Firewall fire sale: Free ZoneAlarm makes it to Vista
On another subject, the security vendor swears to hack Vista kernel if necessary
Check Point Software Technologies Ltd. today launched a Windows Vista version of its flagship ZoneAlarm firewall and blamed the delay on a switch to the new operating system's application programming interfaces (API).
The Vista version of ZoneAlarm, a two-way firewall that will continue to be given away, is the first from a major security vendor to apply Vista's Windows Filtering Platform (WFP) API, said Laura Yecies, the general manager of Check Point's consumer security line.
"This is a bit later than we would have liked," said Yecies, noting the four-month lag between Vista's retail release and ZoneAlarm's appearance. "We underestimated the schedule impact of WFP. But long term, WFP will give us more support and more stability on Vista. It was a lot of extra work, but we'll have to do fewer hacks in the future."
WFP, a new Vista architecture that lets developers tap into the TCP/IP processing path, was a hard row to hoe. "At times, it seemed like we were an extension of Microsoft QA. They patched and made changes based on what we found while we were developing," Yecies said. Microsoft used WFP to create its own Windows Firewall, which is bundled with Vista.
Even so, Check Point is committed to keeping ZoneAlarm a free download.
"It's very important to who were are," Yecies said. Zone Labs Inc., which was acquired by Check Point in 2004, made its name by giving away the firewall. "And we think it's the right thing to do," she said. "Our paid users live in a safer world because there are 20 million more protected by the free firewall."
Check Point touted ZoneAlarm, also the foundation of the ZoneAlarm Internet Suite that was released today for Vista, as an "operating system-level" firewall. "Eighteen months ago, we decided that the firewall had to operate at the lowest level of the OS, to monitor every call, every program," said Jordy Berson, ZoneAlarm product manager.
"There are so many new threats that we need a behavioral-based firewall" to detect and defeat more insidious attackers, including rootkits and drive by-installed keyloggers, Berson said. "ZoneAlarm does for the computer itself what it was already doing for the network," she said. The Vista firewall tracks 30 different behaviors, such as API calling, logging keystrokes or injecting code, then decides if what it's seeing is safe. If not, it shuts down the process as a more traditional firewall shuts down access to the Internet when it spots a rogue.
ZoneAlarm's delay had nothing to do with the brouhaha last year over access to the kernel in the 64-bit version of Vista, Yecies said. Last fall, several security vendors, including Check Point rivals Symantec Corp. and McAfee Inc., pressed Microsoft to back off its PatchGuard kernel-protection technology. Eventually, Microsoft agreed. In December, the company released draft APIs.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Enhancing Application Protection and Recovery with a Modern Approach to Snapshot Management This CommVault Business Value and Technology White Paper explains how Simpana IntelliSnap® Recovery Manager can make your application recovery fast and reliable.
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts