Exclusive: Zone Labs Integrity 5.0 firewall offering burns brightly

Installing personal firewall software on workstations throughout your company is a good idea, even if you have a firewall appliance protecting your network’s edge. After all, you can’t anticipate when your network will be infected from an internal source or when your hardware firewall might fail you — being prepared for these possibilities simply makes sense. Software firewalls such as Zone Labs’ Integrity 5.0, which offer varying degrees of protection and management flexibility, can be easily deployed in a large enterprise environment.

It’s been more than a year since we tested an older version of Integrity and the product has improved significantly. In this exclusive look at late beta code of Integrity 5.0, I found many important new features. Among them, Zone Labs has added ICQ support to the product’s protocol-level IM protection module. This module allows companies to reap the benefits of public messaging with the most popular IM applications while simultaneously curbing undesired use and thwarting passage of Trojan horses. System administrators have, for example, the ability to designate acceptable file types and links that can be passed over IM.

Zone Labs also has expanded support of 802.1x authentication, with certification from companies such as Enterasys Networks, Cisco, and Funk Software. Integrity can work with products from these companies to prevent users from logging on to wired or wireless LANs unless their computers are properly configured, have the latest anti-virus updates, and otherwise comply with security policies administered through Integrity. Integrity 5.0 will also include integration with Check Point VPN-1, bringing policy enforcement to remote-access clients. Moreover, Zone Labs has introduced additional anti-virus options from Computer Associates and Sophos.

Core features carried forward from previous versions include port stealthing, which hides PCs from crackers looking to slither in a back door, and stateful firewall inspection, which opens ports only to authorized network systems. Integrity gives administrators control over which applications may access the network and the tools to protect their networks from Trojan horses, spyware, and even malicious software masquerading as trusted applications.

The Integrity environment is comprised of client agents and a central server. Admins can create, develop, and manage policies based on users, groups, or IP ranges on Integrity Server using a convenient Web-based interface. The server then pushes the policies out to the agents installed on clients throughout the company.

One of the most important decisions an administrator will need to make is which of the three available client agents best fits the company’s needs. The most recently released client is the Desktop Client, a stand-alone agent geared toward informed end-users. It works independently of Integrity Server, allowing users to make their own security decisions such as which applications to install.

Administrators who want to keep a tight hold on end-users might use the Integrity Agent. This Java-based agent works in concert with Integrity Server to provide administrators with comprehensive, centralized management over end-users’ systems.

A good middle-ground alternative is Integrity Flex. It allows end-users to configure security policies when they’re off the network but also enforces corporate policy by way of Integrity Server when they’re connected. You can also configure Flex to enforce corporate policy when the end-user is off the network or to merge those policies, if that’s more appropriate.