PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

ZoneAlarm 8.0

Neil J. Rubenking
 & Neil J. Rubenking Principal Writer, Security

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS
- Security
3.5 Good

The Bottom Line

ZoneAlarm 8.0 offers effective basic personal firewall protection at a fantastic price—free! But if you want advanced features like automatic program control configuration, exploit prevention, or behavior-based operating-system protection, you'll have to upgrade to the paid version.

Pros & Cons

    • Stealths all ports against outside attack.
    • Controls program access to Internet and Network.
    • Resists direct attack.
    • Game Mode answers pop-ups automatically.
    • Free!
    • Many pop-up queries.
    • Minimal protection against leak tests, exploits.
    • Game Mode reduces security.
    • Spy Blocker toolbar missed many malware sites.

ZoneAlarm 8.0 Specs

Free: Yes
OS Compatibility: Windows Vista
OS Compatibility: Windows XP
Type: Business
Type: Personal
All Specs

For many years, ZoneAlarm's bright-colored user interface was the face of personal firewall protection. Long before Windows had a built-in one-way firewall, the free ZoneAlarm utility fended off hack attacks and managed programs' access to the Internet. The new ZoneAlarm 8.0 looks seriously different with its serene blue-tinted screens, but the protection it offers has changed very little since the early days. It's still free for anybody who wants it, not just free for noncommercial use.

Firewall Basics

As ever, ZoneAlarm protects your computer from outside attack by putting all the ports in stealth mode. The ports aren't just closed to attackers—they're invisible. Naturally, the firewall passed all of my port scan tests and other Web-based tests. By default it pops up a small report window when it blocks a network event. Go ahead and turn off this notification if you like; the firewall log still details every network event blocked.

The other side of personal firewall protection is program control, which ensures that only authorized programs can access the network or Internet. As it has for many years, ZoneAlarm pops up the first time any program tries to access the Internet or network and asks you, the user, to decide whether to allow or deny access. A new ZoneAlarm installation generates tons of these pop-up queries, though they do trail off after a while.

The premium (paid) ZoneAlarm firewall cuts way back on pop-ups by using a handy feature called SmartDefense Advisor to configure access automatically for over two million known programs. Comodo Firewall Pro, another free firewall, uses a similar database of over a million programs. But ZoneAlarm's free edition still asks your advice about every single program the first time it tries to connect. In fact, it even popped up to ask whether its own Spy Blocker toolbar should be allowed access.

If pop-ups annoy you and you're 110 percent sure that your system is free of malware, you might consider enabling Learning Mode for a week or two. Learning Mode is just like Comodo's Training Mode. In this mode, every program's access request is granted and ZoneAlarm creates a rule so that the program will still have access after Learning Mode ends. This will certainly cut down on the pop-ups. But if a malicious program is present it, too, will get access.

ZoneAlarm does let you separately configure a program's ability to access the Internet and to act as a server receiving incoming connections. And you set different options for the local trusted network zone and for the wild-and-wooly Internet zone. If you make a mistake with a program's permissions, just bring up the program list and fix it.—Next: Leak Tests and Automatic Lock

Leak Tests and Automatic Lock

Malicious programs try to get around this simple type of program control using a variety of techniques, such as controlling trusted programs or injecting code into their processes. Leak-test utilities demonstrate these techniques without actually doing any harm. ZoneAlarm's OSFirewall feature blocks these sneaky techniques quite effectively, but it's available only in the paid editions.

I tried launching a dozen leak tests and was pleased to find that ZoneAlarm did block two of them. In a recent test of Comodo Firewall Pro, the firewall component didn't block any leak tests. Comodo's separate Defense+ module popped up behavioral warnings about some of the leak tests, but it also warned about perfectly valid programs. At least ZoneAlarm throws pop-up queries at you only about Internet/network access—Comodo's Defense+ inundates the user with confusing queries about all kinds of behaviors.

