CIS Not doing the Job?

I’m just an average user and have believed in Comodo to be a good product. Two mags, PC World and PC Mag have written scathing reviews about CIS and recommended staying away from the product. Is there any difference between the paid version and the free version. According to PC Mag there is! They also blasted the AV for not being certified? Is this true? Thanks

remember these mags get money from other AV manufactures in form of advertising, do you really think they would say good things about comodo seeing as they are not making any money off of them? also they would risk loosing all of the money from current advertisers. The only difference between paid and free is that with the paid you get technical support, anything that happens a comodo employee can connect to your computer and fix it for you, simple as that. AV certification from what I know will be coming in version 4.

The only problems i have had with CIS was my computer locking up and i fixed it by just reinstalling it. I dont mind minor problems. I rather my computer lock up a few times than get hacked or my system messed up by a virus.

The difference is that the paid version give the user live technical support 24/7 and the application to secure wi-fi. (Trust Connect or something like that…) Other than that, the free and paid applications are identical.

Certified for what?

I don’t know if that argument holds water because early on all these mags were praising the Comodo firewall. Now the article says the AV only catches 30% of the test problems and the firewall now lets bad stuff through. I guess being certified would bring this discussion to an end. Thanks

Comodo has one of the best firewalls out there. It might be the best.

However, until the AV is certified I would recommend using another one. Defense+ will keep you safe, but only if you properly interpret the results.

As previously stated, the ONLY difference between the free version and the paid-for version is the inclusion of live support and Trust Connect.

Some may say PC Mag is lying.
Some may say PC Mag is influenced by commercial factors.
Some may say they just don’t understand or fully appreciate the layered nature of CIS’s protection.

Draw your own conclusions.

They also blasted the AV for not being certified? Is this true? Thanks

They were probably referring to certification by companies like ICSA Labs, and, in this, they are correct. CIS is not certified by ICSA Labs (or other similar certification bodies). Having said that, the whole concept of certification and the testing methodology should be examined.

These testing bodies test anti-virus products by settting up an infected system and then test to measure the detection and removal effectiveness. This method (detection-removal) is fine as is, but it completely ignores the added benefits of a third protection layer - prevention (which is one of the primary strengths of CIS).

One analogy that has been used is that this is like testing how well your health care provider looks after you after a car crash, without checking the safety features of the car itself. If the “car” is made safer, there is a reduced requirement on the health care. Similarly, if the prevention layer is better, there are reduced requirements on the detection-removal layers. This does not mean that the detection-prevention layers are not important, just that they need not be the primary focus.

This is the shift that needs to occur - prevention should be the primary focus, rather than assuming that bad things will happen and focus on remediation.

Imagine if a test started with a clean system and measured how much malware got through the prevention layer and how much remained after the detection and removal tools were used.

An organisation has been formed (AMTSO - Anti Malware Testing Standards Organisation - with the purpose of defining the standards that should be observed and followed to perform dynamic (prevention-detection-removal) tests. Once the guidelines are ratified and published, software vendors can create a test process that can be reviewed and approved by AMTSO. This, IMHO, is a first step in the right direction.

Ultimately, it comes down to the user, their perceptions, their requirements and their environment.

Find a security solution that meets your needs, suits the way you work and one that you are comfortable with. Providing it gives you an adequate level of protection, then it comes down to choice.

Ewen :slight_smile: