Secure clients with ZoneAlarm
Ray Geroski
Published: 23 May 2002 12:48 BST
Tutorial
The tutorial offers basic information about the program's features. Because the GUI is pretty intuitive, much of the information presented in the tutorial looks elementary. It's a nice introduction to how ZoneAlarm displays information, however, and provides some useful tips on how to respond to the different types of alerts that ZoneAlarm will present.
With ZoneAlarm Pro, most of the work you do concerns the up-front settings that specify what kinds of traffic, files, and applications you want to block from getting in and/or going out of the system. That means that everything after the initial setup primarily consists of you reacting to the alerts that come in. So the most valuable section of the tutorial is the part that explains how the alerts appear and the options you have for dealing with them.
Main window
From the ZoneAlarm Pro main window, you can see an overview of the tasks the program has performed to protect your system on three levels:
- Controlling inbound traffic
- Controlling outbound traffic
- Quarantining e-mail attachments
From this window, you can access any of ZoneAlarm Pro's security options simply by clicking hyperlinks or tabs.
As you can see in Figure D, the interface is intuitive. You can easily navigate to different areas where you might need to select security options. The process of telling how you want ZoneAlarm Pro to manage your security can be time-consuming, depending on how far you want to go with it, but the interface makes it easy to find what you need and to select your security options.
| Figure D |
 |
| ZoneAlarm Pro's interface is intuitive and easy to navigate. |
Security options
ZoneAlarm Pro offers a wide variety of configuration options for blocking incoming and outgoing traffic. The strength of this program is basically the way it allows you to shut the door on certain types of files and activities that might leave clients -- and thus your network -- vulnerable to Internet threats.
Navigate to the various security features using the links down the left side of the window, and then use the tabs at the top to access additional options. We're going to take a closer look at three features: firewall, program control, and e-mail options.
Firewall
ZoneAlarm Pro's firewall feature is divided into three zones, and you can set security levels and more specific custom options for each:
- Internet Zone
- Trusted Zone
- Blocked Zone
The Internet Zone governs all traffic inbound from or outbound to the Internet. ZoneAlarm Pro's interface for these elements resembles that of Internet Explorer settings, in that you move a slider along a range from High to Low security levels and can then, if need be, use the Customize button to select exceptions to the rules of that setting.
The Internet Zone defaults to High security, meaning that ZoneAlarm Pro locks down all activities relating to Internet traffic unless you specify otherwise. Clicking on the Custom button allows you to set a wide range of Internet security options, including the following:
- Allow outgoing DNS
- Allow outgoing DHCP
- Allow broadcast/multicast
- Block incoming/outgoing NetBIOS
- Block incoming/outgoing ping
- Block other ICMP
These are but a few of the options you can select for the firewall feature. This gives you some serious control over what is allowed into and out of your network, making ZoneAlarm Pro a powerful tool for taking charge of security.
The default setting for the Trusted Zone -- your local network -- is Medium. At this setting, ZoneAlarm Pro allows the computer to be seen on the network and to share files with other users. At the High setting, the computer is not visible on the network, and resource sharing is not allowed. This could hamper productivity if sharing is important on your network, but it also offers tighter security to protect a highly sensitive internal system. At the Low setting, the firewall feature for the Trusted Zone is essentially deactivated; in other words, you've opted to bypass security for your local network.
Previous
Did you find this article useful?
25 out of 48 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
