I'm 52 years old (at this writing). I've been an IT professional for (again, at this writing) 32 years; and since 1987 I have owned a management consulting firm which specializes in, among other things, technology-related issues. There is, almost quite literally, no computer-related (and few generally technology-related) thing(s) which I have not either done, or showed someone else how to do. From mainframes, to mini-computers, to all flavors of server and desktop machines, and virtually all known operating systems to greater or lesser degrees, I've pretty much fiddled around with it all. I'm even a halfway-decent programmer (experienced enough at it to know that if I ever did it as an exclusive means of earning a living, I'd be suicidal); and an unabashedly good systems analyst, designer, and developer. Granted, I don't know everything... er... well... wait a minute... maybe I do. [just kidding]
But seriously, I really do know my way around IT... and I've seen all manner of security software and hardware in my career. For many years -- especially during the DOS days -- I recommended McAfee. It's still good, of course... but not like the old days, when McAfee was more than just a product maker... back when it was an authority, and understood its obligation to society in that role.
Then, later -- especially after the advent of Windows -- I recommended Norton Anti-Virus for the desktop. In those days, it fared marginally better than all of its competitors overall, and significantly better than any of its competitors in heuristics (the ability to sense that something's likely to be a virus, even if it isn't in the virus database and can't, therefore, be specifically identified). In testing, Norton correctly found/sensed, pound for pound, more specifically-unidentifiable (because they weren't in its database) exploits than any other. That really was impressive. Back in those days, virus database updates were free forever, too... or so, at least, it was promised.
Then Symantec did to Norton what it does to everything it touches: It ruined it. Plus, as time passed, many of Norton's competitors -- including even many free ones, like AVG, just to mention one -- got better and better and better. In time, there started to become almost no point in preferring Norton over many others... including even some free products. That remains true, today.
I confess to only relatively recently taking Comodo's products seriously... something like maybe two or three years ago, give or take. I was aware of them, of course... but just didn't give them much of a look. I've since, however, made the free Comodo Internet Security (CIS) (and, before that, Comodo's firewall with its Defense+ component) my desktop and notebook computers' primary defense. I have some other products on my computers, too, of course... like the free SuperAntiSpyware, and free Malware Bytes; along with the venerable Spybot Search & Destroy, and also Spyware Blaster. Before I learned from my research that a-Squared-Free wasn't really worth the powder it would take to blow it up compared with pretty much any of the aforementioned, I had that on my machine, too. I also used to use Spyware Guard, but have since replaced it, as I'm about to explain...
Of course, I have all three CIS components (anti-virus, firewall, and the "Defense+" HIPS component) running in real time, constantly monitoring; and, of course, CIS does weekly whole-system scans.
I have free SuperAntiSpyware sitting in the system tray... but not because it's doing real time anti-spyware monitoring (which the free version won't even do). Rather, it's because the free version, though it will only do manual spyware scans, will monitor changes to the browser's "home page" (which is what I used to have the hasn't-been-updated-since-2004 Spyware Guard doing). By running free SuperAntiSpyware in the system tray, I also get quick access to it in Windows Explorer if I right-click (launch the context menu) on a file which I'd like to quickly scan before I unzip it or launch it. And, of course, I have free SuperAntiSpyware do weekly, manual, whole-system scans... just to fill-in where CIS may be deficient (not because I've actually found to be deficient, but because I know that no one product can usually be expected to catch absolutely everything... no matter how good it is).
I use free Malware Bytes strictly for occasional -- perhaps twice monthly -- manual whole system scans (again, just to catch what others maybe miss), as well as quick right-click (context menu) access to it in Windows Explorer.
I use Spybot Search & Destroy in much the same way as Malware Bytes (except that studies have shown that Spybot is fast becoming more of a "legacy" product -- a lot like me -- and is no longer as good at its advertised task as such as Malware Bytes or SuperAntiSpyware); but my biggest uses of Spybot are its often-updated and monitored HOSTS file, and its browser inoculation capability and concomitant real time browser protection feature. Though it works well (even if cryptically), I don't use Spybot's TeaTimer feature anymore because CIS's "Defense+" component better performs that task, and more.
