ZoneAlarm Pro 70_337_000

See my PM please

 

Uhm, well.. must be some secrets... sorry for asking.

Fax

 

The latest free version is now nagware that contains the full suite with elements (KAV for example) turned off. If you try to install it, it can produce conflicts with existing AV installations. So it is difficult to get "just" the ZA firewall anymore.

I appreciate the discussions here about how to tweak ZA for optimum performance. I am presently stuck for 3-4 months with a ZAISS subscription so I need to learn how to make the best of it.

I hope that open discussion and argument does not become stifled here on this forum as it is in the ZA forum.

 

Well, yes... I agree ... but unfortunately this has become an "how to disable ZA effectively" thread.

Fax

 

That is your opinion. I completely disagree

 

Uuuhm, I probably missed something and fortunately I am not the only one

Seven pages of posts half of them about ZA phoning/not phoning or similar unhelpful inputs...
If you think this is ZA optimisation... I completely disagree.

Fax

 

The only applications that I trust completely are the ones that I produced.

 

Hello: I have put my Q and C's in red inside your post.

 

Hello Escalader,

couple of points in reply...

I have not used the latest ZA free so I don' know about the update connects with that version. My point was that ZA free contains the KAV engine which is disabled until you pay for the full suite version. So even though you can't use the KAV in ZA free, it still conflicts with your existing AV app.

I have 2 pc setups - the desktop setup is contained in my sig. My laptop setup is ZAISS 7.0.337 and SS 5.3. I don't want to downgrade to ZAPro because I would then need to purchase another AV app.

Finally, I would say that you are correct that ZAPro probably has some differences with ZAISS regarding firewall operation but I suspect these are small since ZAPro is a subset of ZAISS.

Regards,

 

COMMENTS

 

@Escalader

I agree 100% with the free speech sentiments contained in this message.

 

--

 

Back a few versions I entered all of the ZA servers as blocked zone and casually found another web site (flyerservices.homehardware.com AT THE TIME) was blocked by this change. I don't know the technical reasons for this...I supposed it was due to akamai servers/aliases/DNS...the blocked zone sites causing the problem were pa2.zonelabs.com and/or ps2.zonelabs.com. I can't remember the version of ZA Pro it was at the time but I came to the conclusion that if I didn't trust the firewall enough that I had to enter xxx.zonelabs.com to the firewall's blocked zone I shouldn't be using it.

Later, I was satisfied with 6.1.744.001 until I tried importing an .xml settings I had just saved to my hard drive and discovered that after importing it, it had changed the network (Rogers cable) I had previously set to Internet Zone to Trusted Zone! With bugs like that, I dropped back to 4.5.594 Plus...I can no longer personally trust them to produce reliable current software.

If I was "brave" enough (I'm not) to try their latest stuff and wanted Free, I would install Pro trial and let it revert to Free, rather than installing Firewall+ an inactive Antivirus bundled up into a conflicting mess.

 

Testing? Are you testing? Let's take the example of Smartdefense.

Your SmartDefense is simply broken. How you did it. I don't know...
But I explained you how it should work normally.

Smartdefense module is the same in ZAPRO and ZASS. So, there is no reason for you not to work, unless your ZAPRO is broken.

I have not seen anyone taking the time to verify you findings. I did and posted the results... But I was the only one. You think that if Smartdefense was broken you would not see hundreds of e-mail in the ZA support forum?

Let talk facts please and stop posting paranoia, validation BS and just broken results!

Fax

 

dvk01, well said.

Even I do understand the mistakesn mentality of installing a software and then the user gets upset when the application goes to it's server. The AV, AS and many other security softwares plus applications (browsers, etc) do this. Many get updates and upgrades or inform the user of updates and upgrades. Doesn't FireFox or Opera contact their home servers to check for upgrades or in the case of FireFox updates for it's addons? Maybe, these users who are afraid of software updates/upgrades/contacting the home server should uninstall the rest of the applications that does this "dodgy" actions. It would be funny to see what is remaining on the PC and what they end up using in the very end of their trials and tribulations!

The Smart Advisor is working hard for the user to help the user, not to infect the user. Many people actually enjoy that there is a software that does so much and they actually have appreciation. Not the gloom and doom as discussed in this thread.

Much of what has been said so far is in fact not valid or false or just hearsay. From what I understand the ZA did have a bug that let it contact the servers in some versions, but that was fixed long ago in the version 6.1.744 or something like that. I know that even though there has been all kinds of facts drawn from the ZL sites, this was never mentioned. Just an other example of selective showing to present an arguement for the sake of arguing.

If any user was leery or doubtful of his applications or security, they should be immediately remove that software. Without a second thought. Even if they still had valid subscriptions, their doubts should be stronger than just a few dollars. No excuses.

