I don't know if design suggestions belong in this forum, but here are my two cents anyway.
I have been surprised by the fact that during updates initiated by ZA itself, I will get HTTP 403 errors from the URL ZA is trying to connect to for a download.
I have to manually enter the website (download.zonelabs.com) under Privacy and turn off all of the protection options.
Shouldn't ZA be able to validate and access it's own site?
Also, I found that programs like CheckPoint (which owns ZA now) are not auomatically validated either.
This is a case where ZA should have every detail on every file (including checksums and other authentication data) in order to validate the running of such files.
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite