Just to spread the word. Zapro 4 is out today june 12 http://download.zonelabs.com/bin/free/information/zap/releaseHistory.html Regards Ole
Once you have checked it out perhaps you could give us the low down on the new features. Regards, CrazyM
Well, there's one small new feature... "Expert Rules!" Yikes! Lot's to look at in there! I'll be making an update to my Outlook Express thread shortly just to give people the flavor of some of the rules capabilties.
That was the new feature I was interested in hearing about and how much fine tuning it really allows. I see ZoneLabs also has a trial version available. Just might have to give it a go and find out for myself . Regards, CrazyM
I have made updates to the following thread to demonstrate some of the new capabilities present in ZAP v4.0, most specifically the Expert Rules capabilities... Zone Alarm Plus/Pro Program Options (Updated for ZAP v4.0) Fun - Fun, LowWaterMark
LWM Good job on the update and showing what v4.0 is capable of. I think that tinkering itch of mine is about to get scratched . Regards, CrazyM
Good! I'd like to see what a person experienced in rules based firewall configuration thinks of Zone Alarm's first entry into the world of rules.
Well seeing how you asked… One of the new features that will afford users a convenient way to tighten up their rules is the “Group Manager”. The “Locations” tab will allow you define groups of remote IP’s for any number of rules such as DNS, POP3, and SMTP servers. Using the groups would be more secure than lumping some or all of these into the Trusted Zone. You also still have the ability to define a single remote IP in rules if a group is not required. Being a regular user of rule based firewalls, I keep a current list of all specific remote IP’s required for services or programs that I run including the servers used for any live update functions. This makes life a little easier when you have to start from scratch. Those without a current list can always enable logging on their rules to define their own list for reference and customizing their rules. Regards, CrazyM
…carrying on with the “Group Manager” The “Protocols” tab can be used in a similar fashion to define a list of common remote/local services that you will use in different rules. When creating your rules you can then just select from this list. The new rules capability also allows for restricting local service/ports to the ephemeral ports. Regards, CrazyM
Firewall Expert Settings On first look it appears this is for global rules and are not application specific. You would want to be careful what you put in here. One thing that would be appropriate to go in this section would be your ICMP rules. They can be quite specific in this version compared to prior versions. Note the use of the location group "DNS Servers". Regards, CrazyM
WOW ZA has come a long way. Watch out Norton and McAfee there's new dog in the yard and he's going to be taking over. LOL
Yes, the entire Firewall tab has always been for global (system-wide) settings, whether using the old (still available) simple permissions settings, (see image below), or now the new Expert rules. (Though ZAP is called an application based firewall, it always allowed for some limited system-wide permissions.) Zone Labs has clearly added a fairly reasonable rules capability to the existing features, but have left the use of the rules interface as totally optional. I think that's a good compromise. Rules that override the defaults and the simpler interface settings if you want to tweak, but which aren't used if you don't. What I really like about the rules interface is that it allows for something that ZA never had before - the ability to alert and/or log allowed events. In the past, the only alerts logged, (other than pop-ups asking the user to approve an action), were for "blocked" events. So, now we can define rules just for the purpose of alerting or logging an access. Nothing big for people who've always used rules based firewalls, I imagine, but a huge addition for Zone Alarm Pro users. I've always wanted logging rules capability.