ZoneAlarm's Auto-Lock feature can block all Internet access when you've been away from the computer for a specified amount of time, or whenever the screensaver launches. It ensures that nothing goes in or out of the system while you're absent. If you tend to start large downloads and walk away, this isn't for you, of course. The paid premium edition includes the option to allow access for specific programs even when the system is auto-locked.—Next: Fighting Back

Fighting Back

I did my best to break ZoneAlarm's protection using techniques that would be available to a malware writer. My attempts totally bombed; ZoneAlarm resisted everything I could throw at it. Its processes are protected against termination, so when I unleashed Task Manager on it, I got "Access denied." I've been able to shut down some protection systems by stopping an essential service or setting its start-up type to Disabled. ZoneAlarm protected itself from that attack by blocking all changes to its TrueVector service. It even resisted my funky program that tries to shut down a program using simulated mouse clicks; it ignores fake mouse clicks. It's tough!

It didn't do as well against another type of attack, however. I used the Core Impact penetration tool to generate Web pages that exploit vulnerabilities in the operating system and the browser, and then tested ZoneAlarm's ability to stop them. Some apps do well on this test: Norton Internet Security 2009 not only prevents these attacks, it identifies them by name. The full ZoneAlarm suite, like many other suites, blocks exploits by recognizing the files involved. The free ZoneAlarm firewall being reviewed here fell victim to an exploit (one that was blocked by the full ZoneAlarm suite)—as did Comodo's firewall. Expecting a free firewall to protect against this kind of attack may be asking too much.—Next: Simple Bonus Features

Simple Bonus Features

Along with the firewall, you can install ZoneAlarm's Spy Blocker Toolbar for Internet Explorer and Firefox. Spy Blocker is a glorified search toolbar powered by Ask.com with one special addition: It watches the sites you visit and blocks any that are known to host spyware. I tested Spy Blocker by attempting to re-download all of the malware samples that I use for testing. Naturally, some of the sites don't exist anymore, but quite a few are still around. The toolbar's performance was disappointing—it missed almost two-thirds of the sites. On the other hand, it did block a third of them, which is better than no protection.

ZoneAlarm also offers a very simple Game Mode that suppresses all pop-up queries, either answering all with "Allow" or answering all with "Deny." The Game Mode window warns that using Game Mode "may reduce the security of your system." Certainly it will if you set it to allow all access automatically. Game Mode is safer with a cutting-edge firewall that makes its own intelligent security decisions, like Norton Internet Security 2009.

ZoneAlarm 8.0 handles all the basic tasks of a personal firewall, but that's as far as it goes. If you want advanced features like SmartDefense Advisor and OSFirewall, you'll have to spring for one of the paid editions of ZoneAlarm. The new user interface is a welcome change, but it's about the only change. Still, ZoneAlarm remains a dependable choice when there's no budget for security.

More Firewall Reviews:

Final Thoughts

- Security

ZoneAlarm 8.0

3.5 Good

ZoneAlarm 8.0 offers effective basic personal firewall protection at a fantastic price—free! But if you want advanced features like automatic program control configuration, exploit prevention, or behavior-based operating-system protection, you'll have to upgrade to the paid version.

About Our Expert

Neil J. Rubenking

Neil J. Rubenking

Principal Writer, Security

My Experience

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.

Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.

In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.

The Technology I Use

Much of the testing I do, particularly testing with real-world ransomware, is just plain dangerous. To perform such tests safely, I sequester them inside virtual machines managed by VMWare Workstation. For cross-platform testing, I use a MacBook Air, a Google Pixel 4, and a 6th-generation iPad.

I rely on my Delphi coding skills to create and maintain small applications. These include programs to check whether an antivirus correctly handled the malware it detected, launch dangerous URLs and record the security program’s reaction, and analyze the malware that I collect for use in testing. I also wrote a tiny browser and text editor for use in testing security apps that have predefined reactions for known products.

I do my writing and research on a Dell OptiPlex desktop, relying on Microsoft Word (my fingers know all the shortcuts). Many of my articles include charts and analysis; Excel is my go-to for those. When work hours end, though, I escape the bounds of Microsoft and Windows. There’s an iPhone in my pocket, I relax with my oversized iPad, and my Kindle Oasis is always loaded with the best science fiction and fantasy.

Read the latest from Neil J. Rubenking

Read full bio