This is what it looks like now.
Scroll down to see what it could become.
Problem(s) Addressed: / The look and feel is anomalous. / The window is not resizable. / The user cannot quickly edit basic rule parameters. / There is no help link.
LOG IN TO VIEW SOLUTION IMAGES
/ “Path” and its corresponding fields and buttons are not disabled because they should be editable at all times. / Buttons are moved to be more consistent with the rest of the UI. / Zones and Port Sets buttons are added for better access to features.
/ The user can activate or deactivate individual rules with check boxes. / The user can quickly toggle logging by clicking on the log icon. / The user can quickly cycle between “ask” “allow” and “block” by clicking on the action icon. / When one mode is selected, the other is deactivated for clarity and usability.
/ The window is now resize-able, both horizontally and vertically. / The Application Path field expands horizontally with the window.
/ The window has both Help and Live Support links. / The window employs the Ok-Cancel-Apply standard.
This is what it looks like now.
Scroll down to see what it could become.
Issue(s): / This window is lacking desirable functionality.
Cannot quickly edit basic rule parameters.
Cannot disable a rule. / Zones and Ports as tabs is inconsistent with group implementation. / There is no help link.
LOG IN TO VIEW SOLUTION IMAGES
/ Rule names can now extend past the margin at which the Policy column begins. / Look and feel of the table is significantly redone to reduce clutter. / Zones and Port Sets buttons are added for better access to features.
/ The user can activate or deactivate individual rules with check boxes. / The user can quickly toggle logging by clicking on the log icon. / The user can quickly cycle between “ask” “allow” and “block” by clicking on the action icon. / The user cannot do these things if the application uses a Predefined Policy.
/ The window has both Live Support and Help links. / The window employs the proper Ok-Cancel-Apply standard.
Issues(s): / The user is not free to edit/ create Zones, Port Sets, Groups, or Predefined Policies on-the-fly, from several windows, despite their being an implemented those windows.
LOG IN TO VIEW SOLUTION IMAGES
/ “Edit/ New…” is added to Zone drop-downs.
Selecting this option will launch the (My) Network Zones window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to Port Set drop-downs.
Selecting this option will launch the (My) Port Sets window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to Use a Predefined Policy drop-downs.
Selecting this option will launch the appropriate Predefined Policies window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to the Copy From > Predefined Security Policies menu.
Selecting this option will launch the Predefined Securty Policies window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to the Copy From > Predefined Firewall Policies menu.
Selecting this option will launch the Predefined Firewall Policies window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to the Select > File Groups menu.
Selecting this option will launch the (My) File Groups window.
Changes applied are reflected in the parent window.
/ “Edit/ New…” is added to the Add > File Groups menu.
Selecting this option will launch the (My) File Groups window.
Changes applied are reflected in the parent window.
/ The above applies to ALL windows that use the above menus and drop-downs.
Please say you’re going to turn your attention to the logs next. :-TU :-TU :-TU :-TU :-TU
I’d love a way to be able to see what rule caused a log entry and from there be able to directly modify the rule. This would make troubleshooting and diagnosing much, much simpler.
Haha. Something like that. Actually, about doors and usability, I design all my public restroom doors to open outward. Cause people don’t wash there dang hands!
Anyway I got bored of the auto-config helper thing and decided to warm myself up to the log viewer by starting with the individual view _ event windows. So that’ll be posted in a minute…
This is what it looks like now.
Scroll down to see what it could become.
Issues(s): / The user cannot export from these windows. / The user cannot jump to corresponding rules, alerts, or events from these windows. / The windows are inconsistently organized. / There’s a typo. / There is no help link.
LOG IN TO VIEW SOLUTION IMAGES
/ Information is organized clearly. / All fields are copy-able text. / The Associated Alert field shows the Description of the alert. / The Associated Rule field will show a custom rule Description if one exists.
/ “Open…” allows the user to open the associated alert in a View Alerts Event window.
This closes the View Firewall Event window.
/ “Go to…” allows the user to open the Application Network Access Control window, with the associated rule selected.
If the rule is a Global Rule, the button opens the Network Security Policy window, with the Global Rule tab active, and the associated rule selected.
This does not close the View Firewall Event window.
/ “Export…” allows the user to export the single event as html or text.
This does not close the View Firewall Event window.
