If you had a personal computer in the late 90s, you probably thought that firewall protection was something that businesses needed, not consumers.
It took the ZoneAlarm crew years to get out the message that consumers need firewall protection too.
From its original red, orange, yellow, white, black, striped, spotted user interface to the modern 2017 edition, Check Point’s ZoneAlarm Free Firewall has evolved with the times.
It remains an excellent choice if you want firewall protection above and beyond what’s built into Windows.
The product installs in a jiffy and goes to work right away.
Its main window, featuring pale greys, greens, and blues, is dominated by three big panels labeled Antivirus, Firewall, and Identity & Data.
The Antivirus panel is greyed out, on the assumption that you’ve chosen to use this product alongside your preferred antivirus, perhaps AVG AntiVirus Free or Panda Free Antivirus.
By clicking Install, you can convert your installation into Check Point ZoneAlarm Free Antivirus+ 2017.
I’ll review that product separately.
Hack Attack ProtectionZoneAlarm hasn’t changed appreciably since last year’s release, which means it’s still quite effective at fending off network-based attacks.
I hit it with port scan tests and other Web-based attacks, and it kept them all at bay.
It put all of the system’s ports into stealth mode, meaning they wouldn’t even be visible to an attack across the Internet.
ZoneAlarm practically invented the concept of hardening a firewall against direct attack.
I couldn’t terminate its processes or interfere in any way with its Windows services; my attempt just hit an “Access denied” message.
I could not find a way to turn it off by manipulating the Registry, either.
Intrusion prevention is a feature often associated with firewall technology, but it’s not quite the same thing. When I attacked my test system using 30-odd exploits generated by the CORE Impact penetration tool, ZoneAlarm didn’t react at all.
The attacks didn’t penetrate security, as the test system was fully patched.
The newly revived Symantec Norton AntiVirus Basic detected nearly two-thirds of those same exploits at the network level, ensuring that they never even reached the test system.
The firewall in Kaspersky Internet Security also did well, actively blocking about half of the exploits.
ZoneAlarm assigns networks to the Public Zone or the Trusted Zone.
By default, security is cranked to the max when you’re connected to a public network. You can connect through the network, but nothing on the network can connect back to you.
In the Trusted Zone, security defaults to medium, making things like file and printer sharing possible.
Application ControlThe firewall that’s built into modern Windows versions is quite effective at preventing outside attack.
The main reason to use a third-party firewall is that you also get application control, meaning the firewall ensures that applications don’t misuse your Internet or network connection.
Very early editions of ZoneAlarm used to rely on you, the user, to decide which programs should be allowed network access.
Confusing popup queries dazzled users.
Block or allow? Who knows! In later years, the company added an online database of known programs. ZoneAlarm can automatically assign appropriate network permissions to just about any commonly used program. Kaspersky Internet Security uses a similar database of trusted programs and restricts what unknown programs can do.
If you dig into settings, you’ll find a slider that sets a security level for application control, with stops for Off, Min, Med, and Max.
At the default Med (for medium) level, ZoneAlarm screens some, but not all, programs.
I found that it detected my hand-coded browser’s attempt at Internet access, but automatically allowed it access.
Raising the protection level to Max caused ZoneAlarm to pop up the expected query, asking whether to allow Internet access by an unknown program. However, it had other effects as well.
At this protection level, a behavior-based detection component called OSFirewall goes into high gear, reporting on a wide variety of activities that might be performed by malware, but could just as likely involve valid software.
Indeed, when I tried to install 20 PCMag utilities, ZoneAlarm popped up at least one warning for each. One utility installer triggered four warnings.
A similar feature in Comodo Firewall 8 (which hasn’t been updated for several years) generated more (and more alarming) warnings.
Identity and Data ProtectionIn ZoneAlarm’s Identity & Data page, you’ll find a number of additional ways to protect your security.
For starters, you can activate 5GB of online backup hosted by ZoneAlarm partner IDrive. Of course, you could get the same free 5GB directly from IDrive. Note that the commercial IDrive is a PCMag Editors’ Choice for online backup.
Identity Guard, another ZoneAlarm partner, provides a year of free, simple identity protection. Once you sign up and enter your details, it alerts you to events like identity verification and possible account takeover. You also get access to identity theft assistance.
The Identity Lock feature offers a completely different type of protection for personal data. You start by adding data to the data vault. ZoneAlarm stores 15 specific types of data, among them credit numbers, eBay passwords, and mother’s maiden name.
There’s also a catch-all Other category.
For each personal data item, you can choose whether to accept the default one-way encryption.
If you disable this feature, your stored data could itself become a security risk. Likewise, you’ll want to leave checked the boxes that ask for protection on the Web and in email.
If you’ve set Identity Lock to high protection, it simply won’t allow any of your vault data to be transmitted from your computer, unless it’s going to a site that you’ve defined as trusted.
The private data gets replaced by asterisks.
At the medium setting, Identity Lock gives you a warning, and an option to abort transmission of the data.
I did find in testing that the data was sent despite my attempting to deny it.
And Identity Lock can’t protect data sent to secure (HTTPS) websites.
An Easy WinnerThere was once more competition in the third-party firewall realm, but the steady improvement in the built-in Windows firewall has thinned the ranks.
It’s especially rough for paid firewalls, given that firewall protection comes with Windows.
ZoneAlarm remains an Editors’ Choice for firewall protection.
It does what it’s meant to, and adds some dandy bonuses.
Comodo Firewall 8 is also an Editors’ Choice, though I’d like to see a new, updated version.
If you want firewall protection above and beyond what Windows offers, and don’t want to shell out cash for it, either of these will serve.
Back to top
PCMag may earn affiliate commissions from the shopping links included on this page.
These commissions do not affect how we test, rate or review products.