CIS4 - A Classic Vision Overhaul

Given current development of CIS 5, this thread is now defunct. When the beta comes out, we’ll see if it warrants one of these threads. Until then, we can carry on the discussions in their own threads on the wish list (like we’re suppose to :P).

This is not just a wish list. This is a (massive) proposal.

  • To encourage Comodo to further polish/tweak the current UI.
  • To bring light to problems with the current UI.
  • To propose viable and detailed solutions to those problems.
  • To serve as inspiration for new ideas.
  • To scrutinize those parts of the UI that don’t get talked about much.

We will attempt to go through every last window, for a cohesive new vision for the classic CIS UI.

  • I will be updating this thread with iterations via new posts.
  • I will be maintaining a table of contents on this initial post, linking to the latest iterations.
  • I will be attempted to incorporate as many of your wishes as possible
  • I will be attempting to fix as many issues as possible aired in the Usability Forum (secretively).
  • I encourage your involvement, both written and visual.

If you make a wish here for which there is no current topic in the wish-list forum, copy that wish to a new topic and post it.

  • This thread is NOT a replacement for the entire wish-list board.


/ Summary [link] [0000.00.00]

/ Antivirus [link] [0000.00.00]

  • Scanning (Window) [link] [2010.04.04]

/ Firewall [link] [0000.00.00]

  • Adaptive Address Fields [link] [2010.04.05] Important
  • Application Network Access Control [link] [2010.04.07]
  • Firewall Behavior Settings [link] [0000.00.00]
  • Edit Address (Network Address) [link] [2010.04.05]
  • IPv6 Support [link] [2010.04.05]
  • My Blocked Network Zones [link] [0000.00.00]
  • My Network Zones [link] [0000.00.00]
  • My Port Sets [link] [0000.00.00]
  • Network Control Rule [link] [2010.04.08] Recent
  • Network Security Policy [link] [2010.04.07] Recent
  • Predefined Firewall Policies [link] [0000.00.00]
  • View Firewall Events [link] [0000.00.00]
  • View Active Connections [link] [0000.00.00]
  • Wizards [link] [0000.00.00]

/ Defense+ [link] [0000.00.00]

  • Access Rights & Protection Settings [link] [2010.04.06]
  • Application System Activity Control [link] [2010.04.06]
  • Computer Security Policy [link] [0000.00.00]
  • Defense+ Settings [link] [0000.00.00]
  • Image Execution Control [link] [0000.00.00]
  • My Blocked Files [link] [0000.00.00]
  • My Own Safe Files [link] [0000.00.00]
  • My Pending Files [link] [0000.00.00]
  • My Protected COM Int. & My COM Int. Groups[link] [0000.00.00]
  • My Protected Files & My File Groups [link] [0000.00.00]
  • My Protected Registry Keys & My Registry Groups[link] [0000.00.00]
  • My Safe Files [link] [0000.00.00]
  • My Trusted Software Vendors [link] [0000.00.00]
  • Predefined Security Policies [link] [0000.00.00]
  • View Active Process List [link] [0000.00.00]
  • View Defense+ Events [link] [0000.00.00]

/ Sandbox [link] [0000.00.00]
Given that the sandbox is under heavy development, this will be saved for later.

/ More… [link] [0000.00.00]

  • About [link] [0000.00.00]

  • Automated Configuration Helper [link] [2010.04.01]

  • Manage My Configurations [link] [0000.00.00]

  • Settings [link] [0000.00.00]

  • Synergy Links [link] [2010.04.08] Important

/ Log Viewer [link] [0000.00.00]

  • View _ Event [link] [2010.04.08] Most Recent

As this thread gets closer to completion, I will be creating a more refined version of this thread on the official Usability Board.

/ This is also a solution to the fact that I just post too many dang topics.
/ I am not an ambassador for the Usability Study Group. The views expressed here are independent and no indication of what is being developed.


Problem(s) Addressed:
It is not obvious what various components are set to what security level. It is easy to forget what various components are set to what security level. And It is unsettling to return to your computer after hours, only to realize that CIS has not been running at your preferred settings likewise for hours.

Implement a highly customizable alert/reminder/automation system to manage your configurations.

