features and fixing requests Zonealarm nextgen (3.2.122.0-3.3.411) (Updated on 19.apr.2022)
Answered

 

notes of 19.APR.2022-  Adding other changes and feature requests. Plus want to mention that most of the bugs got fixed or the software at least working much better in version 3.3.411.0.

 (last post update on 19.apr.2022)

All the recommendations are without drastic changes to the current version (Didn’t mentioning additional large features and more complex configurations (As it seems this version leading to less user interaction with settings and config).

Functionality:

  • Manual AV signature update is missing and it very desirable.
  • An option to delete quarantine files from quarantine is missing.
  • Within Firefox add-on – missing an option to open downloaded files or open the folder where the file located. I believe it Should function as the default Firefox dialog.
  • Enable multiple scans. right now when system or critical scan are in the process - there isn't an option to scan individual files and folders.
  •  
  • i've updated the post in 4 points below for additional requests in functionality in 07.apr.2022)
  • Option to scan large files (and archives) without size limit or at least to fix size (Especially for manual file and folder scan). Right now from what I see it skipping it. (The feature been there in legacy product as uncheck limit for 8 MB).
  • Anti-keylogger and protection from screen scrapers is a desirable component. (No indication about this version that there is one. Although was in the legacy product).
  • Menu that shows all the apps that been using internet connection and monitored by the firewall with option to limit some if needed (Was in legacy product).
  • Something that is nice to have in the firewall - There is an option that VPN vendors use to block the computer from traffic inside the LAN. It  usually also block internal communication between the Router page and printers that connected via wifi (For example in Nordvpn it called "Invisibility on lan"). I've saw that in version 3.3.410 of za nextgen some option that block internal traffic in the lan was added (when configured as high). But VPN vendors do something more critical than this (although a warning about blocked devices on lan should be added).I believe in the legacy extreme product it also blocked it as VPN softwares do (At least few years ago, not sure about the latest versions).
  •  
  • The two lines below added in 19.apr.2022

·        Add total threats blocked statistic in AV menu and also info of detected elements after a scan.

·        Separate Threat emulation module from browser protection to the AV. So basically the AV could use Threat emulation on all scans with enabled as default toggle, and an option to disable Threat emulation in browser (Because of slow downloads for known trusted files).

 

UI:

  • The taskbar icon should be changed and show when one of the modules is turned off and not protecting.
  • Option to clear the notification icon of the recent events.
  • After login and boot – I believe it will be better to show only one notification that says that all the modules are running and securing (or saying that one or few of them are disabled). Will be better and more informative than 3 different notification that the user immediately want to close without checking.
  • Suggestion - If the scan method on main page supposed to be quick and not full - then rename it to smart scan or something similar. So people would know there is also a full scan somewhere.
  • Option to close quarantine menu when it loading it (Or fix the delay) right now when you open the quarantine dialog it could take time and wont give access to rest of the ui. even if the software got closed and open again it keep stuck on loading it until it fully loaded.
  • Added in 09.APR.2022 Please change the behavior of popup windows when threat are getting block. Right now it open multiple windows one after another.
  • Added in 19.apr.2022 right now when the user disable all modules in web secure, clicking on "turn on" will enable just the anti phishing. Would prefer that all the modules will be enabled , and if the user will prefer than he will disable them manually.

 

BUGS:

  • Working and got fixed (V3.3.411) It seems that every run of full scan (450,000-600,000 files) and other scans it is filling the cached memory in the task manager. When it reaches the total capacity of the ram (for example 56GB from 64GB setup) it makes the web browsing severely slower. It noticeable especially in firefox, smaller impact on edge chromium. from a test i did i see that if i stop a scan before it fill the cached memory (or doing quick scan) it won't affect browsing speed.
  • Working and got fixed (V3.3.411) additionally to the previous bug - after a long scan (450,000-600,000 files) audio starting to stutter. By looking at "latencymon" inspection software after a long scan - the marks goes to the red zone and say the computer isn't suitable for real time audio applications.
  • Working and got fixed (V3.3.411) Tested on multiple computers and setups - and it seems antivirus stuck on signature from 06.07.2021 - on one pc it got first updated to current day after 12 hours. on another pc it didn't updated. another reason why manual update is needed. so i will suggest to change update policies and add manual update (also it best that it will update to recent signature on install).
  • In Firefox add-on legit downloads can be stuck for long time when Threat extraction is enabled. Sometimes minutes for a small file.
  •  
  •  
  • The two lines below Added in 19.apr.2022
  • On Some installs of ZA the addon for the browser that got installed was Harmony web protection instead of Zonealarm branded addon. Also it not worked and wont block anything and got errors that mention that it cannot connect to the server.
  • ZA notification of detected threats keeping appearing minutes after it already blocked and deleted the threat. In controlled lab test I could get more than 20 windows in a period of 10 minutes after it already deleted all.

