Check Point has re-launched its most famous consumer product, the ZoneAlarm Free Firewall, adding an upgraded outbound defence layer with access to a cloud-based threat network.
The innovation of the revamped product is to tie in the collective threat reporting of what the company now calls its DefenseNet community into how the firewall works out what to block.
According to Check Point, this will have huge benefits when it comes to setting up the most complex aspect of desktop firewalling, outbound connections.
Windows 7 — the most secure version of the OS — comes with a competent firewall for incoming traffic but the outgoing filtering requires exceptions to be set up for individual applications to send packets out of the PC. Initially at least, this generates a barrage of alerts most consumers find baffling.
In many cases, the outgoing filtering is simply turned off, assuming it has even been turned on in the first place. Outbound connections matter to malware because they use it to communicate with remote servers or, in the example of botnets, to distribute spam without the user's knowledge.
According to Check Point, ZoneAlarm Free Firewall can overcome this problem by checking each user app against a database of applications hosted in its DefenseNet cloud and taken from the application's worldwide community. This will be able to answer 97 percent of queries in a 'hands off' mode, identifying known apps using an MD5 hash fingerprint.
Apps known to DefenseNet are allowed to send traffic out of the firewall, leaving only the small unknown number, including malware, to be blocked with an alert. Most of the time, Check Point says, the user will unaware of the whole checking process.
"Though it's necessary, antivirus is not enough. Consumers who do not have a powerful firewall are operating with an 'open door' policy, enabling hackers to access bank account information, passwords and credit card numbers," said Check Point's vice president of consumer sales, Bari Abdul.
Desktop firewalls are a curious piece of security technology. Every PC has one built into Windows, but few consumers have much idea of what they really do or whether downloading a new one is worth the bother.
The point of a firewall is really to monitor applications, but this often comes built into today's antivirus programs. Check Point's ZoneAlarm is really among the last of the standalone desktop firewalls for users who assemble their security using different vendors rather than buying them as a single suite.
This approach is increasingly becoming a zone abandoned to free applications that act as loss leaders and intelligence-gathering points for their makers.