/ The Mode Drop-down allows the user to…

  • Disable all reminders only: “Disable reminders only.”
  • Disable all reverters only: “Disable reverters only.”
  • Disable all helpers: “Disable all my helpers.”
  • Override nothing: “Do not override my helpers.”
  • This applies across all three tabs.

[list]- Graying would be immediate, so getting to understand what a “reverter” is, is no real difficulty. It’s obvious upon disabling.

/ Custom settings are stored, so that when a user no longer enables one of the above overrides, their custom settings resume. Thus the Mode Drop-down also acts as a quick global toggle to enable a user’s custom settings.

/ The “Use advanced notifications” check-box allows the user to receive additional information in alerts about what features, in the ACH (Automated Configuration Helper), they have disabled or enabled.

[li]If everything is disabled, and “Use advanced notifications” is checked, then upon an action that would normally initiate one of the ACH features, the user is alerted that all their helpers are disabled.

  • It will otherwise append appropriate alerts.

/ “Disable my preferred configuration helper,” allows the user to disable the tab in one click.

/ Preferred Configurations are user-set to the security levels that the user prefers.

/ The options to remind/revert are self explanatory.

/ This window features the proper “Ok - Cancel - Apply” usability standard.

[attachment deleted by admin]

I agree with part of your post.

For what it’s worth, I LOVE the Bruce Campbell avitar. ;D

Haha thanks and thanks! The avatar is one of the Comodo forum’s stock avatars, but when I saw it I had to use it.


  • Access Rights & Protection Settings

This is what it looks like now.
Scroll down to see what it could become.

/ The user cannot immediately view their access controls.
/ This intermediary window is next to useless and not consistent with the Application Network Access Control window.
/ The look and feel of Access Controls and Protection Settings is anomalous.
/ The user cannot edit Predefined Policies or File Groups on-the-fly despite their application in this window.
/ There is no help link.
/ The window does not use the proper Ok-Cancel-Apply standard.


/ Contents are organized more consistently.
/ “Path” and its corresponding fields and buttons are not disabled because they should be editable at all times.
/ A “Copy From” button lets the user copy policies as in the Network Access Control window.
/ Drop-downs instead of radio buttons for a more intuitive read.
/ The window is now resize-able, but only vertically.

  • Maximum height is shown.

/ The window has both Help and Live Support links.
/ The window employs the Ok-Cancel-Apply standard.

/ This concept implements Synergy Links for a more intuitive work flow.

[attachment deleted by admin]


This is what it looks like now.
Scroll down to see what it could become.

/ Rule editing/creation is not consistent.
/ The user cannot review the entirety of the rule while editing/ creating it.
/ The user is not free to edit/ create zones or port sets on-the-fly, despite their being an integral part of rule creation.
/ No IPv6 support.
/ There is no link to Help, only Live Support.
/ The UI is unpolished.

DISCLAIMER: The following solution works just fine without additional IPv6 support.


/ All parts of the rule are visible at the same time.
/ Source-Destination & Port-Address are arranged in an intuitive matrix that emphasizes the relation between all four ‘Advanced’ quadrants.
/ “Address” and “Port” are italicized for faster recognition of each quadrant.
/ “Exclude” is set intuitively and space-efficiently into the quadrant border.
/ Enabling “Exclude” will add “(NOT)” before the title of the quadrant.

/ Drop-downs instead of radio buttons provide consistency with ‘General’ settings and allow for space efficiency.
/ The fields and drop-downs update live according to “Type:” chosen.

  • If a field does not apply it is deactivated but still visible (seen in the Source Port quadrant).

/ The Zone and Port Sets drop-downs have an additional option: Edit/ New…

  • The user can jump to the My Network Zone window or My Port Sets window respectively by selecting this option (in the corresponding quadrant).
  • This allows the user to follow a less rigid and more intuitive sequence in developing their network rules.

/ The Live Support link is split into a Live Support link and Help link.
/ Proper Ok-Cancel-Apply standard is used.

/ This concept implements Adaptive Address Fields.
/ This concept implements Synergy Links for a more intuitive work flow.

/ This is the “simple” view.
/ When opening an existing rule without custom ‘Advanced’ settings, or when creating a new rule, the window defaults to a collapsed mode.
/ When opening an existing rule with custom ‘Advanced’ settings, the window defaults to its expanded view in the previous picture.
/ The user can manually toggle between showing and hiding the ‘Advanced’ matrix, use the ‘Advanced’ toggle on the bottom right.

