~ WHAT IS THIS? ~
A charrette (pronounced [shuh-ret], often Anglicized to charette and sometimes called a design charrette) consists of an intense period of design activity. The word charrette may refer to any collaborative session in which a group of designers drafts a solution to a design problem.
This is one of a series of charrette threads that I will be making to try and create an inclusive, consistent, and polished prototype for future versions of Comodo Internet Security. I am here to fulfill your wishes! - and some of mine - in the form of jpgs and pngs - to eventually be submitted in the secret (gasp!) usability sub-forum for review by developers.
YOUR ROLE: BE CRITICAL
I’ll be looking over the wishlist for features and suggestions to incorporate in our designs, but don’t hesitate to suggest ideas here. In fact, I encourage you to suggest ideas here - otherwise it’s not a charrette. Sometimes I have specific questions. To see them scroll down to the “Current Dilemmas” section. I also encourage you to check out the related threads listed below and support our resident wishers. Just make sure that, if your suggestion warrants its own thread, that you do make a thread for it. I am not replacing the wish list.
[b]~ APPLICATION NETWORK ACTIVITY CONTROL ~[/b] Login to view the image. ( Scroll further down to see rule creation)
^All optional features turned off.
^All optional features turned on.
GENERAL GUI ENHANCEMENTS:
- The window has been renamed to be more consistent with Defense+.
- The help button has been moved to the standard and efficient location.
- The application path can be changed on the fly.
- The Zones and Port Sets buttons allows the user to quickly access (add and edit) Network Zones and Port Sets. The user no longer has to backtrack through the interface.
- Import/Export buttons replace the Copy From button.
- The Import button opens an additional window from which the user can specify a file, existing individual rule, or existing predefined policy to append or overwrite the current application policy.
- The Export button allows the user to export the current policy or a rule-in-the-current-policy to a file - so that it may be individually imported at another time.
- The rule table can now be sorted according to its headers.
- The rule table Headers can be reordered left-to-right however the user wants them to be.
- With the exception of the Priority header and Description header, all Headers can be hidden.
- Header view settings are persistent across Application Network Activity Control windows for any application/policy.
- Quick toggles allow the user to quickly change basic rule settings.
- Users can scroll horizontally, so they don’t have to rely on tooltips or window resizing to see the entirety of a rule.
- Rules are rewritten in a more valid syntax.
- Filter and search functions are located below the table. They are activated with ctrl+f.
- A link to the application’s System Activity Controls (Defense+) window has replaced the help link.
- The window now sports an APPLY button, so the user doesn’t have to close the window mid work-flow to apply changes.
- The window can be resized.
- Minor graphical tweaks have been implemented in window elements and style.
- The rule table contains five quick toggles and one priority marker. Quick toggles allow the user to quickly change basic settings for a particular rule (or set of rules if multiple are selected). They are used simply with a single left click.
- The Priority marker lets the user know the priority of the rule even if the list is sorted in such a way that the rules are not in priority sequence. The Basic Rule is always rank 00. The Advanced Default is always rank ZZ. This naming convention allows over 1200 rules.
- The Priority marker does not react to a single left click like the other quick toggles. Instead, it acts as a grip with which the user can drag the rule.
- Upon clicking and holding the mouse over the Priority marker, a red sorting-divider will appear beneath the associated rule, and the table will sort itself automatically by priority (and scroll if necessary to the associated rule).
- The first quick toggle enables or disables the rule. It is the check mark.
- The second quick toggle cycles through Allow-Ask-Block and controls whether the rule allows, asks, or blocks.
- The third quick toggle activates/ deactivates logging.
- The fourth and fifth quick toggles allow the user to quickly change the maximum allowable traffic for a particular rule. Left clicking on the specified speed will open a small window in which the user can manually enter the preferred speed.
- The description updates live as the user toggles, providing intuitive feedback, and a smaller learning curve for new users.
- If the user is using custom descriptions, only the “Disabled” and Traffic Shaping markers will append/alter it.
- Quick toggles can be shown/hidden, sorted, or re-orded left-to-right like anything else with a header.
