While former NSA-er Edward Snowden has demonstrated his own particular method to...
ZoneAlarm Free Firewall 2013 Review
ZoneAlarm Free Firewall 2013 does everything a free firewall should, and includes a number of bonus features that are relevant to security. It’s tough, it blocks hackers, and it manages program control without a deluge of popups. Sure, commercial product do even more, but ZoneAlarm remains Editors’ Choice for free firewall protection.
(5) Editor’s Choiceout of
- Quick, simple install
- Resists direct attack
- Protects against Web-based attack
- Handles program control without too many popups
- Blocked all leak tests
- Comes with a year of credit protection
- Facebook privacy test
- Can block tracking cookies
- 5GB free online backup
- No exploit protection
- Behavior-based OSFirewall flags both good and bad programs
- Phishing protection didn’t beat Internet Explorer alone
ZoneAlarm has been promoting firewall protection to consumers for ages and ages, since before most people even thought they needed a personal firewall. The current ZoneAlarm Free Firewall 2013 offers the same tough and practical protection as always, with some useful new security bonuses including a Facebook privacy checker and a tool to block advertisers from tracking your browsing habits.
As long as you accept the default settings, installation can be quick and simple. Click once for a quick install, click again to accept installation of the useful ZoneAlarm toolbar. Those two clicks gets the process started. After a reboot, you’re protected. Simple!
The main window features three large panels that reflect security status in three areas: Antivirus, Firewall, and Identity & Data. The first one, Antivirus, is disabled at install. If you’re already running a different antivirus, you’ll naturally want to leave it disabled. But if you need antivirus protection you can just click to install it. I’ll be reviewing ZoneAlarm Free Antivirus & Firewall 2013 separately.
Tough, Practical Firewall
ZoneAlarm pioneered the concept of hardening the firewall against interference by malicious programs. It’s no surprise, then, that I couldn’t disable its protection using attacks that might be replicated in software by evil coders. It doesn’t store status items like “firewall disabled” in the Registry, and I couldn’t kill it using Task Manager. When I tried to disable its essential TrueVector service, I got an “access denied” message.
ZoneAlarm correctly stealthed all of my test system’s ports, making it invisible to outside attack. It resisted all of my port scan tests and other Web-based tests, though it didn’t specifically report attacks the way Outpost Firewall Pro 8 did.
Like Comodo Firewall (2013), ZoneAlarm doesn’t attempt to block exploit attacks at the network level. Just to be sure, I turned on all of its alert options and attacked the test system using the Core IMPACT penetration tool. None of the 30 exploits I used actually compromised the full-patched test system, but ZoneAlarm didn’t actively block them. Serious exploit protection generally comes with high-end firewalls like what you find in Norton Internet Security (2013) and Kaspersky Internet Security (2013).
Norton and Kaspersky also handle all program control issues internally, without fobbing off security decisions on the user. In ages past, ZoneAlarm was famous for bombarding the user with popups asking whether this or that program should be allowed Internet access. Now it uses the SmartDefense Advisor database to automatically configure access for a vast number of known programs. If you do get a popup query from ZoneAlarm, look at it carefully and verify that the program is something you installed yourself.
When Internet access is allowed only for trusted programs, some malicious programs try to connect by subverting a trusted program. Leak tests demonstrate these sneaky techniques without including a malicious payload. ZoneAlarm detected every single one of the leak test utilities I threw at it. Comodo didn’t catch any of these, though its Behavior Blocker offered to isolate them. Outpost flagged all of them, but a handful managed to connect despite its efforts.
ZoneAlarm includes a feature called OSFirewall that monitors applications and warns when they perform suspicious activities. Comodo and Outpost also include behavior-based protection. In all three cases, the decision whether to allow a behavior defined as suspicious falls to you, the user.
When I tried to install twenty older PCMag utilities, ZoneAlarm popped up at least one warning for about 80 percent of them. Most often it warned that the installer was trying to “gain access to privileged resources” or set a program to run at startup. In most cases, denying the suspicious activity terminated the installation or prevented the program from functioning correctly.
Comodo handled these same programs by offering to run the installer in isolated mode, or run the program in partially limited sandbox mode. A couple of installers worked fine regardless, but five of the twenty totally wouldn’t work, and all of the rest displayed one or more error messages. In the end, just seven of the twenty utilities installed and ran correctly.
Outpost was the most prolific with its popup warnings. One installer generated eight distinct popups! It color-codes the popups, green for less-risky behavior, red for actual problems. In testing, I clicked Allow for green popups, Block for red ones. Had I blocked them all, almost none of the installation would have succeeded.
Regardless of which product you’re using, if you see such a warning while installing a program you’re sure is valid, just allow it. If you’re unsure, try denying it after unchecking the box that tells ZoneAlarm to remember your decision. And if you get overwhelmed by popups, consider switching to a security suite like Norton or Kaspersky, one that handles all these decisions internally.
ZoneAlarm does its best to keep you from losing sensitive information to fraudulent sites. When it detects phishing, it freezes the browser and displays a big warning. I like the fact that you can see the fraudulent page behind the warning. If the page looks just like PayPal but the URL is www.ImAScammer.ru, it’s pretty clear you shouldn’t go there.