  • The completely black toggle arrow has been replaced with a softer more consistent one.

/ Enabling “Always show advanced parameters” sets every Network Control Rule window to always default to showing the ‘Advanced’ matrix, regardless of the contents of the rule.

  • It also disables the ‘Advanced’ toggle.
  • This check-box exists redundantly in the Firewall Behavior Settings window for better usability.

/ The user can also disable the rule.

  • This is in keeping with the new features of the Application Network Access Control, Network Security Policy, and Predefined Security Policy windows.

[attachment deleted by admin]


This is what it looks like now.
Scroll down to see what it could become.

/ There is no way to see the threats as the scanner finds them.
/ The window title does not properly identify the window.
/ There is no progress indicator.
/ The UI is unpolished.

  • Irregular spacing of elements
  • Irregular button size
  • Very basic window borders.

/ Show threats as they appear.
/ Add a progress bar/ time remaining estimate/ Objects Pending statistic (not yet shown).
/ Use a clearer window title.
/ Align elements/ fancy borders/ misc polish.


/ The title clearly identifies the window and lessens redundancy.
/ Information is reorganized slightly more coherently (maybe).
/ Space usage is more efficient.

  • The giant animation is removed. Rather, the large scanner icon on the upper right should be animated.
  • The smaller window size can allow the user to keep the window visible next to others.

/ A toggle to expand the window to see threats as they are detected is added.

  • The toggle is disabled when there are no threats.

/ The blue halo/blur/glow has been removed from the buttons (this is getting put back in).
/ The Live Support link is split into a Live Support link and Help link.
/ Left and right side window edges feature gentler gradients.
/ Button size is not yet fixed.

/ The toggle is enabled and red when threats are found.

[attachment deleted by admin]

The Problem /solution outline is well suited for the focus of this topic and the prototypes are very compelling :-TU

PS: Perhaps you could ask mods and create a separate topic for feedback and comments in a separate board and link it to this. (this post will self-destruct in that case but your effort will continue to be appreciated)

Hey glifford,

Fantastic set of posts. Nice to see a sharp mind at work. :-TU

While I agree with the vast majority of your suggestions/images, the concept of a collapsed Network Rule window doesn’t, to my mind at least, make sense.

Given that the thrust of your suggestions (other than logic and clarity ;)) is about exposing options that are logically required or related, as far as I can figure, the only network control rules that would require only a direction, protocol and action (and could be called, by your definition “non-advanced”) would be rules that either BLOCK ALL or ALLOW ALL.

Given that 1) a port agnostic BLOCK ALL rule would only need to be created once, 2) a port agnostic ALLOW ALL rule is IMHO plain silly and 3) all other rules would be, by your definiton, “advanced” (as they would have specific port info), the concept of a collapsed window seems to be rendered redundant.

What think??

Ewen :slight_smile:

@glifford, amazing job!Just amazing!I don’t know what to say more:)

I’m fine with this thread getting messy. The links on the initial post should be fine for making the thread navigable. Besides, this is the rough draft.

I think you’re right. I’ll be removing the toggle in the next update.

Thank you, Endymion, panic, & bequick, for the kind words.

Great work glifford :-TU :-TU :-TU

I really hope COMODO will do something about the UI soon. The current one sucks so much that it’s not even funny.

I completely agree with Saxuality.

Great work glifford.

IMHO the toggle for Network control rule is consistent up to medium Alert level (Default setting is Low) and should be retained as it already allow a fair degree of options (90 in theory though the viable choices are obviously less) with Action (3), Protocol (5), Direction (3) and Log (2).

The most simple approach would be to use it to create variants of Trusted and Blocked applications predefined policies (different logging preferences) but it could be used to create rules for TCP, UDP and ICMP separately for inbound and outbound traffic.


This is what it looks like now.
Scroll down to see what it could become.

/ It is not consistent with my Network Control Rule concept.
/ There is no link to Help, only Live Support.
/ The UI is unpolished.

/ Make it consistent with my Network Control Rule concept.
/ Include a Help link.
/ Use proper OK-Cancel-Apply standard.
/ Polish the UI.


/ Title is changed from Edit Address to Network Address (the Network Control Rule window isn’t called Edit Control Rule).
/ The window uses the same model as the Network Control Rule concept.

/ This concept implements Adaptive Address Fields.
/ This concept implements Synergy Links.

[attachment deleted by admin]

Thanks, and about the current UI. It’s not exactly a disaster. It’s really a great foundation. It’s just sorta like it got stuck in alpha.

Well now I think you’re right! I think I’ll link back to the design with the toggle included. ‘Advanced’ users can always set it to show the advanced rule-set by default.

Hell, maybe they need to put you on staff! ;D

Nice job. :-TU

Just one thought regarding the Network Rule dialogue, there is no provision for IPv6 rules. Granted, Comodo don’t yet support the standard, but they will have to catch up with every other firewall vendor, sooner or later.

Haha thanks. I could very well be out of work this summer actually… gui design would probably be an interesting thing to throw on my resume :stuck_out_tongue:

Hehe. Actually, I had considered IPv6 support, that’s why the IP and IP Mask aren’t formatted with fixed periods. I’m not sure why I haven’t brought it up though. In any case, thanks for bringing me around to talking about it.

Basically, my idea is this: there is no IPv4/IPv6 toggle or drop down, nor are any of the drop downs populated with IPv6 alternatives. Rather, CIS detects whether you’re using IPv6 or IPv4 by whether or not you use colons. If you use colons, it interprets your entry as IPv6.

This is a mess for the developers however, since it drastically changes the way CIS uses IP field entries. While this is way more than a refinement of CIS, it strikes me as the most fluid system (and necessary considering the fact that IPv6 is so often abbreviated).

Personally, I hate the way IP addresses are filled out in CIS. It’s cumbersome. If users could type their own periods in general that’d be nice.

Update: I just added a section on IPv6 support and updated some of the images to match. Thanks for the push :slight_smile:


/ This system would be better for CIS even if IPv6 is not implemented with it.
/ There are no IPv6 toggles or switches.
/ CIS now allows the user to type their own periods/ colons/ hyphens.
/ CIS determines whether an address is IPv6, IPv4, or Mac by what is entered into the field by the user.

  • Four sets (up to 3 digits), separated by three periods, constitutes an IPv4 address.
  • Eight hex sets (up to 4 digits), separated by seven colons, constitutes an IPv6 address.
  • An IPv6 address may have less than seven colons (and less than eight sets) as long as there is a pair of colons, or an Ipv4 address included.
  • If an Ipv4 address is included, there must be at most six sets and six colons preceding it (less if a pair of colons is present).
  • Six pairs of hex, separated by five colons, constitutes a mac address.
  • Six pairs of hex, separated by five hyphens, also constitutes a mac address.
  • There is no mac address drop down.

/ This makes for more fluid IP entry (no more digit lurching).
/ This accommodates the fact that most IPv6 addresses are abbreviated.
/ Punctuation is still auto-formatted to the extent that CIS adds a space on either side when a period or colon are inputed (for clearer readability).

  • Consecutive colons are given no extra space between.
  • Hyphens are given no extra space, as they inherently provide strong visual separation.

/ Drop-downs options for address “type” include:

  • “Any Address”
  • “Single Address”
  • “Address Range”
  • “IPv4 Mask”
  • “Host Name”
  • “Zone”

/ “Zone” is not present in the Edit Address (Network Address) window.
/ Only “Single Address” accepts mac addresses and hyphens.
/ “IPv4 Mask” does not accept colons or hyphens.
/ IPv6 addresses inherently contain a subnet mask, and so can be inputted in “Single Address.”

/ As the user types in the address a small marker displays on the right end of the field to give live feedback.

  • “v4” shows: if the address is recognized as a complete IPv4 address.
  • “v6” shows: if the address is recognized as a complete IPv6 address.
  • “Mac” shows: if the address is recognized as a complete MAC address.
  • “?” shows: if the address is not recognized as a complete address.
  • “?” shows: in blank fields that need yet to be completed.
  • “!” shows: if dependent fields (Start:End) do not match IP type.
  • Mousing over the marker should launch a tool-tip that describes what it means.

/ Changes cannot be applied if fields are incomplete or incorrect.
/ Attempting to apply changes with incomplete or incorrect fields will trigger an error message.

[attachment deleted by admin]