How would you rate Comodo Personal Firewall? and what to improve?

[Guest]

[Melih]

Hello all,

I've been using the firewall for about six months.  Previous to this I used (in order) Sygate, ZoneAlarm and Kerio (Sunbelt).

Sygate and ZoneAlarm were definitely easier to configure -- especially for inexperienced users.  Kerio gave me problems and I went back to  ZA until I discovered Comodo.  Configuration was a little daunting at first, but it actually worked quite well "right out of the box".  There were also a few issues when my AV software updated to its latest version (NOD32).

Things seem to be moving smoothly now that I have one request/suggestion.  I am quite vision impaired and the user interface is definitely NOT friendly to vision impaired folks. I don't know who decided that a light color on a white background for, well, anything was a good idea, particularly when coupled with minuscule text size.  Offering a larger text, higher contrast user interface would be very helpful.  Especially for doing any "fine tuning".

Other than that, I'm definitely happy with the firewall and I recommend it to all of my friends.

SpotCheckBilly

Thanks for that SpotCheckBilly
I have passed this request to our GUI design team. I hope they will keep that in mind when re-designing the gui.
thanks
Melih

[roberta]

.......
...........
Things seem to be moving smoothly now that I have one request/suggestion.  I am quite vision impaired and the user interface is definitely NOT friendly to vision impaired folks. I don't know who decided that a light color on a white background for, well, anything was a good idea, particularly when coupled with minuscule text size.  Offering a larger text, higher contrast user interface would be very helpful.  Especially for doing any "fine tuning".
......
..........

Good Day Melih,

I Strongly agree with the suggestion to improve readability of the GUI......

Thank You Very Much,

Roberta


PS:
Also, the Changelog released for each new version should Please provide Far more detail....

[AnotherOne]

I am beginning to notice a general slow-down of many operations on my system and I was wondering if it might be due to the Defense+ module.  I did a quick count of the entries on the Computer Security Policy page and there were 230 entries.  Clicking Apply there causes a delay of 8 seconds before the process finishes, so I was thinking that it might be that there are so many entries there that filtering the general operations of the system might be slowed down as a result.  Since I have been saving configurations for about three months now, I would expect that the Computer Security Policy page will continue to grow even further. 

I also checked the Access Rights for Explorer and found that it contained nearly a hundred entries under Modify for Run an Executable.  That has to be slow and I can't see the need to filter what Explorer can run.  I changed that to a * to allow all programs to be run by Explorer.exe, but maybe that should be built into the firewall? 

[adric]

I am beginning to notice a general slow-down of many operations on my system and I was wondering if it might be due to the Defense+ module. I did a quick count of the entries on the Computer Security Policy page and there were 230 entries.  Clicking Apply there causes a delay of 8 seconds before the process finishes, so I was thinking that it might be that there are so many entries there that filtering the general operations of the system might be slowed down as a result.  Since I have been saving configurations for about three months now, I would expect that the Computer Security Policy page will continue to grow even further.
 

Do you happen to block Comodo Firewall in the Network Application Rules?

I noticed that  cfp.exe  triggers an outgoing DNS request  each time  the apply button is used on the Network Security Policiy or the Predefined Firewall Policies. I just tried the apply button 4 times and I have 4 cfp.exe entries in the log.

From the looks of it, cfp.exe is waiting for a DNS response which it never gets when you have it blocked.  If I allow DNS for cfp.exe, the delays disappear. Why cfp.exe needs to do DNS when applying network rule creation/changes is something I can't answer and wonder about.

Al

[AnotherOne]

Comodo Firewall Pro applications all have Allow selected for DNS Client Service under the Access Rights page.  This is the original default setup - I have not altered it.  No the slow-down is not due to that cause.  I think that it is more due to some applications accumulating a large list of rules.  Looking at Firefox and Thunderbird shows a short list of entries on several Modify buttons - probably about thirty different entries for each application.  I have been editing programs that develop a long list of files that they modify to allow them to "Run an Executable" using Allow C:\directory\subdirectory\* so that there are fewer entries.  Even so, I was wondering if it was really necessary to have rules for many of the programs on the Computer Security Policy page.  Calling them "Trusted" programs might be adequate for the ones that are not loaded into memory at all times.

[halfcack]

I didn't know what to think of it at first.  I found a then current copy of Matousec, found out about Comodo, got skeptical, tried to figure the angles, tried the first one, kept updating while trying other things.  I've gone to Comodo and NOD 32 for 24.95 a year from New Egg and dropped, Web Root, SywareBlaster, SpywareDoctor, PCTools, AVG, Norton, and several others running simultaneously wondering why my computer was so slow.

Now I have the lightweight NOD Anti Virus and the #1 Firewall in the world.  Very Happy.

