At a Glance
- Strong rootkit removal
- Lots of features
ZoneAlarm Extreme gives you a lot of useful security features and protection for the money.
CheckPoint ZoneAlarm Extreme Security 8.0 (one-year three-user license: $70 as of 5/21/2009) provides solid firewall protection along with a host of other security functions If anything, ZoneAlarm Extreme may be guilty of having too many pieces: It bundles together the basic security suite with the unique features of ID theft mitigation and recovery service, online data storage, and the optional PC utility. This premium suite gives a lot of bang for the money, including one year of free identity fraud monitoring. We reviewed it for our midyear security suite roundup and our updated chart of security suites.
ZoneAlarm licenses its antivirus protection from Kaspersky, and in AV-Test.org‘s extensive malware-detection tests, ZoneAlarm did a decent job in both the on demand and on access detection of 2,735 malware files and scripts, scoring 100 percent against each, although it only caught 81 percent of the macro viruses. ZoneAlarm did well against the zoo Trojan horses, worms, password-stealers, and other nasties thrown at it, identifying on average 94 percent of the 722,372 collected samples. Ordinarily this would place ZoneAlarm high among the products tested, but in this roundup it came in sixth out of the eight).
ZoneAlarm Extreme scored very strong numbers when it came to detecting and removing rootkits–stealth malware used to hide infections from PC users and security software alike. It successfully detected and removed nine out of nine active rootkits. In proactively identifying unknown malware for which it doesn’t yet have a signature, ZoneAlarm scored above average. In tests with two-week-old signature files, it identified 42 percent of samples. And with four-week-old signature files it identified 38 percent of samples.
According to AV-Test, ZoneAlarm responds very quickly to new widespread malware attacks, typically in 4 to 6 hours. Not surprisingly ZoneAlarm issued the most updates per month, issuing 636 in January 2009, 732 in February 2009, and 723 in March 2009, averaging an amazing 23 updates per day.
AV-Test displayed long on-demand scan times of up to 179 seconds on a 741 MB file and on access times of , 103 seconds compared with only 41 seconds to copy the same file on a system without antivirus installed.
ZoneAlarm doesn’t scan incoming mail nor IM messages; instead, it scans the files associated on access. Many of its security features rely on software apps from other vendors. For example, ZoneAlarm uses SonicWall for antispam protection, MailFrontier for e-mail filtering of phishing attacks, and Netcraft for Web antiphishing protection. Web surfing protection, a new feature, comes from ZoneAlarm ForceField (a utility also sold separately). On Internet Explorer and Firefox browsers, ForceField blocks drive-by downloads of malicious code.
Like the G-Data Internet Security 2010 suite, ZoneAlarm is perhaps a bit too cautious with the Web. For example, ZoneAlarm doesn’t actively warn you about a particular site; instead, you simply can’t access that site. ZoneAlarm does allow you to change the setting for individual blocked sites to allow access, but it would be helpful to see in advance what other sites it doesn’t allow.
The ZoneAlarm interface uses a left-hand navigation pane to open configuration options that are straightforward and easy to use. Within the right window pane, ZoneAlarm includes Parental Controls from Blue Coat, provides 2GB online backup from iDrive, and identity fraud protection and recovery service from Intersections and an optional PC diagnostics tool from Large Software. The latter is new this year, and on our system it detected several mangled Registry listings and fixed them, improving system performance.
Overall, ZoneAlarm Extreme Security offers the most complete set of security features of any suite we tested-from online backup and ID fraud protection to solid antivirus and firewall tools. Where it counts, ZoneAlarm did well in blocking traditional and zoo malware and removing rootkits. It could do better on behavior-based protection, however. If you’re looking to spend a little less money for fewer features but slightly better protection, then we recommend G-Data Internet Security instead.