skidmonk.com
    
RELATED LINKS
Home
 
Google

To protect yourself against malware effectively, you want to stop it before it makes it onto your system. This is what any good antivirus program does against viruses and worms. On the other hand, most antispyware programs haven't been as effective at stopping spyware from getting onto your PC (they identify it once it's there). And unfortunately, once it's made it onto your system, the damage is often already done.

Zone Labs recently released a public beta of Version 6.0 of its popular ZoneAlarm Security Suite. The new version adds an integrated antispyware module that aims to cut off attacks from the start. In our in-depth look at the beta, it appears to be the most effective spyware prevention tool to date.

In addition to this new module, ZoneAlarm's powerful personal firewall, already one of the best in the business, gains another layer of protection. The SmartDefense Advisor for program control (formerly AlertAdvisor) is smarter than ever, and the antivirus module is a bit more flexible. We're withholding our rating until we get the final code, but we're very impressed with what we have seen so far. (Check back for PCMag.com's review of the final product when it's released.)

The heart of any security suite is its firewall. ZASuite's firewall passed all Web-based port-scanning tests, as always. It resisted all of our attempts to disable the firewall in the ways a malicious program might employ. It even ignored attempts to turn off protection using simulated mouse clicks, an attack that few firewalls resist. In addition to blocking outside attacks and keeping unauthorized programs from using your Internet connection, this version adds a new layer of defense for the operating system—Zone Labs calls it a Triple Action Firewall. This new layer is particularly evident in the firewall's protection against leak tests (programs that evade normal program control in the same way malware does). For full leak-test protection, previous versions required that the Program Control level be set to High, which forces the user to respond to more pop-up confirmation requests. This version blocked ten different leak tests without raising Program Control above its default level. In most cases, it clearly reported the specific dangerous behavior attempted by the leak test.

This new firewall layer also helps to block spyware installation and activity. Although the antispyware detection and removal code was not complete in this beta version, the program, as a whole, offered excellent real-time protection. When tested against the same threats used in our recent roundup of standalone antispyware products, ZASuite blocked ten of 11 from installing successfully. It completely prevented the spyware from performing any malicious action, though in some cases it did not remove one or more executable files. ZASuite also blocked two of the four keyloggers in our test set. We like the checkbox in the dangerous-behavior pop-up that automatically blocks all further dangerous behavior by the same program. One spyware threat immediately attempted 35 more dangerous behaviors, which were all automatically blocked and easily dismissed as a group. In testing spyware removal, we again found that some executable files were left on the system, though they were completely inactive. If we gave full credit in those cases, ZASuite would rank just a bit below the top standalone antispyware products—quite respectable considering that its antispyware module wasn't quite finished.

A full antispyware scan took about 4 minutes, in line with the faster standalone products. Though there's no indication on the main scan page, the product defaults to a less thorough (and much faster) quick scan. We had to dig into Advanced Options to select a full scan. By default, ZASuite will automatically deal with the worst spyware immediately on discovery rather than waiting for your confirmation, which is a very nice touch. If removing a particular adware module disables a related program, you can restore it from quarantine and mark it to be left alone in the future. The descriptions of particular threats locally and online are spotty and in some cases nonexistent, though we anticipate this will improve in the released version. We do wish the product would provide a detailed log listing the spyware traces (files and Registry items) it has removed.

ZASuite's antivirus engine, licensed from Computer Associates, received the Virus Bulletin VB100% award and is certified by ICSA Labs and West Coast Labs for virus detection, but not for removal. This version adds a full quarantine system (previous versions disabled virus files by renaming them to a nonexecutable file extension) and the ability to pause and resume antivirus scanning. The licensed AV engine and homegrown antispyware engine aren't 100 percent integrated (they run sequentially rather than simultaneously).

Early personal firewalls were infamous for the annoying flurry of confirmation prompts they'd pop up. Zone Labs worked around that problem by developing SmartDefense Advisor, a database of over 18,000 known good programs and 52,000 known malicious programs. The product automatically allows access to good programs and denies it to bad ones, without hassling the user. This new version refines the permission process with three distinct trust levels. Restricted programs are blocked from behaviors deemed suspicious or dangerous. Trusted programs are allowed actions that would be considered suspicious. And those with Super permission (typically Microsoft Windows components) aren't limited at all. Another new trust level is Kill: When a process with this trust level launches, ZASuite kills it immediately.

The antispam module, licensed from MailFrontier, can now scan existing folders on demand, but otherwise hasn't changed significantly. In earlier tests, it marked under 1 percent of valid mail as spam and let just 4 percent of spam into the Inbox, and it separately identified a number of phishing e-mails as fraudulent. Its whitelist/blacklist and challenge/response features (disabled for testing) would provide still better accuracy. Other features, such as Parental Control, E-Mail Protection, ID Lock, and IM Security, are likewise little changed.

Just when we thought ZoneAlarm's firewall had reached its peak, Zone Labs has found a way to make it even better, increasing its power against spyware and leak-test malware techniques. Its program control is more flexible than ever, with different levels of trust and the ability to kill the worst programs instantly. The combination of kernel-level firewall techniques and signature-based spyware recognition already offers unusually powerful spyware blocking and decent removal, and we expect this to improve with the final release. Overall, the next version of ZoneAlarm looks likely to be a superb security suite.

More Security Suite reviews:

Copyright © 2005 Ziff Davis Media Inc. All Rights Reserved. Originally appearing in PC Magazine.

Save a personal copy of this article with Furl.netSave Printer friendly versionPrint Send this article to a friendSend Link to this articleLink Subscribe to this publicationSubscribe



 IN 
 
Copyright ©  All Rights Reserved.
  
Related sites:
Free music downloads,Music downloads,Legal Music Downloads,Free mp3 music downloads,Free music video downloads,Totally Free Music Downloads,Free wedding music downloads,Christian music downloads,File Sharing,Free file sharing,Free File Sharing Programs,Peer to Peer File Sharing,P2p file sharing,Music file sharing,Legal file sharing,File sharing software,Secure file sharing,File sharing sites,Porn file sharing,Movies File Sharing,Ares file sharing,File Sharing Program,Adult Movie File Sharing,Video file sharing,Mac file sharing program,Download movies,Free Movies Download Full,Download DVD Movies,Adware,Adware removal,Free adware,Adware spyware,Adware 6 0 Personal,Adware away,Lavasoft adware,How to remove adware,Adware Download,Aurora adware,Adware free,Adware protection,Adware blocker,
skidmonk.com     Site Map
[an error occurred while processing this directive]