[Chai]

My vote: 4 out of 5

I've been testing CFP 3 for a month now and am very satisfied with it overall.  Effectiveness is the first priority, and with all its features (the ability to setup security policies in such detail, password protection, etc.) and from what I've read online at matousec.com, it seems to be top notch.

However, it is not perfect.  My biggest gripe is with CFP's abundance of pop-ups asking the user what to do about potential network access violations.  Most average computer users have absolutely no idea what these pop-ups mean.  They cannot possibly tell the difference between a malicious threat and a legitimate network access.  Most simply look for an X to click, others either always click allow or always click block.  Perhaps a setting that, by default, lets CFP automatically select the best course of action would be preferable.

Along the same lines, in the Firewall's Behavioral Settings, under the Alert tab, perhaps Very Low would be the best default setting rather than Low.  Default settings should be set with the average (aka clueless) computer user in mind; experts can alter the settings as they please.  The average user does not know what TCP and UDP are.

I'd also like to see CFP apply more appropriate network access policies to at least well known applications.  Internet Explorer and Firefox should have Web Browser policies set, but instead are Custom with the default settings.  Outlook and Thunderbird also show up as Custom instead of Email Client.  Maybe using a combination of a database of such applications (ideally, with the computer configured right after installation) with existing analysis capabilities would be a better solution.

But despite these issues, I am happy with CFP 3 and intend to continue with it.  Thanks!

[Chai]

Just thought of another two improvements.

I'd like to see an optional feature from within Defense+ > My Trusted Software Vendors which automatically scans all executables for digital certificates within all the program folders on local hard drive(s) in order to automatically add them to the trusted vendor list.  A button to press to initiate the scan would be great, as well as a check box or something during program installation to query the user as to whether or not to automatically perform this scan right after program installation completes.  Also, maybe a database check of known trustworthy programs during this scan, to add any executables not digitally signed but known to be trustworthy (not sure if this would be bad practice or not).

I also would like to see less pop-ups from Defense+.  Add a database of known trustworthy apps that contains a conservative estimate of their access rights (more unique needs can be learned).  The user should not have to be asked about the access rights of common apps like Mozilla Firefox and MS Word, or at least these queries should be minimized as much as possible.

Thanks again!

[Chai]

One more!

Creating groups and assigning predefined policies seems defeated in purpose, other than to apply initial settings, because as exceptions are learned by Defense+, secondary policies are created for individual files and set to Custom.

To preserve initial policy settings while also allowing files within groups access to other files within the same group would be ideal.  Maybe add the ability to let groups dynamically allow access rights and protection settings exceptions between files within the same group.  In other words, when specifying the group to allow access rights or protection settings exceptions, add a choice to the group list I'll call "Current Group", which corresponds to the group that files in that group belong to.  As it is, you can only statically do so, in that you must specify a specific group to do so with, which means you'd need a different policy for each group, which defeats the purpose of predefined policies.

This won't help when exceptions for files outside of the current group are learned, but it's a step in the right direction, I think.

[moonshine]

maybe this is already available

the ability  to choose default settings from a list based on our situation. For example, for a soho computer. Then if we want a local network, switch to that setting. And disable file sharing, Netbios ports etc.

[moonshine]

notified on updates thread :

It would be good if we were notified of updates in this forum somewhere. An update notification thread. I had an update yesterday and when I clicked to find out what it was, the popup showed an error so I didn't find out what it was.

[Vettetech]

There are several threads about updates. Ateast 3 of them.

[mtrekster]

4 from me, for ease of installation.

one thing, could you all have email as well as im alerts to those who want to have alerts to updates, and do not want to deal with update bugs in the versions of cfp that they have?

thank you.

[MrBrian]

I am beginning to notice a general slow-down of many operations on my system and I was wondering if it might be due to the Defense+ module.  I did a quick count of the entries on the Computer Security Policy page and there were 230 entries.  Clicking Apply there causes a delay of 8 seconds before the process finishes, so I was thinking that it might be that there are so many entries there that filtering the general operations of the system might be slowed down as a result.  Since I have been saving configurations for about three months now, I would expect that the Computer Security Policy page will continue to grow even further. 

This behavior started in CFP v3.0.18 apparently.  I am using v3.0.14, which doesn't have this issue.  I created a separate topic about this in Bug Reports.

[Severian]

I used version 3 for about a month and have just reverted back to 2.4.

While I appreciate the development and availability of great free programs like Comodo, I just did not like the new interface. The 2.4 interface is clean and to the point! The Application Monitor and Network Monitor areas of 2.4 are the best examples of this. They are very straightforward and intuitive. I especially love the Network Monitor 'stack' with rules being processed in a changeable order much like a hardware firewall.

Version 3 just seems to have been 'dumbed down' so much that it's actually a lot more confusing and tedious. I would have gladly stayed with version 3 if the interface was similar to 2.4.

I hope you consider this viewpoint in future developments.

Thanks,
Sev

[Tags:]