protecting zone alarm pro

I thought I read somewhere that I do not need to add zone alarm pro to process guard to protect it , is this true? Or should I go ahead and add to the list?
Thanks in advance

 

I'm no expert, but my intuition tells me that you DO want to protect ZA Pro. I say this for a couple of reasons. First, it is a core layer of security and you don't want to leave it vulnerable to attack. Second, it is capable of accessing the Internet and I read somewhere that you want to protect anything that is capable of connecting to the Internet. Hope this helps.

 

What Dallen suggests is not a bad idea. I asked a while back this same question on the ZA forum. I was told that ZA has built-in protection, and protects itself. I was told PG protection was not necessary, but wound not hurt. I use both ZA and PG, and have not added ZA to my protected programs list.

 

Thank you both for your quick replies. I'll sleep on it.

 

Hi gr49erluvr, ZA does a very good job at protecting itself so using Process Guard maybe overkill.
As ZA's .exes are on the PG's checksum list any change to it's .exe's would be noticed by Process Guard which adds another layer of protection which cannot be bad.

HTH Pilli

 

Thank you Pilli.

 

Hi gr49erluvr,

It is just my opinion, but I would add it.
I think you only need to add vsmon.exe because that is the actual firewall service(process) that needs to be protected. zlclient.exe is just the user interface part of ZAP that sits in the system tray so it is not important (others could confirm this).
I have vsmon.exe protected with the first 4 blocked flags and the first allow flag with no options.
It works well for me with no problems.
Here are my reasons to have it protected:

1. You bought PG to protect critical security processes. Your firewall is your first and most important line of defense so to protect it is not overkill. If you bought it, you might as well use it.

2. ZAP has password protection (you should still set a good password) but malware may still be able to terminate ZAP using similar methods to DCS APT program.

3. From what I have read, malware doesn't even need to terminate the firewall. Even worse, it could inject itself into the firewall running in memory to bypass it. They could also possibly inject into other internet capable apps that you permited internet access through ZAP (like browsers, email clients) so those should be protected too.

4. It's fun to setup an advanced layered security system.

 

Very good point, Devinco.

 

Yes that was a very good point and thank you very much for pointing that out to me.

 

Ok I added it and blocked the first 4 flags. With the first allow flag did you mean put a check mark or leave it blank?
Thanks for your time.

 

Here's the setting that I use.

 

Thats what I thought you ment . Thanks for your time, have a good one.