CIS 5.5 to 5.8

CIS 5.8 has the options under D+, Dont give Popup Alerts - Allow/Block, if set to allow, all the D+ popups are allowed automatically.

How can I achieve this in 5.5 by customizing the D+ settings? Can anyone help me with this?


More>Preferences>Parental Control>Enable password protection for the settings>Suppress Defense+ alerts if password protection is enabled

I want to allow D+ popups like in 5.8.

The settings you suggested, I think it will block D+ popups for any unknown, right?


That is correct, sir, I don’t know any other way to do it at this time…

What if I change the settings i.e computer security policy - applications - either set it to predefined policy trusted or click on customize & set all the options i.e access rights from ask to allow.


I believe, if you think your pc’s clean and have no malware infection, that you can safely set your D+ mode to Clean Pc Mode. That should greatly decrease the number of popups from programs ALREADY installed on the system.
Also, see that there are no pending files remaining.

I know all this. I am running CIS with default settings on my personal system. On my family’s system I want to set it 5.8 way i.e allow all D+ popus automatically. I tried 5.8 with this setting on my laptop coz its an old system so I wasn’t worried of CIS 5.8 being beta. There was no popup at all. I had also unchecked run installers outside the sandbox. And I found that this settings is perfectly suitable for my family’s system coz they dont have to face D+ popups running/installing/uninstalling apps. So I want to set D+ this way on their system. But I dont know the correct way of doing this so I asked in the forum here & had also sent a PM to egemen regarding this.

Can you tell me if the settings in my previous post is correct to achieve the 5.8 settings i.e computer security policy - applications - either set it to predifined policy trusted or click on customize & set the access rights from ask to allow. Both the settings works fine i.e no D+ popups. But I am confused as to which one is more correct i.e predefined trusted or everything set to allow?


Trusted is fine for static ones, that basically do not change.
Installer/Updater are for those that change via updaters… That includes patches too.

So you can use both Trusted and Installer as you see fit.

P.S. Installer/Updater gives unlimited rights so that’s allready all allow

Why don’t you just disable D+ if you want to allow all D+ alerts ???


I wouldn’t recommend this, as some installers can’t work properly if they are sandboxed.

If your goal is to just allow everything, you may as well just disable D+ Think about it for a second. You want to blanket allow every alert. What is it that you want from D+ at this point? It’s not protecting you from anything.

But if that is your goal with 5.5, just run in training mode. Exact same end result. Anything and everything is just allowed to run.

there is a setting in 5.8 which would “disable” the protection of defense+ without disabling the defense+?

if this is of no use in version 5.5, what makes it usefull in version 5.8???

Thats what I want to achieve. I want to allow all D+ popups automatically but I want D+ enabled coz if D+ is enabled then Autosandbox is also enabled & self protection is also there I guess. Without D+ i.e disabled I will not get autosandbox & self protection. The new settings in 5.8 allows me to allow D+ popups automatically keeping D+ enabled & therefore autosandbox & selfprotection enabled. So I thought if this can be achieved in 5.5 with some modification in settings.


If malware wants unlimited access and you auto-allow it and gains kernel level, you’re toast.

Unlimited Access Popup will be sandboxed. Other D+ popups will be allowed.

And I know the weakness in the product the settings will bring but that is whats called settings for average users. You cannot expect excellent protection with average users settings but then too I find it very good coz I know the type of user my family members are & for them this setting is quite good & suitable.

When CIS 5.8 releases then I am going to tweak this setting on their systems. But till then I want to achieve this setting in 5.5 otherwise they are asking me to install something different. But I think CIS with this tweaked setting will still be more strong than avast, avg & avira.


we need definitely a good description in the help file about this new function :wink:

The sandbox protection in 5.5 is weak. It’d been mentioned in the forum that malwares get through the sandbox. May be for average users, disable D+ is not much weaker than your prefer configuration.

Avast also got a auto-sandbox in their free version. You may consider Comodo Firewall (D+ disable) + Avast (with auto-sandbox) for average users.

Anyway, if you consider sticking to CIS, I think Training Mode in D+ may be close to what you want but no unlimited access pop-up though.

This is the reply I got from egemen

You may try to add “All applications” rule o the BOTTOM of D+ rules list and set everything in this ALLOW/BLOCK per activity. It has the same effect.

So this means that the “All Applications” rule thats there in the bottom of the D+ Rules, I should customize it & set all access rights from ask to allow, right?


Another reply from egemen

YEs. You can customize it to your needs. You have more flexibility with this approach.

No, the sandbox does stop malware. It’s just that people don’t understand that the inert bits left over after the infection was halted aren’t dangerous to their system.