- The Show Custom toggle allows the user to quickly switch between custom rule descriptions and raw generated descriptions.
REVAMPED RULE SYNTAX:
RIGHT-CLICK & SPECIAL MENUS:
- Right clicking on a table header will give you the following options: Sort 0-Z, Sort Z-0, Do not Sort, Columns >
- The Columns sub menu allows users to show or hide certain columns.
- Right clicking on a specific rule will give you the following options: Add a new rule, Edit this rule, Remove this rule, Move up, Move down, Purge this rule (only shows if the rule is invalid), Log this rule, Enable/Disable this rule.
- The Select menu, next to the Application Path field, contains an additional option to manage file groups under Select > File Groups > Edit/ New…
- The Select menu, next to the Application Path field, contains two additional options: to add folders recursively and non-recursively. This functionality can also be achieved by manually text-editing the path, following it with “(recursive)” or “(non-recursive)” neither of which are case sensitive.
- The Predefined Policy drop-down, next to the Predefined Policy radio selection, contains an additional option to manage Predefined Policies at the bottom of the list called “Edit/ New…”
- The Copy From menu, next to the Custom Policy radio selection, contains an additional options to manage Predefined Policies under Copy From > Predefined Policies > Edit/ New…
ADVANCED OPERATIONS FOR RULES:
[b]~ NETWORK ACTIVITY CONTROL RULE (CREATION) ~[/b] Login to view the image.
^Adaptive Address Feedback.
GENERAL GUI ENHANCEMENTS:
- The help button has been relocated.
- Import and Export buttons have been added to allow the user to import and export individual rules from the rule creation window (i.e. without backtracking).
- User can disable the rule with a quick toggle.
- A Preview button allows the user to force CIS to generate a rule description on demand.
- Rule creation uses the more common and versatile ‘Local-Remote’ system.
- Rule creation is organized into an intuitive matrix, which organizes the rule in a logical fashion and does not hide vital details like the current UI does.
- The arrow at the center of the matrix changes direction and color according to whether the user chooses the outgoing/incoming/outgoing or incoming direction.
- The IP field does not supply its own punctuation anymore.
- The IP field understands abbreviated IPv6 notation.
- The IP field can distinguish between IPv4, IPv6, and MAC addresses, and subsequently, redundant options for IP type have been removed.
- Traffic shaping options allow the user to define the maximum allowable speed for ingoing and/or outgoing traffic according to the rule.
[li]Entering in a 0 will automatically show an infinity sign instead.
- The window now as proper apply button.
- The window has undergone several other visual tweaks.
ADAPTIVE ADDRESS FEEDBACK:
- CIS determines whether an address is IPv6, IPv4, or Mac by what is entered into the field by the user.
[li]Four sets (up to 3 digits), separated by three periods, constitutes an IPv4 address.
Eight hex sets (up to 4 digits), separated by seven colons, constitutes an IPv6 address.
An IPv6 address may have less than seven colons (and less than eight sets) as long as there is a pair of colons, or an Ipv4 address included.
If an Ipv4 address is included, there must be at most six sets and six colons preceding it (less if a pair of colons is present).
Six pairs of hex, separated by five colons, constitutes a mac address.
Six pairs of hex, separated by five hyphens, also constitutes a mac address.
There is no mac address drop down.[/li]
As the user types in the address a small marker displays on the right end of the field to give live feedback.
[li]“v4” shows: if the address is recognized as a complete IPv4 address.
“v6” shows: if the address is recognized as a complete IPv6 address.
“Mac” shows: if the address is recognized as a complete MAC address.
“?” shows: if the address is not recognized as a complete address.
“?” shows: in blank fields that need yet to be completed.
“!” shows: if dependent fields (Start:End) do not match IP type.[/li]
Changes cannot be applied if fields are incomplete or incorrect.
Attempting to apply changes with incomplete or incorrect fields will trigger an error message.
- What happens if CIS needs to learn a rule, but all 00 through ZZ are taken?
- Rule creation window.
- Traffic shaping functionality.
[attachment deleted by admin]