Antivirus Lab ResultsChecking the independent labs for ZoneAlarm results is a bit confusing. Virus Bulletin is the only lab that regularly tests ZoneAlarm. Even then, over the past four years ZoneAlarm has participated in just five VB100 tests and passed four of them.
Why this lack of love? Because the antivirus component in ZoneAlarm is licensed from another well-known security company, so most of the labs simply test the original. Check Point officially does not identify its antivirus partner, but you will find dozens of DLLs and other support files whose digital signature, copyright notice, and internal company name point to Kaspersky Lab. Coincidence? You decide.
The labs just love Kaspersky, giving it almost universally high marks. For a rundown on the major independent labs and their tests, see see How We Interpret Antivirus Lab Tests.
Installation Ups and DownsZoneAlarm's installer gets right to business with a quick install option that configures all settings with default values. Do keep your eyes open; if you don't opt out you'll find that you've changed your browser's home page and default search to ZoneAlarm.
The installer runs a quick scan for active malware. If it finds threats, it runs a pre-install scan, reboots, and starts the installation again. That's a smart way to avoid having the installer derailed by malware. Half of my malware-infested test systems got this treatment.
Despite the pre-install scan, installation failed on three test systems. On advice from tech support I ran the Kaspersky Virus Removal Tool—there's Kaspersky popping up again! After KVRT one of the problem systems was fixed. For the other two, tech support recommended scanning with the Kaspersky Rescue Disk.
ZoneAlarm still wouldn't install after the rescue disk's cleanup. With a commercial product tech support would most likely have escalated the situation, perhaps arranging for a support agent to clean up the system using remote control. Since this is a free product, that wasn't an option. ZoneAlarm simply failed to install on two of twelve test systems.
Impressive Malware BlockingFor my malware blocking test I attempt to install the same collection of malware samples on a clean test system. ZoneAlarm wiped out almost three quarters of the samples as soon as I opened the sample folder. It detected almost all of the rest during the install process, with a 95 percent detection rate overall. Its score of 9.3 points for malware blocking overall is definitely impressive, as is its perfect 10 of 10 points for rootkit blocking. The article How We Test Malware Blocking explains how I test and score antivirus products.
ZoneAlarm Free Antivirus + Firewall malware blocking chart
A few quirks mar this product's swing at perfection. When I attempted to download the same collection of threats, ZoneAlarm handled each download and either gave the program a safety rating or asked for permission to run an advanced analysis. That seemed like a good thing.
The problem is, in over half of the cases the download protection module disagreed with the on-access antivirus. Again and again I saw "Advanced Download Protection has determined this file is safe" while the antivirus identified the same file as malware. In one case, the regular download protection module displayed a big green "safe" notice for a file that on-access protection had wiped out on sight in the previous test. I don't have a lot of confidence in advanced download protection.
ZoneAlarm also includes behavior-based malware identification, but I never saw it kick in for any of my malware samples. On the other hand, when I tried to install 20 valid PCMag utilities ZoneAlarm flagged four as suspicious. Choosing to deny the suspicious action rendered three of the four unable to perform their function.
Boot Time SlowdownThis stripped-down suite had a lower-than-average impact in most of my performance tests. A script that fully loads 100 Web sites took just 6 percent longer under ZoneAlarm's protection than with no suite at all; the average among current suites is 23 percent. Another script that moves and copies a large collection of file between drives took 8 percent longer, while the average is 13 percent. And a script that zips and unzips the same collection of files ran 11 percent longer with ZoneAlarm watching, compared to the average of 17 percent.
I was surprised, then, to find that ZoneAlarm lengthened my test system's boot time by 60 percent, significantly more than any other current product. Results were consistent across 100 test runs. Boot time here refers to the time elapsed from the start of the boot process (as reported by Windows) until the system is ready for use. I define ready as meaning CPU usage is under 5 percent for 10 seconds in a row.
Most users spend a lot more time surfing the Web and working with files than rebooting the PC, so ZoneAlarm's impact won't make a big difference.
A Good, Free Choice
ZoneAlarm's free firewall has outlived many competitors. It's the gold standard for free personal firewall protection. The antivirus protection that takes ZoneAlarm Free Antivirus + Firewall into the security suite realm doesn't quite measure up to that standard. On the other hand, its phishing protection is among the best.
ZoneAlarm's free firewall has outlived many competitors. It's the gold standard for free personal firewall protection. The antivirus protection that takes ZoneAlarm Free Antivirus + Firewall into the security suite realm doesn't quite measure up to that standard. On the other hand, its phishing protection is among the best.
If you need a free security suite, this is definitely a good choice. Just be prepared for the possibility that you'll need additional help with initial installation on a malware-infested system. Comodo Internet Security Pro 2012 ($4.99/year direct, 4 stars) is another good choice, with better antivirus protection but a less-sophisticated firewall. Given that they're free, you can try both and make your own choice.
Post a Comment