Hi!
I am new to Comodo Internet Security 5.3.x and need some help to start up with it…
(i’ve searched the forum and read the manual but was not pleased with the results, maybe some things could be talked already about - sorry for that…)
I am running Win XP Pro SP3 and have used Sygate Personal Firewall 5.6 for years, but i feeled to switch over to a more modern software now, so here we go with some troubleshooting for CIS (Anitvirus / Firewall / Defense+):
1) My Configurations:
i like the idea to switch to a modus that would fit best to the current situation, but i am not able to preserve the basic firewall protection on all my configurations - that means on every modus i have to set up new basic firewall options/rules. is that right?
is it possible to set only 1 firewall config for all my configurations? (else it is a total nightmare to compare the firewall settings in all my configurations and to copy every rule to every my configuration)
if it is not possible to have a general firewall config/rule setup, would it be better to have only 1 my configuration and to manually enable the different CIS components like Antivirus, Sandbox, etc. if needed?!
2) Firewall Config:
-
Stealth Port Wizard:
how can i see what modus is currently running? what settings are behind that 3 options in detail? where can i see (and edit) these? -
Firewall Behaviour Settings:
“Create rules for safe applications” - what does this mean in detail?
if disabled only rules for unsafe apps will be set in “Network Security Policy”? what is about safe apps/where are they?/what is the config for safe apps?/can i edit them?
if enabled will it be setup a network rule for every app then? if yes will the user config for an app overwrite the safe application preset rules from comodo? -
Network Security Policy
i have set up rules under “Global Rules”. why i am asked to set up a rule for that global rules anyway by a CIS popup? i.e. i have a block rule for SMB (port 445) without log event fired enabled but i am still asked by CIS if the rule is fired? are global rules worthless?
is it normal that most of the network/app rules will become ‘custom’?
3) Antivirus Config:
-
is it also possible to have a global config for all my configurations?
-
Scan Profiles:
where can i see what is scanned by ‘Critical Areas’ and ‘Spyware’? edit button does not work here! -
Scanner Settings:
is it possible to config realtime scanning modes or to exclude files/filetypes? it is so slow to start applications and to work with if realtime scanner is running…
4) Defense+ Config:
-
is it also possible to have a global config for all my configurations?
-
Defense+ Settings:
“[ ] Create rules for safe applications” - what does this mean in detail?
if disabled only rules for unsafe apps will be set in “Computer Security Policy”? what is about safe apps/where are they?/what is the config for safe apps?/can i edit them?
if enabled will it be setup a defense+ rule for every app then? if yes will the user config for an app overwrite the safe application preset rules from comodo?
what does ‘Execution Control’ do? is it the same like antivirus enabled?
is ‘Execution Control’ and ‘Sandbox’ used for testing purposes on unknown apps?
are the rules for apps written after all the processes? so if i really want to work with software i have first to create rules and on the second run i can work as usual with the software? before the app rules are written, all the action of the software is virtual like a demo run? are all changes to my windows system virtual and lost after restart?
is it possible to create realtime rules so i can directly interact what my software is doing, how it is doing and enable or disable all the actions of the software in realtime - so i have to run only 1 pass to setup my defense+ settings?
…that’s all for now.
thank you for any help and more information about that! at the moment i am still a bit confused about the main workflow of CIS!
