Windows comes with firewall protection built in, and you can get enhanced third-party firewall protection for free. Why, then, would you pay for a third-party firewall tool like Check Point’s ZoneAlarm PRO Firewall 2017? There’s one very simple reason—the free version of this tool is only for use in noncommercial settings, so if you want to use it in a business, you must pony up. Also, this version includes premium tech support, advanced control of firewall settings, and, new in this edition, a very effective antiphishing component.
At $39.95 per year for a single license, ZoneAlarm costs the same as most standalone antivirus products. In fact, it’s the same price as Check Point ZoneAlarm PRO Antivirus + Firewall. Unless you already have antivirus protection, the latter may be a better choice. Note that the firewall’s per-license price goes down if you buy multiple licenses. You get five licenses for $59.95 per year, for example.
Except for the antiphishing component, which is strictly a browser extension, the paid edition’s basic feature list is identical to what you get in the free ZoneAlarm firewall. Advanced features only appear as you drill down. However, this edition’s main window is laid out quite differently. It still has three large panels, but they’re titled Antivirus & Firewall, Web & Privacy, and Mobility & Data. Each panel includes three or four components, the majority of which are grayed out and unavailable. For example, on the Web & Privacy panel, Parental Control, Anti-Keylogger, and Anti-Spam are all grayed out. The full Check Point ZoneAlarm Extreme Security 2017 suite uses precisely the same layout, but in the suite all of the components are active.
Shared FeaturesAs noted, this product’s features include everything that you get in Check Point ZoneAlarm Free Antivirus+ 2017. I’ll summarize my findings here; to get full details, read my review of the free edition.
The central firewall component stealths all ports against outside attack, and also controls network permissions for all programs. It draws on a huge database to configure permissions for known programs and, by default, makes its own decisions about unknowns. If you crank up protection to the max, it notifies you when an unknown program attempts to access the network, asking you whether to allow or block access.
At this maximum security level, the OSFirewall component generates a lot of suspicious behavior warnings for both good and bad programs. To be fair, the same is true of Comodo Firewall 8, which generated even more and direr warnings in testing.
ZoneAlarm doesn’t attempt to block exploit attacks at the network level in either the free or paid edition. However, none of the attacks I used for testing actually penetrated the test system’s security. And I couldn’t find any way that a malicious coder could disable firewall protection programmatically.
You get 5GB of hosted online backup from partner IDrive, a PCMag Editors’ Choice for online backup, as well as a year of credit monitoring from another partner, Identity Guard. And the Identity Lock feature prevents inadvertent transmission of user-defined private data via the Web or email.
One significant difference in this edition becomes visible when you choose Technical Support from the Help menu. In the free edition, doing so takes you to a page with links to community forums, knowledge base articles, and support for product installation. The paid edition offers premium support, stating, “A Certified Expert can help you now! Our experts will connect to your computer over the Internet and repair your problem in no time.”
Advanced FirewallThe firewall component in the free edition is titled Basic Firewall; this changes to Advanced Firewall in the PRO edition. Where the free edition allows you to make broad changes to settings for the Trusted Zone and Public Zone, this paid version offers extremely fine-grained control over what network events are permitted in each zone. Unless you’re a network wizard, you shouldn’t touch these settings. Likewise, only a firewall expert should consider using the advanced option to manually define firewall rules.
Application control also gets some added features in this app. You can enable Advanced Application Control, Advanced Interaction Control, and Component Control, among others. Be warned; enabling these features will usually cause more popup alerts.
The point of these advanced monitoring tools is to detect malware attempting to subvert valid programs, or otherwise evade the firewall’s notice. However, they may also report activity by legitimate programs, so you should examine the situation carefully before blocking network activity. If you don’t feel you have the expertise to make such decisions, you’re better off not enabling these features.
Real-Time Phishing ProtectionZoneAlarm has a bit of history with phishing protection. Up until last year’s edition, phishing protection came as part of a licensed toolbar. Those using free products were required to accept the toolbar, along with a change to the default search engine and home page. Last year’s release removed the toolbar (and its phishing protection) from the entire product line. Now antiphishing is back, and better than ever, but only in the for-pay products.
Where data-stealing Trojan malware must weasel its way past your security software, a phishing attack only needs to fool you, the user, into giving away your credentials. These fraudulent websites masquerade as financial sites, webmail sites, even online gaming sites. If you enter your username and password, the attacker owns your account.
But here’s an important point—nothing happens until you enter your credentials. It’s not like a drive-by download, where merely visiting the site can infect your computer. That being the case, ZoneAlarm doesn’t check sites for signs of phishing until the moment you click in a username or password field. At that point it visibly launches a scan of the page. It doesn’t spend time checking sites against a blacklist, or running heuristic phishing detection on every site you visit. This is an innovative solution, and I won’t be surprised if other vendors follow suit.
I tested ZoneAlarm by setting up five test systems, one protected by ZoneAlarm, one by long-time phish phighter Symantec Norton AntiVirus Basic, and ones testing each of the protective technologies built into Chrome, Firefox, and Internet Explorer.
For this test I always use sites that have been reported as fraudulent, but haven’t been checked and blackisted yet. Typically, they’re no more than a few hours old. Since the actual URLs differ for each test, I report not the raw detection percentages but the difference in detection rates.
Quite a few recent products can’t even outperform the protection built in to Chrome, or Internet Explorer. Only a very few do better than Norton. Kaspersky Anti-Virus tops the list, with a detection rate 4 percentage points higher than Norton’s. ZoneAlarm resides among the elite of antiphishing, with precisely the same detection rate as Norton, and quite a bit better than all three browsers. Tested simultaneously with Norton, Trend Micro Antivirus+ Security also did well, lagging just 2 percentage points behind Norton.
However, there’s one fly in the ointment. At present, the antiphishing extension is available only for Chrome. Until it works with all major browsers, its protection won’t help every user.
See How We Test Security Software
Good for Experts ZoneAlarm PRO Firewall includes everything you get with Editors’ Choice ZoneAlarm Free Firewall, plus advanced firewall settings, premium support and (for Chrome users) phishing protection. It’s also an Editors’ Choice, naturally. But it’s hard to see why you’d pay for it, unless you’re a network expert, or you’re using it in a commercial setting. Even then, for the same price you can get everything in this product plus Kaspersky-powered antivirus. It’s an oddity; an excellent product that I don’t recommend for most users.
Back to top