CIS Charrette - Application System Activity Control

[Guest]

[kinemitor]

-1
wow how complicate you wanna it to be... i dont undertand many things
eq this override rules there are overrides action in more than 3 places, wtf? what override rule will be used?
i hope almos none of these "charette" dont get to be applied in the future

cis actually have many functions in a simple way to use and configure
what are you asking is for get it complicated without the need of it

[SG65]

-1
wow how complicate you wanna it to be...

I have to agree.

-1

[glifford]

-1
wow how complicate you wanna it to be... i dont undertand many things
eq this override rules there are overrides action in more than 3 places, wtf? what override rule will be used?
i hope almos none of these "charette" dont get to be applied in the future

cis actually have many functions in a simple way to use and configure
what are you asking is for get it complicated without the need of it

It's obviously not worked out quite right but, dude, calm down. You want none of it? You don't want to be able to search, filter, or sort your rules? You want to have to backtrack through several windows to edit file groups? You want to have to delete your exclusions to set CIS to block all access (assuming you're not juggling predefined policies)? You don't want to be able to apply your changes without closing the window? Get a grip.

Advanced settings are complicated. Have you ever opened the access rights window? It's nearly exactly what I'm showing. Override actions are set separately for Access Rights and Protection Settings. Asking which of those will be used, as if they can't both be used, suggests you're not familiar with what Access Rights and Protection Settings are. Actually, I'm under the impression you've never actually looked at these windows in CIS. They're just as complicated as what I'm showing, save for the override action. So, if your one gripe is the override action, then how about, rather than wigging out, you suggest something constructive, or explain why the override is excessive?

***

And while there's value to a cold-reading, you can avail yourself of the rest of the thread, so that you can engage in at least a slightly informed fashion. Cause I get the feeling some of your questions were actually answered in this very thread, before you posted. For instance...

"Granular control is hidden. It's hidden in tabs, rather in separate windows. Which I think if far more preferable.

The Basic Switches tab is the tab that shows by default, and the tab that will probably be as far as a novice user gets. I need to work on it some, but the principle is there.

Intermediate granularity is available via the additional tabs, using those drop downs to quickly allow/block/ask specific types of accesses.

Advanced granularity is available via expanding the list to view and manage explicit rule-sets."

[kinemitor]

You don't want to be able to search, filter, or sort your rules?

Yes

You want to have to backtrack through several windows to edit file groups?

what cis version are u using? groups are at one clic fron access rights in ver 5

You want to have to delete your exclusions to set CIS to block all access (assuming you're not juggling predefined policies)?

Alreally done
Only need to set the firewall to custom or D+ to paranoid
Also by entering parent control password and suppressing D+ popups

You don't want to be able to apply your changes without closing the window?

I wan to they apply when I clic apply also

Advanced settings are complicated. Have you ever opened the access rights window? It's nearly exactly what I'm showing. Override actions are set separately for Access Rights and Protection Settings. Asking which of those will be used, as if they can't both be used, suggests you're not familiar with what Access Rights and Protection Settings are

Im using cis for years
Im informatics student
Nearly exactly?  It is ok but applied in the wron way
Override rules should no be applied on per-case basis only on general so about the access right windows im not saying its wron not neither ok

Actually, I'm under the impression you've never actually looked at these windows in CIS. They're just as complicated as what I'm showing, save for the override action. So, if your one gripe is the override action, then how about, rather than wigging out, you suggest something constructive, or explain why the override is excessive?

***

And while there's value to a cold-reading, you can avail yourself of the rest of the thread, so that you can engage in at least a slightly informed fashion. Cause I get the feeling some of your questions were actually answered in this very thread, before you posted. For instance...
 

In more than 2 years am I never have seen these windows?  No comments
About improving it? I see a tap called basic switches, as I understand Its to select the default rule to be trigger in the first time? Its meaningless that should be removed
In access right tap
Default action or override action? What will be the one in use
It should be only one column of rules
But to add more personalization another set of rules for applications in general not in the list, I think that is what you actually wanted
***
Its seens like you hate me only for my opposite opinion

[glifford]

YesYes but file groups aren’t  edited all the time so its not necessary

I edit file groups rather often. Regardless, they are an advanced settings utilized in the window and so should be accessible from the window - not buried somewhere else.

Alreally done
Only need to set the firewall to custom or D+ to paranoid
Also by entering parent control password and suppressing D+ popups

I meant for one specific application.

Also, switching to paranoid does not accomplish what you're saying it does, because paranoid mode still observes exclusions.

I wan to they apply when I clic apply

Do you think my current implementation doesn't do that? What are you talking about?

