First let me complement Comodo for excellent free products. I have been using Boclean for a long time, and just started using CPF 3. Boclean is very easy to use, even for my computer illiterate 88 year old grandmother. I am very knowledgeable about computers (but by no means an expert) and my profession involves making complicated printed and electronic information more easily understandable across many levels of education (i.e. I make things user friendly). Now that I have used CPF, I can say without a doubt...CPF3 is not a firewall for the masses, and it is probably too complicated for the average computer user. I suppose this is not a problem if Comodo is aiming for this market. However, with such a strong product, it seems that this firewall could be easily modified to make it more simple to use.
A few suggestions that may be worth considering:
1) Make a whitelist for known and trusted behaviors for D+
---- A white list of over a million applications is not very helpful if it only applies to the firewall and not to D+. The number of alerts I received was absolutely rediculous. Make a whitelist for known and trusted behaviors for D+, then allow the user to select whether to ignore the white list or use the whitelist. It is disconcerting to see D+ to pop up alerts when explorer launches a known windows process. By the way, the technique of training the firewall is fine for techie's, but for the average user, it is unsettling to deal with the abundant alerts about unfamiliar programs (which are actually common system/windows components) . A co-worker ditched CPF3 because she felt more safe with Norton's firewall! She said that the alerts from Norton represented "a real threat and not gobble-dee-gook that scared her for no reason."
2) Make a set and forget option for beginners
--- This should be integrated into the program as either a choice during installation/setup or as an option in the miscellaneous menu. A beginner should not have to sort through all the forums to find an outdated tutorial.
3) Have an option to alert you when a known type of attack occurs
(not a log entry, but an alert). E.g. port scan, etc. If there is sych an option already, it does not seem to work on my computer despite having tried all the possible settings. It is nice to know when you are under attack. As my co-worker said, "Norton tells me I am being attacked and does not bother me about safe stuff. Comodo doesn't tell me I am being attacked; it only alerts me about safe stuff. That's just not logical."
4) Fix the File Group stuff
--- in general, the file group stuff is too complicated and seems to be full of bugs. The option to add a file group is buried, and should be more easily accessible from all relevant areas within the program. Adding file groups to the security policy in the firewall and D+ did not work. I am may be doing something wrong, but it should not be this difficult to get things to work.
5) Allow better ability to organize security policy list
--- e.g. group related events simply by dragging and dropping (which would also be an easier way to define a file group). Have the option to list the policies in order of when they were added, alphabetical order, or by the "treat as" criteria. Organizing the list makes it much easier to identify a policy that may have mistakenly been allowed.
Thanks for your hard work. Your program is a great assett aready...but a more intuitive interface for the average user may allow more users to feel comfortabale with such a strong product.