Is ZA Force Field a sandbox type deal? Or some kind of virtualization? Or something like PrevX SafeOnline?

I believe that it is a form of virtualization. Check out the link. http://download.zonealarm.com/bin/forcefield_x/index.html

Hi,

It only works at browser level. It won't sandbox anything else on your computer but the browser.

Although, I'm guessing that Check Point [the owner of ZA ] might eventually discontinue Forcefield as a stand-alone utility since it has already been integrated onto ZoneAlarm Extreme Security.

Hope this helps.


Regards,


Carlos

-{ Quote: " Although, I'm guessing that Check Point [the owner of ZA ] might eventually discontinue Forcefield. " }-

Not really... standalone ForceField and Datalock are here to stay even if they are include in the ZA Extreme top level ZA product.

ForceField is an active browser sandox, isolating the webbrowser from the system (passive part) while jamming keyloggers and screengrabbers and providing antiphishing and web rating (active part). Downloads outside forcefield can be checked with a dedicated heuristic scanner (internally developed) that analyse the download in a virtual environment for suspicious behavior.

ForceField is a good complement to traditional AV scanners and is well integrated in ZA Extreme. Supports IE and firefox.

Hope this helps

Cheers,
Fax

-{ Quote: "Not really... standalone ForceField and Datalock are here to stay even if they are include in the ZA Extreme top level ZA product.

ForceField is an active browser sandox, isolating the webbrowser from the system (passive part) while jamming keyloggers and screengrabbers and providing antiphishing and web rating (active part). Downloads outside forcefield can be checked with a dedicated heuristic scanner (internally developed) that analyse the download in a virtual environment for suspicious behavior.

ForceField is a good complement to traditional AV scanners and is well integrated in ZA Extreme. Supports IE and firefox.

Hope this helps

Cheers,
Fax" }-

I guess FF (Forcefield obviously :P) lets it through if it doesn't find anything?

I checked into Forcefield a few months back and at that time there were some compatibility problems with the latest firefox release. There's no telling how it works with IE8, but nomatter what Checkpoint claims a thorough test drive would be advised. Checkpoint is just one of those companies I would not touch with a 10 foot pole.

-{ Quote: "I checked into Forcefield a few months back and at that time there were some compatibility problems with the latest firefox release. There's no telling how it works with IE8, but nomatter what Checkpoint claims a thorough test drive would be advised. Checkpoint is just one of those companies I would not touch with a 10 foot pole." }-

If you don't mind my asking, why would you avoid Checkpoint? Not intending to disagree with you here, just wanting to get your perspective. Thanks!

-{ Quote: "If you don't mind my asking, why would you avoid Checkpoint? Not intending to disagree with you here, just wanting to get your perspective. Thanks!" }-

I just don't like their program of seeming compatibility issues, the Ask.com association, difficulty removing their programs on uninstall, citing ratings which are years old, their forum mods stating there are compatibility issues with ForceField and certain current internet browsers builds, yet advertisements that they should be compatible. I still remember checkpoint blocking one HIPS testing site as a "spyware" site simply because ZA could not pass all the leak tests. I'm sure I could think of some more things if I had more time.

-{ Quote: "I checked into Forcefield a few months back and at that time there were some compatibility problems with the latest firefox release. There's no telling how it works with IE8, but nomatter what Checkpoint claims a thorough test drive would be advised. Checkpoint is just one of those companies I would not touch with a 10 foot pole." }-

ForceField works great here with Firefox 3.6.3 and with IE 8.

-{ Quote: " I still remember checkpoint blocking one HIPS testing site as a "spyware" site simply because ZA could not pass all the leak tests. I'm sure I could think of some more things if I had more time." }-

You are sure that they were blocking that site because the useless leak tests?::)

I think it was a mistake, like a few months back with tinyurl.com. They fixed this mistake, so no need to crush a company without 100% true information.

-{ Quote: "I just don't like their program of seeming compatibility issues, the Ask.com association, difficulty removing their programs on uninstall, citing ratings which are years old, their forum mods stating there are compatibility issues with ForceField and certain current internet browsers builds, yet advertisements that they should be compatible. I still remember checkpoint blocking one HIPS testing site as a "spyware" site simply because ZA could not pass all the leak tests. I'm sure I could think of some more things if I had more time." }-

Some input to clarify the above. NO ask toolbar is included in retail versions of ZA. ZAfree comes with a toolbar with different features and ask search engine is actually always turned OFF by default. This is an old issue back from version 7 that has already been taken care of.

All the rest relates to old versions of ZA and FF. Uninstall procedure has been completely revised, HIPS modus operandi too... , etc

Products evolves and changes during time. It is important to give up-to- date information on them otherwise your statements may look biased and most of all misleading.

Of course, you are fully entitled not to like a product :)

-{ Quote: "I guess FF (Forcefield obviously :P) lets it through if it doesn't find anything?" }-

Depends, if the download is voluntary (i.e. you manually download a file from a site, you choose a location, you run it.... then YES (note that the advanced ZA scanning with heuristics is 'on demand').

If the download is without user intervention (drive-by download) then this is isolated (in a dedicated forcefield folder) and will only run in the virtual environment.

The latter only if virtualization option in forcefield is turned ON.

Fax

-{ Quote: "You are sure that they were blocking that site because the useless leak tests?::)

I think it was a mistake, like a few months back with tinyurl.com. They fixed this mistake, so no need to crush a company without 100% true information." }-

The site was PCflank. Apparently ZA does not think leak tests are unimportant as they have leak tests results comparison chart against other firewalls on their site. Well, the chart is from 2006, anyway. But its it's the most current ZA will publish.

http://www.zonealarm.com/security/en-us/independent-tests-internet-firewall-comparison.htm

Why doesn't Checkpoint use current tests, from a site like Matousec, if they are concerned about showing customers how ZA performs in these tests?

http://www.matousec.com/projects/proactive-security-challenge/results.php

-{ Quote: "

Products evolves and changes during time. It is important to give up-to- date information on them otherwise your statements may look biased and most of all misleading.

Of course, you are fully entitled not to like a product :)" }-

I agree, although apparently Checkpoint would rather post 2-4 year old test results from nearly all their products. Your comment reminds me of when ZA listed their product for sale as "Vista Ready". How long did it take to clear up that problem?

-{ Quote: "The site was PCflank. Apparently ZA does not think leak tests are unimportant as they have leak tests results comparison chart against other firewalls on their site. Well, the chart is from 2006, anyway. But its it's the most current ZA will publish.

http://www.zonealarm.com/security/en-us/independent-tests-internet-firewall-comparison.htm

Why doesn't Checkpoint use current tests, from a site like Matousec, if they are concerned about showing customers how ZA performs in these tests?

http://www.matousec.com/projects/proactive-security-challenge/results.php" }-

In my opinion those test were for promoting Zone Alarm in 2006. I think they don't need nowdays.

The "useless" leak tests it's just my opinion, not CheckPoint's.

matousec tests are all about HIPS but Zone Alarm has multi layer protection, don't need a strong(annoying) HIPS because that would be a nigthmare for average users.

-{ Quote: "I agree, although apparently Checkpoint would rather post 2-4 year old test results from nearly all their products. Your comment reminds me of when ZA listed their product for sale as "Vista Ready". How long did it take to clear up that problem?" }-

Uuhm, I think you missed the point. I made reference to your old information not Checkpoint old tests. Don't take it personal but the issues you highlight are once again outdated and aging back to version 7 or 8. ZA is at 9.1

No need to comment on Matousec tests, too much has been said about it. :)