And I use free Spyware Blaster because it's an even better browser inoculator than Spybot Search & Destroy. I'd never run an Internet-connected machine without it.
Finally, whenever my notebook's at home or at my office, it sits behind a hardware router/switch with NAT and true hardware firewall capability (though, of course, whenever I'm out using my notebook elsewhere, CIS's firewall is the only firewall there is).
Taken as a whole, these combined products -- with CIS at the forefront -- provide a virtually impenetrable fortress of security around my notebook... and my wife's as well. All the desktop computers at my office are similarly configured... that is, unless any given product has a restriction on it which I'm required to purchase because it's a commercial use, in which case I've so done... albeit usually grudgingly.
The thing is, though, CIS is actually capable of handling it all alone.
That's right: Alone. That's just one of the many remarkable things about it. If configured correctly, and used properly, CIS catches everything... every single last thing... in or out. It's a truly competent tool. Its user interface may or may not be pretty or easy for newbies to quickly grasp, and it may suffer from a few minor operational weaknesses which Comodo is fast trying to improve, but it does what it says it will do... and reliably.
It also plays nice with Windows. For as complex as it is, and as low-level as are some of its interactions with the OS, I'm sometimes surprised by just how effortlessly and well it runs on Windows without so much as an occasional hiccup. Whenever it has gone a little bit nutty, it's invariably because of something unusual and geeky that I've done which makes Windows itself unstable, or the processor overwrought, or which uses-up and doesn't properly release all the RAM, or which makes the video card think it's had a little electro-stroke... things like that which the normal, everyday user would likely never (or at least extremely rarely ever) do. CIS isn't particularly processor- or memory-intensive, either...
...though I'm very worried, frankly, that if the resource-intensive Comodo BO Clean product is eventually integrated into CIS, without any means of turning it off if desired (as I've heard may be Comodo's plan), that may change. But I'll cross that bridge when and if it comes.
Comodo's free firewall first came to my serious attention a few years ago when it was independently and credibly leak-tested and found it to be as good as (or better than) pretty much any firewall out there... including nearly all of its not-free competitors. Since I knew and trusted the entity doing that testing, I promptly gave Comodo's firewall a look. I put it on three machines; and then, on one of them, I gave that firewall one of the most intense runs for its money that I'll bet anyone out there ever has.
And, boy-oh-boy, was it was ever up to the task. When I dug-in to its settings, I found some of the very same things that are on some of the top-rated hardware firewall appliances with which I'm in-some-cases-fairly intimately acquainted. I've long been, for example, a huge fan of SonicWall products. Once that company conquered some of its products' memory issues back in 2000 and 2001, and it started releasing really nice firmware updates for most of its higher-end firewall appliances, it quickly rose to the top of the heap among makers of such devices. Most IT pros don't even know how to use most of the finely-adjustable features on most of the higher-end SonicWalls. I was stunned -- almost literally -- when I found many of those same kinds of advanced settings in the free -- and I emphasize the word "free" -- Comodo firewall which I had just read performed so well in independent testing. I honestly couldn't believe it.
I've been using it as my one and only software firewall on all machines ever since. Never looked back. The Windows Vista firewall... well... what a joke... even when not compared with the Comodo product; and especially when so. When it comes to at least the firewall, it's Comodo for me, or nothing at all.
Whatever makes it past the firewall (nearly always as a result of operator, and not firewall, error due to a web site which shouldn't have been visited using a less-than-securely-configured browser (or a script thereon which was stupidly allowed to run); or because of an email attachment which shouldn't have been opened) is quickly spotted by one or more of CIS's other components, to wit: If the exploit's methodology is the common tactic of exacting control via buffer overflow, CIS's "shell injection" capability will prevent it. If the exploit's methodology is virus-like, then the anti-virus component will spot it... heuristically, if it's not in the virus database. If the exploit's methodology is trojan- or spyware-like, then the "Defense+" host intrusion protection (HIPS) component will stop it dead in its tracks, and will notify the user via a can't-be-missed-on-the-screen pop-up warning.
