Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Defense Starts Here: Page 6 of 20

Sygate Secure Enterprise 3.0, starts at $30 per seat. Sygate Technologies, (866) 308-8899. www.sygate.com

Zone Labs Integrity 2.0 | Internet Security Systems RealSecure Desktop Protector 3.5 | Securitae CMDS 2.2 | Symantec Security Center

Zone Labs Integrity 2.0


Zone Labs made its mark in the desktop firewall world with Zone Alarm, its application-blocking firewall for consumers. This technology has been merged into Zone Labs' enterprise product, Integrity 2.0 with Integrity Agent 3.5. Integrity offers all the protection options we sought, but its management, reporting and integration features are average at best.

Through the browser-based management server, Integrity lets you create multiple administrator accounts. However, you cannot place access limitations on which groups the administrator can configure--you can do so with Sygate's and ISS's products. All administrators have full access to all policy files. You can set two policy files: one for the trusted zone, the other for the Internet zone. And you can use these two files to control the ports, or applications can act as a server or as a client in either zone.

Integrity can quarantine POP3 and IMAP e-mail attachments based on file extensions, though it can't do the same for Webmail and Exchange. The end user has final say over whether an attachment should be permitted, but the file's extension is changed. You can find the original extension and change it back by looking at the mailsafe log file.

Importing the MD5 hashes can be a hassle, but an included utility, appscan, simplifies the process. You can do a reference scan or put a client in observation mode. We did the reference scan on a clean client system, and appscan generated a complete list of MD5 hashes, then uploaded that file to the Integrity server.

Unfortunately, a reference scan isn't enough to create an explicitly defined trusted application list. We needed to put the client on a clean system in observation mode. Once we launched our applications, they were reported to the management server. We could then set up the approved application list. This is the same process as enabling the Sygate firewall's learning mode. The benefit to a reference scan is that you can configure a policy to permit an application listed in the reference scan but not explicitly permitted or denied in the approved application list.