I have seen sites push ZoneAlarm for use with NAT routers like the Linksys. I fell for it, dished out $119 for the Personal Firewall and AV package. Am I any more secure than without?
Well…I needed an AV program so I can’t argue that (I did not have one, but I am not in high danger of getting a virus either for now).
I am still out whether or not ZoneAlarm offers me any more real protection. For sure, I know it was stupid for me to pay $70 or whatever for 4 licenses.
The way I see it, ZoneAlarm and my LinkSys combo just automate things. A package just put together for folks that don’t know any better (an make Linksys $40 per sucker that pushes the button). I wasn’t a total sucker….I did want to mess with it and see how it works, but I could have done it for free.
So far…this is why I think it may be a good idea.
If you are running a web, ftp or whatever server to the outside, you can load ZoneAlarm on the other PCs on your network for extra protection. The port from your Server to Firewall may be open, but you can close it on all the others. Not that you need (or at least pay for) something like ZoneAlarm to do that, but it does make it easy.
Another reason I like it is because of the application logs. I like to see what is trying to get and ZoneAlarm does do a good job at that. My router keeps logs, but I do not know what sent it. Again, something you can get for free, but it’s a nice all-ion-one package.
Next, for some people, they may like the extra features such as Email scanning, Cookie Control, Spyware protection and Banner/Pop Up control. I am not sure how well the Email scanning works. I sure as heck didn’t need to pay for cookie and spyware control. As far as banner/pop-up control, I find it better to control that via Hosts file. It just works WAY better than any software solution I have seen.
Last, you have all this on one switch. Meaning, you can shut it all off if needed with but a click.
Sorry for the ramble. Anyway, the only extra protection I can see that this gives is by adding a second barrier. However, if someone was able to get through a properly configured first, I bet the personal firewall wouldn’t pose much trouble.