Trusted
Zone tabTrusted
Zone tab
|
Click the numbers to learn about specific controls, or read an introduction. To reach this tab: 1. Go to Firewall / Main tab |
Use this dialog box to customize high security and medium security settings for traffic to and from the Trusted Zone.
High security settings for Trusted ZoneThese are the port and protocol restrictions applied to the Trusted Zone when High security is selected in the Main tab of the Firewall panel.
Tip To view the
settings for Medium security, scroll down below the high security settings.
The default settings for high security block all inbound and outbound traffic through ports not being used by programs you have given access or server permission, with the following exceptions:
These protocols are permitted because they are central to basic Internet addressing functions and do not represent a serious security risk.
You can allow communication through additional ports at high security either by selecting one of the preconfigured protocols shown (ICMP, IGMP, and so forth), or by specifying a port number. To specify a port number, follow these steps:
*On Windows 9x systems
**If the machine is configured as an ICS gateway in the Security
tab.
Medium security settings for Trusted Zone
These
are the port and protocol restrictions applied to the Trusted Zone when Medium
security is selected in the Main tab of the Firewall panel.
The default settings for medium security ALLOW all inbound and outbound traffic through all ports, INCLUDING incoming NetBIOS traffic (ports 135, 137-139, 445). The NetBIOS protocol enables file and printer sharing on local networks.
You can block additional ports at medium security either by selecting one of the preconfigured protocols (ICMP, IGMP, and so forth), or by specifying a port number. To specify a port number, follow these steps:
Trusted Zone
The Trusted Zone contains computers you trust want to share resources with.
For example, if you have three home PCs that are linked together in an Ethernet network, you can put each individual computer or the entire network adapter subnet in the ZoneAlarm Pro Trusted Zone. The Trusted Zone's default medium security settings enable you to safely share files, printers, and other resources over the home network. Hackers are confined to the Internet Zone, where high security settings keep you safe.
DNS (Domain Name System)
A data query service generally used on the Internet for translating host names
or domain names (like www.yoursite.com) into Internet addresses (like 123.456.789.0).
DHCP (Dynamic Host Configuration Protocol)
A protocol used to support dynamic IP addressing. Rather than giving you a static
IP address, your ISP may assign a different IP address to you each time you
log on. This allows the provider to serve a large number of customers with a
relatively small number of IP addresses.
DHCP (Dynamic Host Configuration Protocol) broadcast/multicast
A type of message used by a client computer on a network that uses dynamic IP
addressing. When the computer comes online, if it needs an IP address, it issues
a broadcast message to any DHCP servers which are on the network. When a DHCP
server receives the broadcast, it assigns an IP address to the computer.
NetBIOS (Network Basic Input/Output System)
A program that allows applications on different computers to communicate within
a local network. By default, ZoneAlarm Pro allows NetBIOS traffic in the Trusted
Zone, but blocks it in the Internet Zone. This enables file sharing on local
networks, while protecting you from NetBIOS vulnerabilities on the Internet.