Granted, among the complaints of its detractors about CIS is that its pop-ups are just too many, and too annoying; that its heuristics and HIPS isn't "intelligent" enough; and that, therefore, it's, in effect, overly-secure and pesters the user with too many individual warnings. I actually agree, a bit, with that criticism. I've, more than once, turned CIS to a less-secure defense level just so it would stop hounding me about something so I could get my work done... or, to be painfully candid, so, in a few cases, I wouldn't just up and lose it and throw the laptop to the concrete floor. Shame on me, sure... but shame on Comodo, too.
Windows Vista, as shipped, also suffers from much the same sort of over-vigilance; and for that reason, many Vista users turn off User Account Control (UAC) and other of Vista's harassments-in-the-name-of-security. Microsoft has since learned that end-users just won't tolerate such things. Therefore, it has made Windows 7 more end-user-adjustable so it can become more "silent" in its security warnings unless something really serious rears its ugly head.
I'm happy to have recently read that Comodo has learned the same lesson; and that a soon-to-be-released version will be more "silent" (in terms of pop-up warnings) than ever... capable of going head-to-head with any of its competitors which seem to have already figured out how to keep pop-up warnings to a minimum while still providing top-flight protection.
Except for such things as browser inoculation, providing a system HOSTS file and keeping it locked and watching for attempted changes to it, and monitoring changes to the browser's homepage, there is really nothing which even the not-free versions of any of the other products on my machine can do better than CIS does. It really could adequately handle it all alone if I let it.
That's why I only use the free versions of those other products... versions which (except for free SuperAntiSpyware and its browser homepage protection) won't do any kind of real time monitoring. CIS does that beautifully, with no help from anyone! If it weren't for the two or three things I've listed above which some of those products do that CIS doesn't, then I'd really only use those other products because something in my years and years of experience tells (read: nags) me that I should... you know... just in case... even though nothing since I've started using CIS ever has gotten through... at least not as long as I've always taken seriously (and have properly responded to) CIS pop-ups and other warnings.
That's the thing about CIS, you see: As long as it's set up right, and the end-user knows how to (and actually does) properly respond to its pop-up warnings, nothing can get through. Nothing! It really can be, if used properly, a solid and impenetrable wall of protection.
Few other products -- free or otherwise (but especially if free) -- can make a claim like that!
Now, Comodo Internet Security (CIS) isn't perfect. Nothing ever is. All indications, however, are that by 2009's end, CIS will have become closer than most ever expected it would to that unreachable goal... and closer than many of its competitors, especially among the freebies. In fact, among free products, CIS already has no rival to speak of. Granted, CIS's anti-virus component, alone, may or may not be as good as some of its free competitors. Comodo's feverishly working on that. However, CIS, taken and properly used as a three-component whole, with each part allowed to do its thing as intended, beats 'em all... at least all the freebies. That such an amazing security suite can be available at no cost is truly astonishing to me. I shake my head in disbelief every time I think seriously about it. And remember... in 32 years, I thought I'd seen everything. Heck, I'm even starting to see some things over again, for goodness sake! And I've never seen anything quite like CIS... at least considering that it's free, I mean.
Frankly, CIS has few, if any, rivals among not-free products, too; and it seems very unlikely to me that that's not giving more than one of Comodo's competitors, who charge not-insignificant amounts of money for their similar (and sometimes sub-standard) products, more than a few concerns. Comodo, therefore, is accumulating many enemies.
Admittedly, CIS, at this writing, isn't a particularly "friendly" piece of software... though, that said, it isn't inordinately unfriendly, either. Its interface is... well... a little odd, actually; definitely not in full compliance with the Windows API... which I, personally, find a little troublesome. On the upside -- for me, at least -- is that it's user interface isn't "dumbed down" to the lowest common denominator, like so many other Internet products which, in the opinion of techno-geeks like me, don't (because of their overly-friendly user interfaces) allow sufficiently-granular configuration and customization.
