bothered with alerts. If you're a bit more hands-on, the firewall's main page offers sliders for making decisions about high (stealth mode), medium (protected mode), and low (off) security for the Internet and your internal network (called, respectively, the Internet Zone and Trusted Zone).

You can view a list of your applications, and toggle rights for each one to Allow it access to the Internet Zone or the Trusted Zone, Block it from access to each of those areas, or Ask each time whether it should have access. Every application can be allowed or denied the right to Send Mail, as well (blocking mail rights prevents a program from being used as a mailer by a third party). When it scanned my system, I found that ZoneAlarm made pretty good calls on which rights to assign to each application, so you can get it going, then tweak later. Zone Labs also performs many of these duties for AOL, ICQ, MSN, and/or Yahoo instant messaging in its IM Protection module.

ZoneAlarm Security Suite 6.0 boasts a new level of protection. Until now, the firewall protection stopped access at the network and program level. The new protection is what ZoneAlarm calls an 'OS firewall,' built on a behavior-based strategy that monitors activity at the kernel-level. The new approach promises to quickly blow the whistle on Trojans and keyloggers by closely monitoring internal computing resources, such as vital files, registry keys, and start-up processes. When ZoneAlarm sees unusual activity between applications, it can put the kibosh on memory being read, or quash unauthorized driver and service loading.

Version 6.0 helps protect programs from hijacking, stops browser home page hijackings, and Web browser changes caused by Browser Helper Objects (DLLs that customize and control Internet Explorer). Also new to 6.0 is unsecured wireless detection, and automatic selection of the right protection for the exposed wireless network. Automatic network detection has been enhanced too — both wired and wireless.A good illustration of how ZoneAlarm can spring into action occurred when I went to use a dial-up. A hardware firewall sits between the Internet and my Ethernet network, but that firewall is useless when I dial in with a modem. Instead, ZoneAlarm's firewall responded to a barrage of attacks that never made it inside the front door. ZoneAlarm also flags unauthorized outbound attempts from the computer to the Net — whether through dial-up or Ethernet — something the hardware firewall cannot do.

Another nice feature, the Log Viewer, enabled me to tease out the location of a Trojan that was buried in a spam collection mailbox by letting me go into the threat history and find exactly where it was on my disk.

Beyond The Firewall

ZoneAlarm Security Suite offers a good many other security features besides its firewall, and has tweaked some of those as well. For example, its anti-virus module now lets you pause the scan and resume it. A new anti-spyware module features an exception list for programs that you can have Zone Labs ignore, if you wish. In tests, the anti-spyware module worked well; it even found a hacker tool (from Desaware Spyworks) that Norton missed.

This pair of tools run on demand or as scheduled, but without putting Windows' Task Scheduler in the System Tray, as Norton AntiVirus does. They can also be broken apart, in contrast to Norton Anti-Spyware, which cannot run without also running Norton AntiVirus.

For spam protection, Zone Labs partnered with MailFrontier, maker of MailFrontier Desktop. The spam filter works very well — however it's only for Outlook or Outlook Express. You must also use only one mail box.During testing, the Zone Labs filter deposited 69 emails in my Inbox, 51 in Junk, and 2 in Fraudulent. The two e-mails in the Fraud box were exactly that — phishing tools trying to get eBay account information. I only found one more fraudulent letter — a junior-league "Nigerian" scam — in my Inbox. Not a bad job, all told. You have the option to specify email objects that you want blocked or permitted; Zone Lab's also encourages users to report junk e-mail to them.

I find ZoneAlarm's approach much better than Norton's Internet Security Suite 2005 AntiSpyware Edition. Norton puts "[Norton Anti Spam]" in front of the subject of a suspected spam message (a bit of unnecessary advertising, in my opinion), and isn't nearly as efficient in distinguishing spam messages from legitimate email.

Zone Labs also offers parental controls and "Smart Filtering," which puts new and non-rated sites through a sieve as they come up. It comes with a number of Privacy features, including the ability to set permissions for cookie control, to block pop-ups and banner ads, and to automatically wipe your Web cache, temp files, Media Player history, and other historical items. An applet called "myVault" gives you a place to store personal and financial information.

ZoneAlarm Internet Security Suite is a professional, efficient software package that is not as unwieldy or commercially insistent as some of its competitors. This is a good day for the security consumer.


Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights