How do I use Zone Labs Integrity Desktop?

This answer helps walk you through how to use the basics of Zone Labs Integrity Desktop after its has been installed and configured.

zone labs integrity desktop main page

The green and red bars at the top of the Integrity window vary with the amount of traffic to and from the Internet. Click the red stop button to shut of communications with the Internet immediately. Click on the yellow padlock to turn on and off the Internet Lock. When the Internet Lock is on, your PC is not visible on the Internet.

Beside the padlock are icons for the programs that were communicating with the Internet at the time that the screenshot was taken. If you don't know what one of the icons represents, point your cursor to it and Integrity will tell you.

You don't normally have to either turn on or turn off Integrity; by default, it installs automatically starting when you start up your computer and you'll want to keep it running to protect you all the time. But if you do want to turn it on or off, here's how.

To open the Integrity Desktop: When Integrity is running, to open the Integrity Desktop, all you have to do is double-click on the Integrity icon in the Windows System Tray at the right-hand side of the Windows taskbar at the bottom of your screen. When your PC is not communicating with the Internet, the Integrity icon is a stylized lowercase letter i, with a blue bottom and a red triangle dot. When you are communicating with the Internet, there are two sets of bars; the green bars are incoming communications, the red bars are outgoing communications which represent the same bars inside Integrity Desktop.

To close the Integrity Desktop: Click the X button at the upper right of the the window like any other program. This does not turn Integrity off, it only closes the window though.

To turn Integrity on: By default, Integrity installs with its firewall launched automatically when you boot your computer. You can start it by hand with Start -> Programs -> Zone Labs -> Integrity Client

To turn Integrity off: Right-click on the Integrity icon in the Windows System Tray at the right-hand side of the Windows taskbar at the bottom of your screen. (A lowercase letter i or a set of red and green bars.) Select Shut down Zone Labs Integrity Desktop.

Alerts

After you start using Integrity Desktop, you'll see alerts pop up from time to time with quite a few showing up when you first starting using it.

Program Alerts

Program Alerts occur when a program on your computer wants to access the Internet. The Program Alert will tell you which program it is. Click Yes to allow the program to access the Internet, No to block it. If you will always want to answer in the same way for that particular program, check Remember this answer the next time I use this program before you click Yes or No. For the first week or so that you're using Integrity Desktop you'll get a lot of Program Alerts, but they'll taper off pretty quickly as you have the program remember your answer.

illustration of New Program Alert

Usually, when you get a program alert you'll recognize the program that wants to access the Internet: outlook.exe is obviously Outlook. Integrity will tell you the name of the program and will give you a View Properties link that will open the file's Properties, which tells you, among other things, when it was created, what type of file it is, and who can use it.

If you don't recognize what it does even when Integrity Desktop tells you what the name of the program is? Use the Program Alert's Alert Advisor section and click More Info. For example, I just got an alert from about the Generic Host Process for Win32 Services. When I clicked More Info, it took me to a Zone Labs Web page that told me what the program is and does, allowing me to make a safe decision.

Sometimes Zone Labs doesn't know about a specific program. Usually a Google search for the .exe file or the .dll in question will give you the answer. Someone else will have already asked "My firewall asked me whether I should let blah.exe talk to the Internet" and you can use the answer they received. Just type the name of the exe file (for example blah.exe) in Google's search box.

But don't worry if you make a decision and want to change it; all of the answers you give to a Program Alert are displayed in the Program Control section of the Integrity Desktop and you can change them whenever you want.

Personal Policy Alert

The other type of alert you'll see a lot of are Personal Policy alerts. They just tell you that the firewall has protected your computer from a probe from the outside. You can just click OK to close them. And when you've seen enough of them and you don't want to see any more, click Don't show this dialog again. before you click OK. Closing the window or turning off the alerts doesn't turn off your firewall protection.

illustration of an intrusion alert

Setting a Password and Backing Up and Restoring Integrity Settings

The Overview menu has a Preferences tab that allows you to set a password for the Integrity Desktop. If you won't forget it, that's a good idea, so that other people who have access to your PC won't be able to change your security settings. Overview is also allows you to Backup and Restore your Integrity settings, which can be useful if you're upgrading Integrity or moving from one PC to another. When your backup your Integrity settings, a file containing your current settings will be saved in XML format.

Here's how to save and reload your Integrity preferences:

  1. On the Overview menu/Preference tab, use the Backup button (above) to backup current security settings.
  2. Save the XML file it creates on your desktop or somewhere else notable.
  3. Uninstall the current client.
  4. Install the new client.
  5. Then on the Overview menu/Preference tab, use the Restore button and point to your saved XML file.

Zones

Open the main Integrity Desktop page: and click on Firewall on the left side of the Integrity Desktop. The Firewall section comprises the Main, Zones, and Expert tabs.

  • The Main Firewall tab allows you to manipulate the Internet Zone, the Trusted Zones, and the Blocked Zones. The default settings for these zones are as follows:
  • Internet Zone Security is set HIGH, where your system is hidden and protected from all traffic in the Internet.
  • Trusted Zone Security is set to MEDIUM. Medium setting allows sharing mode among Trusted Zones.
  • There are no pre-configured Blocked Zones configured.

The default setting is to allow broadcast/multicast network traffic for both the Internet and the Trusted Zones.

To read more about the differences between these zones, refer to Integrity Desktop client Help menu: keyword Zones.

Finally, the Expert tab allows you to customize multi-layered security settings in addition to the Zone security settings. By default no rules are set. With experience in network protocols and security settings, you can manipulate source and destination packets via source and destination ports according to protocol, date and time. The current default port permission setting is outlined in the Help menu: keyword Port Default Permissions.

UIC IP Addresses

The UIC Integrity client is pre-configured to trust

  • UIC West side server IP range (5 subnet)
  • ACCC Novell servers (subnet),
  • ACCC Netware servers (IP range),
  • ACCC Keyserver servers (IP range).

Ports

The Integrity Desktop Firewall security of High, which we recommend for the Internet Security Zone, blocks all network traffic except broadcast/multicast. You can, however, use the Custom Firewall Settings dialog to set Integrity up to specify allow types of traffic at specific "ports".

  1. Open the Integrity Desktop: Double-click the Integrity i icon or the green and red bars in the Windows System Tray in the Windows taskbar at the bottom of your monitor.
  2. Click on Firewall on the left side of the Integrity Desktop, then click the Main tab.
  3. Click either of the two Custom buttons.
  4. On the Custom Firewall Settings dialog, there are tabs for the Internet Zone and the Trusted Zone. Check all types off traffic that you want to allow in either zone. If you want to allow traffic from specific ports, check Allow incoming UDP Ports: as shown in the figure below, and type the port numbers or ranges, separated by commas, that you want to allow in the box provided.
    Zone Labs Integrity Desktop Custom Firewall Settings
  5. When you're finished, click the Apply button, then click OK.

Program Control

Open the Integrity Desktop and click on Program Control on the left side of the Integrity Desktop. This Program Control menu shows the set of applications and its components that are currently allowed to access your system.

The Main tab shows that the program control is set at default setting of Medium control which will ask for Internet access and Server rights for applications and have application components in a learning mode. Zone Labs, Inc. recommends the Medium setting for the first few days of normal use. This component learning mode enables Integrity Client to quickly learn the signatures of many frequently used components without interrupting your work with multiple alerts. Use this setting until you have used your Internet-accessing programs (for example, your browser, email, and chat programs) at least once with Integrity Client running. After you have used each of your programs that need Internet access, change your Program Control setting to High to minimize the number of alerts you will see.

The Program tab of this menu shows the access permission or server permission of application in your system. To know more about the difference between the two, check the Help menu: Keyword Permission Server.

Advanced users can specify the ports and protocols a particular program can use, the hosts it can access, and other details.

The Component tab shows the application components and their corresponding access permissions on your system. A guideline of when to allow access or deny access to application component is discussed in detailed in the Help menu: Keyword Component Loading Alert.

The UIC Integrity client is pre-configured to allow some common applications to access the network (Adobe Acrobat Reader, Internet Explorer, SSH Client, Ping, WS-FTP95).

Alerts and Logs

Open the Integrity Desktop and click on Alerts and Logs on the left side of the Integrity Desktop.

The Integrity Alerts and Logs menu Main tab allows you to set options as to what levels of incidents you are alerted about and the Integrity Desktop logs.

Zone Labs Integrity Desktop Alerts and Logs Options

Trusted Zones and Servers

     

The UIC Integrity client is preconfigured to trust many ACCC public servers, but you probably will want to add additional servers. A group that you probably will need are the UIC Bluestem servers, ness.uic.edu, ness1.uic.edu, and ness2.uic.edu. They will try to ping your machine when you login with Bluestem, and without adding these servers, Integrity will block their pings.

To add these servers:

  1. Open the Integrity Desktop and click on Firewall on the left side of the Integrity Desktop, then click the Zones tab.
    Zone Labs Integrity Desktop Trusted Servers
  2. Click the Add>> button, then click Host/Site. Fill in the Host/Site address dialog box for each of the ness servers: type the host name in the host name fields and a description in the Description field. Click Lookup and Integrity will put the IP address in the bottom box. Then click OK to add it to the Trusted zone.
    Zone Labs Integrity Desktop Add Trusted Host/Site
  3. Repeat for the two Keyservers.
  4. In the Integrity Desktop, click the Apply button.

Privacy

Open the Integrity Desktop and click on Privacy on the left side of the Integrity Desktop.

On the Main tab, the Cookie Control option allows you to block cookies from Web sites. The High setting is a bit extreme, but I've used the Medium, and had very little problems with it. The Ad Blocking option lets you block pop-up, pop-under, and animated ads (that's the Medium setting), and, if you wish, also all banner ads. The Mobile Code Control option also allows you to turn off all "mobile code". (Not a good idea.) All of these options can also be customized if you want.

The Site List tab gives a list of the sites that you have listed in the current session along with the sites that you have specifically set privacy settings for.

The Cache Cleaner on the Cache Cleaner tab does what you'd think it would; cleaning your cache on a regular basis can speed your computer up.

Email Protection

Open the Integrity Desktop and click on E-mail Protection on the left side of the Integrity Desktop.

On the Main tab, Inbound File attachment Protection, can be On or Off.

Outbound E-mail protection, also can be On or Off. Make sure this is On. This makes sure that no program except those you approve can send outgoing email. This means that even if you do get a worm or a virus, it can't send email out because you wouldn't give it permission to send email.

You might want to click the Advanced button and check out the advanced options as well.

On the Attachments tab, there is a list of extensions and types of file that will be quarantined; you can either add or delete file types from the list.

Need help?

Last updated: 

September 09, 2013

Browse by tag