Override rules should no be applied on per-case basis only on general

What is being sacrificed to have both general and per-case implementation?

In more than 2 years am I never have seen these windows?  No comments

Defense+ > Computer Security Policy > Application System Activity Control > Customize Policy > Modify Exclusions

About improving it? I see a tap called basic switches, as I understand Its to select the default rule to be trigger in the first time?

No. It's using the term "Default action" in exactly the same sense that CIS used the term before needlessly breaking another usability convention and doing away with a contextual title in the Customize Policy window.

Its meaningless that should be removed

The Default Action plays a MAJOR part in CIS, right now.

In access right tap
Default action or override action? What will be the one in use

Both.

Default Action fires after all other rules. Override Action fires before all other rules. The former maintains current CIS usability. The latter allows you to quickly block access.

It should be only one column of rules

It actually is, but not the way you're looking at it.

But to add more personalization another set of rules for applications in general not in the list, I think that is what you actually wanted

Global rules do not provide the granularity. Granularity is the objective.

Its seens like you hate me only for my opposite opinion

There's a big difference between voicing concern and doing what you did. You're not getting my sympathy and your attempt to play victim now doesn't help.

[glifford]

Alright. Here comes the next iteration. Some functionality was lost, some gained.

Notably, the ability to quickly change Default Action across the entire application policy is gone. But this is really not for novice users, and it is easily done by highlighting all Access Types in the Access Rights tab and making the change in any one of the highlighted drop-downs (the change will effect all highlighted items).

The Basic Switches tab should be far less intimidating.

[glifford]

Alight. This is just a small update.

I've moved the search feature below the table, and formatted it so it's not bleeding into a contextually different area of the window.

I've added import and export buttons for granular configuration management.

[glifford]

So I finally got around to making the first draft of the rule-add/edit window. It's in the OP, just keep scrolling.

[Valentin N]

I don't understand everything but I am looking forward to explore and to learn

Thanks for giving use nice idea glifford!
 

[glifford]

I don't understand everything but I am looking forward to explore and to learn

Thanks for giving use nice idea glifford!
 

Thanks and no problem.

If there's anything in particular you want me to try to explain further let me know.

[akhil]

the design looks pretty fine but  i think time has come when comodo internet security has two modes
1 autopilot mode with just the important settings with minimal customization for average not so net savvy common computer user
2 fine grained advanced mode for geeks and novices like me where one can go for all the tweaking of security
I usually love the informative alerts but i find most average users get confused by the great information at times security suits present
so be simple and add to popularity
and yes please have a big restore to default setting on main cis panel so that  i can revert to factory settings if i break something with my settings
regards
 

[microspy]

Wow! This is an amazing design UI for policy development. It is a torment when using the native policy tools to develop a whole set of policies. This one is much better than the CIS's Security Policy Settings now. It is clear enough for the policy creation, but I think it might be too complex for users to see the design , because most sets of policy are confusing and hard to be generally understand (UI needs to make complex things simple). I think it would be good to have a hierarchy diagram for the whole set of policy(e.g. It shows which policy has more priority and will override the others, or just show the judgement tree of CIS). It would be best if we can edit policies directly on the hierarchy diagram, adjust the priorities and behaviors. This will make CIS a more convienent tool for common users and policy development.

[Sagenth]

As with the firewall this all looks great. I do have one additional feature however which has more to do with logs than anything else.

Basically just add a log tab.

The idea is that using existing features of this design. I can run an application in the sandbox, I can then allow all and then enable logging of everything. Afterwards it would be nice to see a cleaned up organized log of everything that happened from the time of launch to the time I actually viewed the log.

I would of course have one or two views for the log, my preference would definitely be quite similar to the way the access rules are displayed.

Then for some ease of use and polishing allow the individual logs to be used as parameters for creating rules, via right click context menus and or buttons.

This type of analysis should also be accessible to the firewall. In that situation perhaps a bit more analysis could be done, for instance auto recognition of subnets and or ranges.

[k_ok_o_s]

Please, add this feature - http://forums.comodo.com/wishlist-cis/limit-read-access-to-particular-files-in-d-to-specific-programs-t59327.0.html

[eil]

i like all these too. though same as some users here don't understand it kinda. i see that Basic tab is like "for simple toggles and simple users", but next tab is a bit of a mystery   i presume Basic Action switch resembles same switch from 1st tab, but what does 2nd switch(Adv. Default)? same for Adv. rules...  could you please explain more? and sorry if those question are kinda stupid.

one more thing: i see an author of idea a wanted to say here already posted link, and what i see on Adding Rule section already resembles me a realisation of this -am i right?

[Tags:]