cancel
Showing results for 
Search instead for 
Did you mean: 

ZoneAlarm vs WinXP/ICF

Stef
Grafter
Posts: 247
Registered: 13-08-2007

ZoneAlarm vs WinXP/ICF

At home I have got four computers behind a DG814.

On my main PC I've got AVG Anti-virus, Zone-Alarm and ICF (WinXP) switched on.

I've got Zone Alarm primarily to watch out for out-bound Trojans. Other than alerting me to inbound probes I can't see what Zone Alarm buys me over ICF for inbound protection?

As I said I am running ICF *and* Zone Alarm.

Perhaps I should turn off ICF?

(I am reluctant to do this as it seems to have worked well up to now - prior to me installing ZoneAlarm)

Should I turn ICF off?

What do you think?

Opinions appreciated!

Many Thanks, Stefan
3 REPLIES
Community Veteran
Posts: 14,469
Registered: 30-07-2007

ZoneAlarm vs WinXP/ICF

Turn off ICF, it is serving no purpose and is not a firewall anyway. ZA will protect you from both inbound and outbound connection attempts. Also your DG814 is running in NAT mode (assuming this is still enabled) which still stop any incoming connection attempts anyway.
Stef
Grafter
Posts: 247
Registered: 13-08-2007

ZoneAlarm vs WinXP/ICF

Quote
Turn off ICF, it is serving no purpose and is not a firewall anyway. ZA will protect you from both inbound and outbound connection attempts. Also your DG814 is running in NAT mode (assuming this is still enabled) which still stop any incoming connection attempts anyway.


Thanks have done this! - all seems well...

You are right - behind the DG814 there is no incoming 'noise'.

I was actually talking about another PC which is directly USB connected (No Router!) - and wow don't you just see 'the noise' VERY INSTRUCTIVE but I think the same thing probably applies to this computer too i.e. switch off ICF & switch on Zone Alarm.

I plan to upgrade the latter PC with a hardware NAT firewall too soon...

Many thanks, Stef
Community Veteran
Posts: 14,469
Registered: 30-07-2007

ZoneAlarm vs WinXP/ICF

Quote
I plan to upgrade the latter PC with a hardware NAT firewall too soon...


A lot of recent ADSL modem routers (the more expensive ones anyway) have a proper hardware firewall - often refered to as SPI (stateful packet inspection). The later netgear products do: DG834G etc. While this is better, it does mean you need to get the firewall config correct. I would still run ZA on the PC anyway, better to have 2 firewalls than none at all and ZA can restrict application access whereas the hardware firewall can only block ports, not applications.