First off, Zone Alarm is ****e. Absolute garbage, for a variety of reasons, not least that it alerts for everything including voltage changes on the ethernet cable. I'd trust Windows Firewall further, but only because its slightly less annoying. Not because its any good.
Second FTP is one of the worst ideas I've ever heard, as its a completely cleartext system. Its as bad as using telnet. There are other, better alternatives out there. Even Windows File Sharing (for internal stuff) is better, provided you A) use NTFS, B) grok share security, C) grok NTFS file permissions and D) have secured your Windows box properly to begin with. And if you' haven't done (D), leave the damn thing off the network until you do. SMB shares can be conveniently turned on and off with one check box in the network configuration (or, under XP, one command through netsh). If you choose not to use SMB shares and decide to go the FTP route, make sure to use an FTP service that maintains its own user/password table (IE, not the Windows FTP server) and make sure that the usernames aand passwords used there don't match any usernames and passwords on your Windows box. FTP is trivial to sniff, and if you're using Wireless, regardless of encryption strength/method, its a bad idea to let your real credentials go floating around.
WEP--even 256 bit (only available on some hardware)--is crackable by anyone, even a retarded script kiddy, given the existence of AirSnort. WPA is by far and away the best option you're going to get short of expensive hardware the uni isn't going to have.
Microsoft has a great guide for securing a server that's going to be attached to the Internet. Its in the Knowledge Base. Go get it. Apply it to your machine. There's a lot of extra crap in there that you don't need that is just screaming for some smeghead to come in and own your box. Ditch the compatibility cruft, the convenience cruft and for Bosch' sake, don't activate IIS unless you've got some professional experience. That's REALLY asking for trouble.