CIS 4.0 - Firewall Training Mode not function

I installed CIS 4.0.135239.742 to a Win7 German 64bit. I added the local network to my “network zone” and the access from that network (locally named). Nevertheless, I am unable to access even in training mode, for example, via remote desktop on the computer. Also, I can not reach a share on that computer.
Only when I turn off the firewall, everything works as it should.

What have I missed? Respectively. It is possible that this is otherwise an error?


Can you post screenshots of your Global Rules, your local network zone and Firewall Events?

here are the screenshots.


[attachment deleted by admin]

Are you using Internet Security configuration? Check under More → Manage My Configurations?

I noticed on my system (Win 7 32 bits) that when changing the Global Rules to yours (v3.x style) it is not alerting for incoming traffic like one would expect.

Try changing the Global Rules to the default stealth. Go to Firewall → Common Tasks → Stealth Ports Wizard → select "Block all incoming connections - stealth my ports to everyone " → Finish.

Now try again if you can access shares on your other computer again. Notice, when programs need an open port for incoming traffic you won’t be notified about it and you will need to edit Global Rules to open ports. Let me know if you need help with that.

I took the second option.

Alert me to incoming connections and make my ports stealth on a per-case basis.

Now the firewall is asking me like in CIS 3 when to allow or deny . Thank god. It’s working again.

But why hide it or make it so difficult???

With v4, among other things, the Global Rules of the Proactive Security configuration became the new default. That was done to tighten up the default security.

We get a lot of help requests for help this type of situation.

The Stealth Ports Wizard has always been part of v3 and v4 and is still in the same place. Lot’s of people who have been using the default configuration simply never knew about the other possiblities of CIS.

CIS is simply is a very versatile tool that can make the biggest safety concerned fanatics happy as well as the mainstream users.


How can I use a share on a pc in a trusted network zone. I can’t connect to a share.

and… for what the training mode is? I see no function. these directives work only for the creation of outgoing?


Please make sure that the rules for in and outgoing traffic for the intranet are both present in Global Rules and the application rule for System.

If these rules are absent in one of them or both run the Stealt Ports Wizard and use “Define a new trusted network - stealth my ports to EVERYONE else” to add the Intranet zone.

I must apologize. Ashes on my head …
I have reinstalled Win7 and forget to enable file and printer sharing. ??? :-[

Now everything works.


Glad you fixed it. And sometimes we forget those Windows settings… it’s only human…

Training mode has always been for installation or first use of known safe programs with no alerts being given and all the actions of those programs being learned and allowed by CIS. There have been many instances where using training mode was the only way to get some applications (mostly full screen games but not limited to them) to work or install properly. It seems that with v4, you also have to disable the sandbox before entering training mode.