addition of default automatic desion

Comodo has worked hard to reduce the alerts ,but this feature is not on y default. I think during installaion if an option to enable auto decision for safe application is added it will become easier for normant users

safe applications are allowed by deafult :slight_smile:
i guess you mean safe but not recognized by CIS. then you must submit it to be whitelisted.

Use Training mode for a while. When you’re installing new program.
I know it’s risky but It’s a way to be easier for novice users.
Like Outpost it has an option for use Training mode for a week after install.

but this leaves the user wide open to infection what if they install a malicious program the first day? then they are infected

I would advise against this. Training Mode is only intended to be enabled for very short durations since it will create “allow” rules for anything and everything.

Training mode suites more to a fresh installation without any internet connection, only known good, legitimate software installed … such cases.

It can cause huge damage, when used on an already infected/suspected system or an online system…

I mean ticking the create rules for safe application in both defence plus and firewall on

I never recommend putting training mode on ,just the auto rule for safe applications nothing else :frowning: . I think i have not been understood :((

I think you are misunderstanding what this option does. All this option does is creates an actual allow rule in the Computer Security Policy for each safe application. Since safe applications are already automatically allowed by default, there really is no reason to have an actual rule created in the list unless you want to edit the policy. Which is something novice users aren’t likely to do. In fact, it’s probably more confusing for them to see a long list of rules.

And if I recall correctly, this option was added because on some systems, a long list of rules created a large delay when creating new rules.

No, you didn’t say anything about training mode. User Ringman did, and the responses were advising that this was not recommended.

many of my friends complain of being bombarded by alerts so, i use it i think onlinle look up included in this option

This setting will not have any effect on the number of alerts you receive.

practical exp it does reduce :slight_smile:

From the help file:

Create rules for safe applications

Comodo Firewall trusts the applications if:

The application/file is included in the Trusted Files list under Defense+ Tasks;

The application is from a vendor included in the Trusted Software Vendors list under Defense+ Tasks; 

The application is included in the extensive and constantly updated Comodo safelist.

By default, CIS does not automatically create ‘allow’ rules for safe applications. This helps saving the resource usage, simplifies the rules interface by reducing the number of ‘Allowed’ rules in it, reduces the number of pop-up alerts and is beneficial to beginners who find difficulties in setting up the rules.

Enabling this checkbox instructs CIS to begin learning the behavior of safe applications so that it can automatically generate the ‘Allow’ rules. These rules are listed in the Network Security Policy > Application Rules interface. The Advanced users can edit/modify the rules as they wish (Default = Disabled).

So in a nutshell, by default, any application on your Trusted Files List, the Trusted Vendor List, and the Whitelist is trusted. In other words, no alerts for these applications and no need to actually create a rule.

However, if you wish to have CIS create rules that you can edit later, you can enable this option and allow rules will be created. If you are not planning on editing the rules, there is no need to create allow rules because by default, safe applications are already allowed.

So as I said, this option has no effect on the number of alerts you receive, and can adversely affect performance due to a long list of rules.

it would be nice if comodo could make automatic decisions. this usually is a lot less secure but if done correctly can be very beneficial. the advanced heuristics do a great job in valkyrie and determining malware. it would be great if they could combine their technologies to make a decsion. valkyrie, whitelist, blacklist, possibly DACS, and threatcast if it comes back.