ZoneAlarm ForceField

Protects you from threats on the web, but not from yourself.

Just surfing the Internet can be enough to infect your system and grant malware uninvited access to your hard drive. But what about the malware that is invited? Malware writers know that the quickest way to infiltrate a system is through the end user, and there’s no shortage of dirty code masquerading under the guise of helpful applications. By the time you realize you’ve been duped, it’s too late, and it’s here that ForceField ultimately falls short.

Like BufferZone, ForceField protects at the application level, enveloping your web browser in an emulation layer. You’ll know ForceField’s working by the green border glowing around your browser. As you surf the web, unsolicited downloads write to a virtual file system, which prevents rogue sites from thrashing the OS. As a second layer of protection, ForceField issues a warning whenever you’re about to enter a site known to distribute spyware, at which point you can enter anyway or hightail it to safer corners of the web.

Select the Private Browser to cover your tracks and ForceField will block cookies, prevent pages from being added to the history, and erase auto-fill and completion entries.

But unlike BufferZone, this one-two punch falls far short of providing an impenetrable defense. ForceField focuses only on web browsing, leaving email, IM clients, and other connected applications exposed to the same dangers. And while ForceField neutralizes unsolicited downloads occurring behind the scenes, it won’t save your system if you accidentally execute a malicious file or willingly install a seemingly innocent application only to find out later it was laced with spyware.
ForceField was still in beta form during our tests, and we uncovered a few rough edges. Despite support for both Internet Explorer and Firefox, we initially couldn’t get either browser to load through Vista’s start menu; instead, we had to right-click the ForceField icon in the taskbar. Several reboots later the problem disappeared. XP wasn’t affected, but some applications managed to load unprotected browser windows in both OSes, exposing a major vulnerability.

A major security flaw allows pop-ups to open outside of ForceField’s virtualization shell, giving malware an open door to your system.

When we navigated the same shady websites we surfed with BufferZone, ForceField identified only some of them as potentially harmful, letting several others slip through undetected. You have to wait while downloaded files undergo a scan for known malware, and we had little success getting ForceField to flag files embedded with Trojans and other common cruft. False positives were much less of an issue, but that’s little consolation given the weak detection of real threats.
By limiting virtualization to just automatic downloads made through the browser, ZoneAlarm also limits the product’s appeal. In its current form, ForceField can’t be counted on to provide a reliable defense. And even though ForceField isn’t intended as a stand-alone security application, there’s not enough to it to justify a $30 investment.

Not Approved, $30/year
http://www.zonealarm.com