ZoneAlarm Plus review: ZoneAlarm Plus

Until recently, digital burglars didn't bother tinkering with home computers. But since many home PCs are now hooked up to always-on DSL and cable connections, the data they contain is a tempting target. That's why you need a firewall, software that protects your information. Fortunately, ZoneAlarm Plus 3.7 defends your machine from hackers and sniffs e-mail for possible Trojan horses. It offers sufficient options and flexibility to keep power users content. Users who want to block ads and enforce privacy settings should consider ZoneAlarm Pro instead. But Windows users who need only a firewall can't go wrong with ZoneAlarm Plus. If the $40 ZoneAlarm Plus is still outside your budget, there's always the free ZoneAlarm. The freebie doesn't include many of Plus's better features, including the extra info that Alert Advisor provides, but its firewall heart beats just as strongly. Download the 3.5MB ZoneAlarm Plus (you can test-drive it free for 30 days), install it, and you'll have ZoneAlarm Plus working within five minutes--the setup couldn't be easier. Unless you want to delve into its configuration details, ZoneAlarm Plus provides wizards that will walk you through the setup. Keep clicking the Next button, and ZoneAlarm Plus automatically chooses the strongest possible defensive modes for your PC.

ZoneAlarm Plus's redesigned interface not only gives an instant status update, it's also easier to navigate than earlier editions'.

ZoneAlarm Plus benefits from a total interface redesign and now looks somewhat like Norton Internet Security and McAfee Internet Security, with its navigation along the left side. The Control Center displays the current status of all your safeguards, including any programs currently accessing the Internet, and it provides one-click entry to all configuration settings. Links along the left-hand side--to Firewall, Program Control, and Privacy--lead to detailed settings, security logs, and options. Across the top, twin gauges monitor both upstream (outgoing) and downstream (incoming) Net activity. A holdover from the old interface, a large Stop button, lets you disengage protection at any time. We love the new look; it's easier on the eyes and easier to navigate, too.

Depending on how you set up ZoneAlarm Plus, each time a program or a program component on your PC wants to access the Internet, the firewall displays an alert to let you know whether the activity is authorized. A useful Internet Lock feature freezes your Internet connection so that no activity--incoming or outgoing--occurs when you step away from your machine. You can configure the lock to engage automatically after a specified amount of time or whenever your screensaver activates.

ZoneAlarm Plus monitors more than 30 types of e-mail file attachments that potentially carry Trojan horses or worms, and it quarantines these files so that you can examine them later with a good virus killer. ZoneAlarm Plus includes Enhanced Hacker Tracking, allowing you to find out who's attacking your system. This final feature requires an additional annual maintenance contract beyond the initial year of support.

ZoneAlarm Plus is available in French, German, and Japanese language editions.

We ran ZoneAlarm Plus against Steve Gibson's ShieldsUp port tester. In stealth mode, our PC was invisible to the world. That's good.

ZoneAlarm Plus
ShieldsUp Port Probe		ShieldsUp Port Probe
Port 21-FTP	Stealth	Port 135-RPC	Stealth
Port 23-Telnet	Stealth	Port 139-NetBIOS	Stealth
Port 25-SMTP	Stealth	Port 143-IMAP	Stealth
Port 79-Finger	Stealth	Port 443-HTTPS	Stealth
Port 80-HTTP	Stealth	Port 445-MSFT DS	Stealth
Port 110-POP3	Stealth	Port 5000 UPnP	Stealth
Port 113-IDENT	Stealth	Leak test	Passed

We began with IP Agent, a free utility provided by ShieldsUp that determines the test machine's current IP address, then contacts the ShieldsUp Web site to begin testing.

Next, the Port Probe utility tested our system's defense against Internet port scanners. The test originates from the ShieldsUp server and attempts to establish standard TCP/IP (Internet) connections on a handful of commonly exploited Internet service ports on the test computer.

Using ShieldsUp, each port gives one of the three following results:

Stealth: This result means that the probe was not able to find this particular port on your computer. This is the most secure result.

Closed: This shows that the probe was able to detect this particular port on your computer but that the connection was refused.

Open: This result means that the port is actively advertising its presence on the Internet. Port scanners will have no trouble finding it.

More information on these tests and what the results mean can be found at ShieldsUp.

More information about how we test firewalls can be found at CNET Labs.

For ZoneAlarm Plus, online and e-mail help remain your only tech-support options. Fortunately, ZoneLab's support site is first-rate, with FAQs, a list of known problems, and reference documents. If you still need help, you'll have to e-mail the help desk, using a complicated online form. Although ZoneLabs promises to respond to messages from Plus customers in one to two business days, its tech support answered our test query in less than two hours.