If the page looks suspicious but can’t be clearly identified as fraudulent, ZoneAlarm slides in a yellow warning banner at the top of the page. You can click a link in this banner (or in the phishing popup) to get a detailed check of site information. A button in the ZoneAlarm toolbar lets you get that same info for the current page, whether it’s good or bad.
Last time I tested ZoneAlarm’s phishing protection it was one of the few to score better than Internet Explorer 8. The current crop of phishing sites must be tougher. ZoneAlarm’s detection rate came in 47 percentage points lower than Norton’s and 16 percent below Internet Explorer’s. Interestingly, ZoneAlarm combined with Internet Explorer would have come in just 8 percentage points below Norton. The lesson is clear—don’t turn off Internet Explorer’s SmartScreen Filter.
The article How We Test Antiphishing explains my methodology for this test.
ZoneAlarm Free Firewall 2013 antiphishing chart
The antiphishing component protects you from giving away private information to frauds. ZoneAlarm also offers direct protection for your online identity, powered by Intersections. You can activate a year of “Good Start” Identity Guard credit protection for free, simply by entering your personal details. Do note that as one means of verification you must supply a credit card whose billing address matches your stated home address.
Once you’ve set up the service it will check every day for any credit events and email you a notification if it detects something significant. You also get unlimited toll-free support to help in resolving any reported issues.
Facebook Safety Test
New in this edition, a simple test will check the privacy of your Facebook account. Click a button on the toolbar to install the Facebook app, then launch it for a quick summary of privacy issues in your account.
The privacy test reports on any recent posts you’ve made totally public and any that you’ve allowed friends of friends to view. If you’ve been tagged in any posts in the last month it will report that too. A statistics pane reports the number of posts, likes, shares, and comments you’ve made during the month. Each of these is a live link to a detail report, for example, a list of all your comments.
The one-page report concludes with an overall score on a scale from 0 to 100. If your score is below 80 or so, you may want to change your habits for better privacy.
Your free ZoneAlarm firewall comes with 5GB of free hosted online backup powered by IDrive. It’s not exactly a giveaway, since you could get the same offer directly from iDrive. Still, having it right there in ZoneAlarm may goad some users to start backing up; it’s a good thing.
The backup component is installed the first time you use it. I was a bit surprised to find OSFirewall popping up a gaggle of warnings calling the installer “suspicious.” During installation you’ll create an account and choose whether to use the default encryption key or specify your own key. Using the default means that the vendor could be compelled by law enforcement to turn over your backup. Note, though, that if you forget your user-defined key nobody can access your files, not even you.
The user interface for the backup utility is a bit complex, but a large welcome screen explains its various components and offers advice on how to get started. You can accept the default backup set definition, which backs up common areas like the desktop and Documents folder, or define your own. The utility comes configured to run a backup job every day. You can also set it for continuous backup, which will back up new and changed files as soon as you finish editing them.
Do Not Track Me
New in this edition, the ZoneAlarm toolbar offers a Do Not Track Me button, powered by partner Abine. Like the Do Not Track feature in AVG Anti-Virus FREE 2013, it checks the current web page for advertising and other links that track your Web surfing. The number of trackers found appears as an overlay on the button’s “watchful eye” icon.
This feature keeps a running total of all the tracking sites you’ve encountered. You can also click the button and drill down for a list of all tracking components on the current site. If you’d rather not be tracked, one click puts the tool into blocking mode.
It’s true that the industry has defined a Do Not Track header that tells advertisers not to track you, and indeed, the Do Not Track Me button sends this header. However, compliance by trackers is voluntary. For thorough prevention of tracking, it also wipes out the cookies used by tracking sites.
Abine’s researchers have identified “over 200 advertising companies & 630 tracking technologies.” Even if you don’t care who tracks you, the company claims that blocking these snoops can improve webpage load speeds up to four times.
Past ZoneAlarm toolbars have included a gaggle of buttons unrelated to security, including links to YouTube, Flixster, GrooveShark, and Facebook. The current toolbar is more focused. I’ve already mentioned the Facebook privacy test, Site Check, and Do Not Track buttons, all relevant to security and privacy. There’s also a button to launch your browser’s built-in private browsing mode, and a link to Identity Guard.
You’ll still find some oddball items on the toolbar, like an Internet radio component and a button that links to a Twitter app called TweeNotify. I’m guessing that including them gets the company a bit of income and helps the product remain free.
A Very Good Choice
Your PC isn’t protected unless you’ve got both antivirus and firewall protection. If you’re already covered on the antivirus front, ZoneAlarm Free Firewall 2013is a great firewall choice. It handles network-level firewall tasks, controls application access with minimal popups, and resists direct attack. Its bonus features are actually useful, and relevant to security.
The best firewall components in commercial security suites definitely do more than ZoneAlarm, but then, they’re not free.
By Neil J. Rubenking, PCMag
- Type: Business, Enterprise, Professional
- OS Compatibility: Windows Vista, Windows XP, Windows 7
- Tech Support: Forum.