Configuring ZoneAlarm Pro

Post by Peter Poulsen » Sat Jan 17, 2009 2:21 am
We are very well aware that a firewall is essential to our security on the internet. It scans and filters all incoming and outgoing traffic for any malicious activity, thus providing us with ultimate real-time security.

I consider ZoneAlarm as the best option for this job. ZoneAlarm, by itself is a very powerful firewall, one of the best firewalls available to common man. But with the right configuration this program can pack some serious muscle, making it undoubtedly the best in it's class.

If you’re running ZoneAlarm Pro you will probably have noticed that most of the "Advanced" settings might as well have been in Japanese for all the use they are. User friendly is what they're not!

Use this guide if and only if you are not connected to a Local Area Network.

Launch ZoneAlarm Pro and click to highlight the "Firewall" tab on the left hand side.

In the pane that appears on the right hand side in the section "Internet Zone Security" set the slider control to "High".

Then click the "Custom" button in the same section.

The next settings page is divided into two sections with tabs "Internet Zone" and "Trusted Zone" at the top of the page.

Under the Internet Zone tab there is a list of settings that can be accessed by scrolling.

At the top is the high security settings and the only thing that should be checked there is "Allow Broadcast/Multicast". The rest should be unchecked.

Scroll down until you get to the Medium Security settings area.

Check all the boxes in this section until you get to "Block Incoming UDP Ports".

When you check that you will be asked to supply a list of ports, and in the field at the bottom of the page enter 1-65535.

Then go back to the list and check the box alongside "Block Outgoing UDP Ports" and at the bottom of the page enter 1-19, 22-79, 82-7999, 8082-65535.

Repeat this procedure for the following settings "Block Incoming TCP Ports": 1-65535.

"Block Outgoing TCP Ports": 1-19, 22-79, 82-7999, 8082-65535

Then click "Apply" at the bottom of the page.

Back in the right hand "Firewall" pane go next to the yellow "Trusted Zone Security" section and set it to "High" with the slider.

Click "Custom" and repeat the above procedure this time choosing the "Trusted Zone" tab at the top of the settings page.

These settings will stop all incoming packets at ports 1-65535 and also block all pings, trojans etc. This will also stop all spyware or applications from phoning home from your drive without your knowledge.

Hope you can use these settings and more info can be obtained at www.hoejegladsaxe.dk