Notes: few of the bugs were reported to the support team. Few logs were sent with additional info and being checked and investigate.

 

 

 

 

1

Comments

5 comments
  • Official comment

    Thank you again for your additional comments, suggestions, and feature requests.

    They have been forwarded to the appropriate ZoneAlarm team.

    Comment actions Permalink
  • Thank you for your feedback.

    1
    Comment actions Permalink
  • added additional info on the bug of resources after a long scan finished  (450,000-600,000 files). after a long scan the audio starting to stutter. By looking at "latencymon" inspection software after a long scan - the marks goes to the extreme red zone and say the computer isn't suitable for real time audio applications. I've contact the support team and sent additional logs and info. being told they testing and checking my logs and info on my system settings.

    1
    Comment actions Permalink
  • Adding other changes and feature requests. Plus want to mention that most of the bugs got fixed or the software working much better in version 3.3.410.0. That is not publicly distributed right now. (On release notes the latest version for next gen is 3.2.122).

    functionality

    • Option to scan large files (and archives) without size limit or at least to fix size (Especially for manual file and folder scan). Right now from what I see it skipping it. (The feature been there in legacy product as uncheck limit for 8 MB).
    • Anti-keylogger and protection from screen scrapers is a desirable component. (No indication about this version that there is one. Although was in the legacy product).
    • Menu that shows all the apps that been using internet connection and monitored by the firewall with option to limit some if needed (Was in legacy product).
    • Something that is nice to have in the firewall - There is an option that VPN vendors use to block the computer from traffic inside the LAN. It  usually also block internal communication between the Router page and printers that connected via wifi (For example in Nordvpn it called "Invisibility on lan"). I've saw that in version 3.3.410 of za nextgen some option that block internal traffic in the lan was added (when configured as high). But VPN vendors do something more critical than this (although a warning about blocked devices on lan should be added).I believe in the legacy extreme product it also blocked it as VPN softwares do (At least few years ago, not sure about the latest version).

     

    UI

    • Please change the behavior of popup windows when threat are getting block. Right now it open multiple windows one after another. (Tested with EICAR samples test).

     

     

    Also. when testing EICAR samples in Astmo.org - There is also a phishing test for vendors. zonealarm nextgen and also ZA mobile fail in it. (Zonealarm mobile Also didn't block the APK and can't find any apk on the device. i wrote about it in zonealarm mobile forum).

    1
    Comment actions Permalink
  • other additional request or shown bugs -19.apr.2022

    functionality

     

    *    Add total threats blocked statistic in AV menu and also info of detected elements after a scan.

    *     Separate Threat emulation module from browser protection to the AV. So basically the AV could use Threat emulation on all scans with enabled as default toggle, and an option to disable Threat emulation in browser (Because of slow downloads for known trusted files).

    Bugs

     

    • On Some installs of ZA the addon for the browser that got installed was Harmony web protection instead of Zonealarm branded addon. Also it not worked and wont block anything and got errors that mention that it cannot connect to the server. (Logs and info sent to support)
    •  
    • ZA notification of detected threats keeping appearing minutes after it already blocked and deleted the threat. In controlled lab test I could get more than 20 windows in a period of 10 minutes after it already deleted all.
    •  
    • UI
    • Added in 19.apr.2022 right now when the user disable all modules in web secure, clicking on "turn on" will enable just the anti phishing. Would prefer that all the modules will be enabled , and if the user will prefer than he will disable them manually.

     

     

    1
    Comment actions Permalink

Post is closed for comments.