9 security suites: maximum protection, minimum fuss
ZoneAlarm, which has been around since the late 1990s, is well known for its free firewall; more recently, it has been marketing a full security suite. With ZoneAlarm Security Suite 2010, Check Point Software (which purchased the product from Zone Labs in 2004) has integrated its firewall and spyware-prevention products into a suite that incorporates Kaspersky's virus-scanning engine to create a full array of anti-malware, anti-intrusion capabilities.
Since ZoneAlarm Security Suite 2010 uses Kaspersky's virus-scanning engine, the anti-malware capabilities are very similar to those of Kaspersky's product. However, the company has done a good job of integrating the virus-scanning technology into the suite, providing a near seamless experience from the program's menus.
The firewall is a good fit for advanced users, since it offers granular control of ports, programs and access. The firewall manages incoming and outgoing Internet traffic, while separately managing local network traffic. That allowed me to define different access policies based upon whether or not I was talking to a local network machine or a remote, Internet-based machine.
Blocking malicious programs is easy, thanks to ZoneAlarm's SmartDefense Advisor technology, which preconfigures settings for millions of known programs and sets a trust level for each.
Unknown malware is handled by an "Auto-learn" mode, which starts by treating every unknown program as valid, allowing that program to be executed and then monitoring the activity of that program to see if it exhibits suspicious activity. Initially, all unknown applications have a rule assigned that allows continued network access. That leaves it up to ZoneAlarm to detect if the program is a problem, based upon behavior.
The goal of Auto-learn mode is to limit confusing firewall pop-up messages, making security less intrusive -- but with that comes the possibility of reduced security. If you turn off Auto-learn, then unknown programs are blocked until the user acknowledges that they are OK -- which may be more irritating, but is also more secure.
The product integrates with popular browsers and prevents malware by blocking dangerous sites. If the site is not blocked, the product allows the requested file to be downloaded. If it can't guarantee the file is good, ZoneAlarm initiates a more intense scan that analyzes the file's execution in a digital sandbox. The advanced scan starts after the download finishes and can take a few minutes.
ZoneAlarm offers integrated spam filtering, thanks to the inclusion of the SonicWall antispam component, which filters POP3 and IMAP e-mail in Outlook, Outlook Express and Windows Mail. The product also works with Microsoft Exchange. Filtering uses a combination of whitelists and blacklists, and it can protect mailing lists based on the recipient address. One nifty feature is its ability to make every new correspondent respond to an e-mail challenge the first time.
The suite features all of the expected bells and whistles, as well as a few extra capabilities such as data-leakage protection, credit report monitoring and zero-hour rootkit prevention.
ZoneAlarm has done a fine job of rolling the separate security components together into a unified suite. I found it very easy to install. Dialog boxes were kept to a minimum, requiring very little user interaction -- while that does simplify the installation, it would have been nice to be presented with a little more information, such as percentage complete and what part of the installation process was occurring.
Price: $34.95 per PC (includes one year of updates and support)
Operating systems: Windows XP/Vista/7
The support documentation and integrated help screens for ZoneAlarm Security Suite 2010 provide all the information a user could need to solve most problems or activate most features. For technically challenging situations, users can turn to e-mail support, online help, online chat and user forums. The company does offer paid phone support, but that costs $49.95 per incident.
The interface offers pull-down menus and tabs to access primary features. Choices include Firewall, Program Control, Antivirus/Antispyware, Email Protection, Privacy, Identity Protection, Parental Control and Alerts & Logs. The opening window starts with an overview screen that gives the highlights of what has been recently blocked, scanned or detected. Navigation is pretty straightforward, but some of the menus could be combined to simplify things. For example, privacy and identity protection could be combined into a single element.
Scans proved to be very fast, and the application used a minimum of CPU cycles and resources, making it effective even on older systems with low-powered CPUs and on netbooks. In most cases, test scans only increased CPU utilization by 10% or less. However, more in-depth scans of executables, which execute the applications in a digital sandbox, spiked CPU usage as high as 90% for a few seconds.
Decent reporting capabilities and pop-up notifications round out the security suite, while automated updates help to keep everything secure.
According to ZoneAlarm's PR representative, the company has not released any information about the next version of its product or about its plans for an updated version of ZoneAlarm Security Suite 2010.
All things considered, ZoneAlarm Security Suite 2010 covers the basics very well. Its integrated firewall proves to be an excellent security tool for power users who want to control and monitor all traffic in and out of a PC. I do have an issue with its Auto-learn mode -- but as long as you ignore that feature, the firewall is very good. You should also expect performance hits during in-depth scans.
Thanks to the incorporation of Kaspersky's security tools, ZoneAlarm Security Suite 2010 will protect PCs from the common ills found on the Internet, which helps to round out the product and put it into the Internet Security Suite category. The product could be a top contender with the addition of free phone support, which is the norm among the vendors in this market, and a slimmed-down interface that better hides complexity from neophyte users.
Frank J. Ohlhorst is a technology professional specializing in products and services analysis and writes for several technology publications. His Web site can be found at www.ohlhorst.net.
Read more about Security in Computerworld's Security Topic Center.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!