12fw

 

Well, between the posters who are (as infered) "having a go" at ZA, and the posters who are then (which could be seen as) "Having a go" at those "Having a go", I will admit I am a little lost in this thread.

So, if possible, I would like a bit of order, meaning: I would actually like to know what the main points of the "problems" are, so at least I/the forum can (if possible) check on any findings/problems.
First, as you will know, I have had ZA(latest version) installed on test PC for the last 2 weeks or so, and yes I have seen some possible bugs, mainly related to the hardware in use, certainly not uncommon due to the vast amount of hardware used.
For the unauthorized outbound mentioned: well, from my own setup I did see an initial outbound that I am unsure of, which I have mentioned, but since then I have logged nothing that would give me concern that ZA was doing any "Phoning home".

So let us get to some points of facts on this:

Please, those with problems, post these as you have found, then myself, and possibly others can then try and check.

Come an all, I know we all have out differences, but let us work together to try and solve any possible problems with the security software we use. At the end of the day it will be better for all.

 

12fw,

The underlying current in the thread is that the primary function of a firewall is to allow a user to manage all communication between their PC and the outside world. That's all communication, not some. A communication from a module within a firewall product should really be treated no differently than any other packet.

Now, as an aid to casual users, a lot of things have become automated and assumed over time. Sometimes the user has ready access to these preordained tasks, sometimes not. Firewalls have also incorporated added functionality that can require time dependent content, so there's reason to communicate with remote content servers. The current crop of ZA products have tended in this direction and ZA's treatment of the communication aspect is much more obscure than necessary. As noted above, the communication can be disabled at the user's discretion. Unfortunately, in the past, disabling this type of communication has been compromised by bugs which apparently allowed the "disabled" communication to occur. That shortfall was addressed, but trust took a hit. That's a reality ZA has to deal with.

Whether or not other products contact home servers for information is somewhat irrelevant to the discussion in that management of all communications is not a part of their primary function, whether they are a security related product or not. However, it is the primary function of a firewall. That is what needs to be plainly understood within the thread. So, if there is a level of communications that are not transparently controllable by the user of a firewall, it is to everyones benefit to understand what is does and does not represent, if it is or is not controllable, and what's the impact if it is manipulated.

I agree, if you don't trust a product, don't use it. That's not entirely what this discussion is about. I view this discussion more as assessing and confirming the trust currently in place. Is this something I'd worry about? No, but that's a reflection of how I utilize my system and not a reason for everyone to have my approach.

Finally, one person's paranoia is another user's due diligence. Let's not label intentions of which we have little in the way of direct information and focus on the operational questions instead.

At least IMHO....

Blue

 

Software firewalls will contact the DNS servers and will contact the router. I am sure the ZA is no different. DNS lookups and such are done. It may by some to be a security risk. Even the Kerio 2.1.5 does contact the DNS. Come to think of it, many AV will do DNS lookups. Am I worried? No. I want it to do it's job for me. If the Kerio 2.1.5 was still current and could do updating and did more than the mere packet/application filtering, I would like it to do the same contact of it's server to get some updates and new info. The same applies to the ZA. I want it to do the job it is doing. I have no intentions of hindering it or being suspicious.

The bug in which the ZA did make the call home when even not desired has been fixed. Even though the packets sent were not a large number or being constantly sent. Just a bug. That was fixed or so it seems. If the user cannot forgive the ZL or Checkpoint for this glitch, then they should definitely uninstall the ZA. But apparently some users in this forum do not even trust the router. Maybe they should change the router or remove their routers.

12fw

 

I'm thinking less of pre-emptive blocking and more along the lines of the standard notification on initial call out that "I'm calling out, is that OK?", which would require explicit user approval, just like for any other application.

Blue

 

I think the ZA updater does that have feature at the present time.

12fw

 

12fw,

If you wish to work that way, that absolutely fine. It tends to be the way I work as well.

However, I also use some specialized technical applications that want to phone home on every launch and, frankly, when I launch them I don't want to spend a minute or two while they do a dance with their all too slow servers, so I block them as a matter of course and work with MP1 levels of major upgrades. This works for me and I don't get annoyed when time is tight and superfluous vendor based features are slowing me down. Obviously the vendor doesn't understand my desires, nor do I understand why this isn't a user initiated connection. We have different views of what's best.

This discussion is similar. You might want all that communication to happen as a matter of course. Someone else might wish to provide initial approvals as a matter of course. While I'm more like you, I'm fine with someone else following a different path. It's not about hindering or being suspicious. It's about control and the granularity of the control that the user desires.

Finally, if there is a fundamental mismatch between the user and vendor expectations, and neither side wishes to compromise, that's a relationship that should end.

Blue

 

yes I agree BlueZannetti

But the user expectation and the particular vendors expectations each have their own valid point of view. One is a business venture, the other is interested insecurity and all at different levels os experience and ideas.

12fw