But non-technical users -- especially if they're former Mac or AOL users... both of which, as groups, tend to be not only notoriously non-technical, but often arrogantly proud of it -- may very well be a bit challenged by CIS's user interface. However, it is my understanding that that, too, will be remedied in 2009 with the implementation in a soon-to-be-released version of various levels of selectable user interface complexity... which is music to at least my ears. If done well, it will completely eliminate the complexity complaint sometimes cited by the non-technical. (And, yes, I realize that I just offended a whole slew of Mac and AOL users. Oh, well.)
All things considered, Comodo Internet Security (CIS) is a truly remarkable and amazing product. In my three-plus decades of paying serious attention to such things, I've never really seen anything quite like it. One must turn to the open-source community to find even remotely similar analogs in terms of such quality being available completely for free... and none of those are security products. Perhaps the best-known of the open-source anti-virus products out there is ClamWin, which is notoriously poor-performing... virtually any free anti-virus product out there can summarily dispatch it.
I'm not saying that CIS is the end-all and be-all of products of its type. I am saying, however, that its three components, combined, and when used as directed, create the hands-down best package of its type among the freebies; and it may very well soon be that among the not-free products, too...
...to the chagrin, no doubt, of its competitors.
Why more people don't seem to know about CIS, and talk about it almost to the exclusion of all its competitors, is a bit of a mystery to me. I'm sure it's at least partly because of the earlier-mentioned, less-than-friendly-to-newbies user interface. It's true that that's a real barrier... but one which will, as mentioned above, soon be remediated. The perceived heuristic weaknesses and overly-aggressive HIPS notifications also seem to irk some people... though if what I've read is true, those, too, will soon be non-issues. Any other barriers to CIS's ubiquitous popularity which might exist, I simply can't imagine. It's a fine product, even as it is today; and it's apparently going to be somewhat better in the not-too-distant future.
I confess to being completely enamored of it. I'm sold... lock, stock and barrel. But I'm not a blind disciple. I've never drunk any product's Kool-Aid. If CIS trips-up, you can bet I'll be the first to scream the loudest, and to criticize the most severely. Believe me when I say that I'm well-aware of CIS's current weaknesses...
...few, if any, of which, though, have a darned thing to do with how well, in the final analysis, it actually and matter-of-factly protects my machines; and that's what matters most. Whatever else there is that's less-than-ideal about CIS is minor, by comparison; and if what I've been told is true, most of any of that will be so markedly improved-upon by year's end that those things will soon become non-issues altogether.
I don't know about anyone else, but I think Comodo's CEO has done an amazing thing, here. My hat's really off to the guy. I could be wrong, but I believe he's about to turn completely on its head the very market in which Comodo Internet Security finds itself. I know that that sounds almost like a paid, overly-gushing commercial endorsement or something...
...but one of the benefits of being older, and having been around for a while, is that I've seen all kinds of stuff come and go... some of it good, much of it bad. As such, I'm in a pretty good position to quickly recognize something really special when I see it. And in Comodo Internet Security, I'm seeing it... warts and all, perhaps... but there's magic there, nevertheless.
Now, who knows... Comodo Internet Security (CIS) may or may not improve as promised. Or it may eventually be knocked off it's current pedestal of relative superiority by something far better and equally free. Or, heaven forbid, CIS could turn completely fee-based, with the free version (if there even is one) being partially feature-disabled... as has happened with so many other products... including those which, like CIS, were promised would be free forever. No matter what Comodo's CEO says, if he were to ever eventually sell his company to another (which is often the fate of the small-yet-successful such as Comodo), that's a very real possibility. Such has been the fate of all manner of very cool computer products over the years which have distinguished themselves as CIS is now doing. All good things, after all, usually come to an end. I've been around long enough to see more of that than I can even remember; and for all any of us know, it could happen here, too. (Though, perish the thought!)
But right now, today (and, if Comodo keeps its promises, then also for the foreseeable future), CIS, warts and all, is either already best-of-breed, or soon will be. And it's free, to boot.
If that's not remarkable, then I don't know what is.
Gregg L. DesElms
895 Jackson St., #319
Napa CA 94559-1321
(206) 984-1288 (fax)