/ In the case that there is no assocated rule or alert, the appropriate line is grayed-out (deactivated).
/ The sequence of fields is reorganized. / The Associated Event field will always show in raw rule format, whereas the Associated Rule field will show a custom rule Description if one exists.
/ “Open…” allows the user to open the associated event in a View Firewall Event window.
Edit: glifford, you’ve obviously given the UI – and the software itself – a great deal of thought. As an experienced user (I’ve been using computers since 1966 ;D) as well as an IT professional, I find myself in agreement with your suggestions. :-TU :-TU :-TU
There is one thing in CIS that has seemed to me a waste of resources from the start: when you write an individual rule (e.g., allow incoming UDP from LAN) for a given app, you can’t re-use it in another app, you have to create a copy of it.
A database of rules would avoid this. Additionally it would make life simpler for the end user.
I realize a change like this would need a complete overhaul of CIS, but I believe it would ultimately reduce the resources (RAM and CPU) required by it.
How about: when right clicking on an individual rule (or group of only rules) in the Network Security Policy window, there is an option to “Copy to >” which spawns a sub menu that lists all the other applications/ groups in the Network Security Policy window?
I realize this doesn’t address the guts of your post, but it does provide some missing functionality.
Also, spoiler alert, this right click menu option will also apply to the Predefined Firewall Policies window. I’m going to design the window with the same tree format as the Network Security Policy window, so you can see the rules under each Predefined Policy.
Does CIS really not use a database to store rules?
Of course it does - providing you call the registry a database.
The suggested reworks of the individual event dialogues are very good. The same principles could similarly be applied to the log viewer (reached by clicking the MORE button in the events window.
Kepp going - you’ve got a lot of peop[le thinking now.
Your screenshot of what the firewall alerts look like NOW is simply not correct. The firewall events window displays all current events (as does the D+ events window), not a single entry as shown in your image. Also, there is a typo (“firewal”) in the title bar.
Bit of an oops on your behalf??
Ewen
Issues(s): / The user cannot export from these windows. / The user cannot jump to corresponding rules, alerts, or events from these windows. / The windows are inconsistently organized. / There’s a typo. / There is no help link.
LOG IN TO VIEW SOLUTION IMAGES
/ Information is organized clearly. / All fields are copy-able text. / The Associated Alert field shows the Description of the alert. / The Associated Rule field will show a custom rule Description if one exists.
/ “Open…” allows the user to open the associated alert in a View Alerts Event window.
This closes the View Firewall Event window.
/ “Go to…” allows the user to open the Application Network Access Control window, with the associated rule selected.
If the rule is a Global Rule, the button opens the Network Security Policy window, with the Global Rule tab active, and the associated rule selected.
This does not close the View Firewall Event window.
/ “Export…” allows the user to export the single event as html or text.
This does not close the View Firewall Event window.
/ In the case that there is no assocated rule or alert, the appropriate line is grayed-out (deactivated).
/ The sequence of fields is reorganized. / The Associated Event field will always show in raw rule format, whereas the Associated Rule field will show a custom rule Description if one exists.
/ “Open…” allows the user to open the associated event in a View Firewall Event window.
This closes the View Alerts Event window.
[/quote]
The typo is Comodo’s error. And that’s not the View Firewall Events window. That’s the View Firewall Event window. You get to it by double clicking an entry in the log.
Edit: Hmmmm… did a joke just zoom right over my head?
Speaking of predifined policies, currently when you create a new application policy and use the “copy from” function, the copied rules will replace the current ones, if any. It would be nice to have a choice of replacing or adding to the current rules. IIRC I already suggested this about a year ago…
I suppose it does, but it doesn’t use it like a database, just as a repository.
Have an option to turn the “make a restore point” and “submit to comodo” check boxes in the popup OFF - I like to have the advanced popup but I don’t want those options, which I am NEVER going to use.
Get rid of the big “subscripton information” box and “PC support” button on the main page
Ship it with the BLUE skin by default, red looks rediculous
Search function in rules, or even just make the column headers to sort the entries by alphabetic when you click them…
MAKE THE AV SCANNER MINIMISE TO SYSTEM TRAY!!!
Sorry for shouting, but the fact it can’t minimise to tray is so bloody annoying!
:-TU :-TU :-TU :-TU :-TU
