BlackIce PC Protection 3.5 review: BlackIce PC Protection 3.5

(Updated 6/19/02)
New name, same bottom line. Once known as BlackIce Defender, this personal firewall for home and small businesses now goes by BlackIce PC Protection. Either way, the $40 app will still baffle the average user. Dialog boxes abound in its cluttered, confusing interface, and BlackIce lacks important security features, such as e-mail scanning for vicious macros or hidden Trojan horses. BlackIce suits only the most security-savvy user; the rest of us will rest easier with either ZoneAlarm Pro 3.0 or Norton Internet Security 2002. (Updated 6/19/02)
New name, same bottom line. Once known as BlackIce Defender, this personal firewall for home and small businesses now goes by BlackIce PC Protection. Either way, the $40 app will still baffle the average user. Dialog boxes abound in its cluttered, confusing interface, and BlackIce lacks important security features, such as e-mail scanning for vicious macros or hidden Trojan horses. BlackIce suits only the most security-savvy user; the rest of us will rest easier with either ZoneAlarm Pro 3.0 or Norton Internet Security 2002.

Waves apps through the blockade
Whether you buy BlackIce PC Protection on a CD or download it from Internet Security Systems (ISS), you can install it in a heartbeat. The software handles all setup tasks and surveys your drive for existing applications, a process that takes 5 minutes on a barely populated PC but 30 minutes on a loaded system. Unfortunately, BlackIce uses this scan to let already-installed apps access the Net--a flawed approach. Unlike Norton Internet Security, which includes a large library of firewall rules for popular apps, BlackIce simply waves through any software that's already installed.

Confusing, cluttered interface
Once loaded, BlackIce has an interface that stinks. You start or stop the program via a single icon in your system tray, but when you adjust settings or view recent intrusion attempts, BlackIce distributes the information among several poorly organized windows. For example, we struggled to find out where to change an application's Internet permissions, and when we found a window that displayed current permissions, the list featured impossibly cryptic filenames, such as evcreate.exe and blat.exe.

Diligent but bothersome
Like other personal firewalls, BlackIce alerts you when an intruder attempts to access your system or when it notices suspicious Net activity coming from your PC (the latter can indicate an active Trojan horse on your computer). Version 3.5 boasts the new Application Protection scheme, which alerts you if an application's executable file changes without your knowledge--another possible Trojan horse indicator--because infections can hide inside legitimate software.

But this protection proves annoying at times. BlackIce pops up a dialog box every time you install a new app or utility, even if the new program doesn't access the Net, and the first time that Web-related apps go online. You can tell BlackIce to stop showing these dialogs, but we prefer Norton Internet Security's automatic-access configuration, which doesn't pester you each time.

Not everything is in stealth mode
Despite such confusion, BlackIce adequately protects your PC. We ran tests found at ShieldsUp to probe for unprotected ports, and, as in the past, BlackIce left only one port visible to hackers. By contrast, ZoneAlarm and Norton stealth, or hide, all ports.

Sadly, BlackIce also lacks a tool that scans e-mail messages for suspicious attachments, such as macros or Visual Basic scripts, a favored format for viruses. Both ZoneAlarm and Norton Internet Security offer such a tool. And BlackIce still doesn't have an easy way to selectively block your applications from accessing the Net. You can try, using the Advanced Application Protection Settings dialog, but you must know the name of the executable files for each app and, in some cases, the associated DLL files). Such a task proves almost impossible with complex programs, such as Microsoft Outlook, that employ multiple executable files.

Wait for help
If you run into trouble, ISS offers support only via e-mail or online help--no phone calls. Fortunately, you'll find an extensive, easy-to-search knowledge database. The help desk says that it tries to respond to e-mail within 48 hours but warns that the delay may be twice that.

For pros only
BlackIce performs decently, but it's too confusing, complex, and inflexible for anyone but network administrators. ZoneAlarm Pro 3.0 and Norton Internet Security 2002 cost slightly more ($50 and $70, respectively), but they're worth the extra money, for both their ease of use and added protection.

Take me to CNET Labs' test results

Take me back to the roundup!