CFP should have a Sandbox that supports virtualization

I want a Sandbox in CFP just like other Sandboxes that support virtualization like Sandboxie, GesWalll and DefenceWall. Currently CFP D+ has limited policy sandboxing ability but no virtualization support. That makes sadboxing ability of CFP very basic( ioslated application pre-defined policy).

Actually the filter in isolated policy should have an option of Virtualization. Like say I put my browser in predefined policy of Isolated Application, now if browser wants to access some registry entery that will be blocked by policy and browser functioning will be limited. Instaed if there is an option of “Virtualize” in addition to Allow and Block , i will mark protected registry access as Virtualize. Same may be true of Protected Files.

There are actually two types of sandboxes:

1- Full virtualization sandboxes with minimal or strict policy restrictions like Sandboxie( less policy restriction) and SafeSpace( stracit policy restriction)
2- Sandboxes with registry virtualization mainly ( and policy restrictions for files etc) like GesWall, DefenceWall

Both these types of Sandboxes may have builtin specific allow rules to allow smooth functioning of commonly sandboxed applications like browsers, messengers etc. Any of these two types of sandboxes will be a nice addition to CFP, currently it has only ability of policy restrictions.

Such a Sandbox is already implemented in EQS v 4 beta. A thread about this version and Sandbox is here.

It,s a very nice concept. I want CFP to be an all in one application- Classical HIPS, Sandbox and Behav blocker( it has already on-deamnd scanning as well).

What do u think about such a feature in CFP? Please give ur votes.

Thanks

I don’t know for sure but I think Melih has said before that this was sheduled, I could be wrong, I don’t know for sure

Voted for, a sequential suggestion.

I think is not a good idea. i don’t think virtualization can be added without writing a considerable amount of new code and that doen’t only means a heavier application but an increased risk of bugs and conflicts. Also increases the perceived complexity for users that don’t use the virtualization feature.

IMHO a separate app from Comodo makes more sense.

There’s already free sandboxing programs like Sandboxie and Bufferzone, and virtualization softwares like VirtualBox and VMWare Player. I don’t think tis should be added in CFP 3, as that’s not really the job for a firewall or HIPS.
(By the way, sandboxing is when you create temporary files/folders and registry that’s written instead of the real ones, while virtualization is a software that virtualizes a PC’s hardware)

1- As i said I wish CFP to be an all in one application.

2- The two terms are being used loosely in case of all sandboxes. I am not an expert of terminology. JUst wanted to covey the meaning of what I wrote.

EQS people have already done the job. EQS is lighter than CFP and I expect it to be lighter even after addition of Sandbox. So CFP can be kept lighter even by the addition of such a feature.

Well Comodo has done a good job and done it well. Comodo is the most powerful and configurable FREE firewall out there. I have used them all and believe you me Comodo is the best. As far as Sandboxie no need. If you have D+ in Clean PC Mode anything new introduced will be in your pending files.

This is the kind of mentality that leads to bloatware.
The name of the product is Comodo Firewall Pro.
It is a FIREWALL.
What place does a sandbox have in firewall?! ???

If there is a decision to add every security feature under the sun, then a name change is in order:

  1. Comodo Ultimate Security
  2. Comodo Security Pro
  3. Comodo Universal Security
  4. Comodo Omni Security

Zonealarm has different firewalls to meet the demand of different market segments.
If Comodo insists on focusing on an everything-but-the-kitchen-sink product, then Comodo should maintain the v2.4 version as a separate product line because some people simply do not want an all-in-one product, even if they can simply “switch off” parts of it.

Well said AXL. (R)

some people simply do not want an all-in-one product, even if they can simply "switch off" parts of it
For me the most universal approach is to have all-in-one (firewall) product there 'all' of course is optional but nevertheless included. Sorry for my English.

Operating Systems are changing
Malware is morphing
Threats are changing
Attacks are changing

we have to continually make sure we “Firewall” end users from these threats! As always, we will make it as modular as possible so that end users can choose what to install or not. Like we have done with Comodo Memory Firewall. But a lot of areas require firewalling and we use the Firewall in its general term as protection. We Firewall the end user!

Melih

We Firewall the end user!
Namaste

Oh ho…
this seems eerily similar to the rhetoric used in Microsoft’s defense for making IE “integrated” into Windows.
IE is undoubtedly more powerful because of this, but at the price of making the OS more complex, with more open issues.
Firefox has not become a part of the OS, and that is why many prefer to use it.

Integration may be best for some users, but there will always be a sizeable market who are willing to sacifrice some of the extra power all-in-one security can provide for the sake of SIMPLICITY.

The functions that make a firewall a firewall are not ambiguous.

A firewall is like the guy at the door checking who can get in an exclusive club; all he should be concerned about is who is getting in or getting out, not about how the guests are “behaving”.

1- From all in one, i don,t mean a security suite. I mean all type of application control with basic FireWall finction.

Means to say:

Calssical HIPS
Behave vblocker
Sandbox
Inbound and OutBound FireWall

That,s ALL for me. I don,t actually mean to add a scanner, real time signature based monitor, parental control, antipsam etc- not a Suite.

2- If u just insist on a plain FireWall, have a look on definition of a firewall first. In that case, CFP is already a big bloatware.

Hi, thanks. This modular approach is very nice. So anyone can install just what he wants. Very good approach indeed.

the point you are missing is the way these firewalls are being bypassed. What good is a security product if it can be bypassed? And as there are new ways to bypass these firewalls due to new architectures etc in OS (eg: COM interfaces is a good example) the need to add additional security is increasing.

melih

That,s ALL for me. I don,t actually mean to add a scanner, real time signature based monitor, parental control, antipsam etc- not a Suite.
For you and for me maybe, but COMODO team must take into account average user. According to Kaspersky statistics most people prefer to have a [b]compact[/b] package that provide virtually [b]complete[/b] protection. Besides keeping mixed security engines at the same desktop is potentially insecure owing to probability of unexpected overlaps in their work. Of course user must be free to decide what to disable/re-enable during the installation or anytime later.

In a pic below working scanner as a vivid illustration of such integration.

[attachment deleted by admin]

Ok, but how to know who should come in and get out(with what informations) if you don’t know its behavior…
For now we can control access to specially protected areas (reg., files and folders) I think further improvement should be added with distinction and recognition of who and with what intention(command line) is permitted to read, write, change or delete on strategic places on the host.

If we have “Clean PC mode” by default, users must be sure that their PCs are actually clean, logic is understandable but means is questionable (engine is weak if you ask me)