Comodo Firewall 3 Final Review

First of all I would like to say that this is a review of CFP 3, and as such, because there is already a thread I made where I reviewed RC1, I am not sure wether it deserves its own thread or belongs in my old one. I will let the decision, and appropriate actions in the hands of the forum staff since my review largely builds on what I’ve said about RC1, with a few changes.

Install package

Installation was pretty straightforward and easy. I encountered no difficulties and found it to be quite easy. It didn’t hog the computer nor did it cause high disk activity. All it really did was spend much time installing the drivers, but it falls well into the category of quick installs. Once that has been done, the firewall asks for configuration. It was simple and went smooth.

Hefty package I must say. 31MB, should look more promissing to the masses than those 2MB firewall installs I’ve seen… I believe the install space estimation isn’t correct however, and there’s two reasons for that. The firewall may require 50MB of HDD space, but mine actually uses some 53. I would set the threshold at 60 or even 70. Second, firewall folders such as C:\ProgramData\Comodo\Common\DB\DDB\CPL contain some 700 files. Due to cluster-fill avalanche effect(example: a 1-byte file will take up 4KB on the disk, more such files will only amplify the effect) this makes the folder, which contains 110KB of actual data, occupy 3.1MB on disk. Now let’s take that to larger scale and check the entire C:\ProgramData\Comodo\Common\DB\DDB folder. Size: 32MB, size on disk: 52MB. And there’s still the install in Program Files which is 20MB. I would say recommend some 80-90MB for CFP to installor centralize those databases into a single file.

First Run

Aiiiiiie! As soon as the system booted again, I was assaulted with popups. All in all the number of firewall and d+ popups was greater than that of ZA. That didn’t bother me. However, there were many many popups a second about what D+ was learning. Again I am not one to mind a series of popups at the beginning. I will gladly take a week to fine tune the firewall to my exact desired settings. However, many users will not. These popups weren’t asking anything, they were just there. But they were many and they just kept on coming. “D+ is learning”.

Why are those popups really showing up there? They stay on screen for about 1 second beforeannouncing the next app that has been learnt. You don’t really have time to read them. And of course, all the information there is abstract. “explorer.exe launched proces blahblah.exe” People just get confused. And annoyed. Secondly, the firewall could have done this quietly. Okay fine, it’s learning, I get it! Why do I have to watch this stuff? If I wanna see process activity I’ll start my task manager. But perhaps the most overlooked aspect of it is WHERE the popups are showing up. That is the lower right corner of the screen. It’s where messenger popups appear. Imagine the annoyance of an IM user. The solution I’d find to this is simple: SHOW ME A CHECKBOX WHICH I CAN TICK TO STOP SEEING THIS INFORMATION. If those popups were accompanied by one such box it would work wonders.

Okay let’s assume you got the firewall’s apps allowed with time. I just loaded my previous settings from CFP 3 RC1. While I am doing this I’m still fighting lots of allow/deny popups.

Interface

Well just like the last one I didn’t like the colors and still don’t. I don’t like the white, in both the windows and the tray icon. But let’s leave that aside. The thing is that when I open a popup window from the interface and then close it, any buttons that may have been underneath it are half-green colored. A bug that was there in all betas since I began testing this.

I’m glad CFP 3 fixed the slow application review purge. But I’d really like an option to just stop making apps show up in there altogether.

Now for my main concern: the logging. Yeah logging makes the disk spin fast when there’s about 10 intrusions a second and it writes them in sequence. There’s tons of apps which log alot of things a second, but they don’t do that. I don’t see my HDD light blink like with CFP on every access attempt.

Performance/Stability/Security

No complaints so far(aside from the beforementioned logging). Everything running smooth as it always has. 10MB RAM usage, 0% CPU. With a product this complex, it’s a miracle. As for security, well it passes all tests it has passed as beta so far(referrence to my old review) and there’s really not much to say there. Wether default configs for IMCP and self-protection against termination are now done properly, I cannot say.

Conclusion

CFP has significantly been polished over its predecessor, RC1. However, there’s still a few interface quirks and nes skins I’d like to see addressed. Inside the cover however, it is a solid, stable, lightweight, and secure firewall. One of its biggest wins over other firewalls is that it never simply blocks access or cause app compatibility issues just because it can. If properly configured, it will work in any situation and I mean ANY, so long as there isn’t local app/configuration compatibility issues. I’m saying this because one of my friends which I had mentioned installed it on his laptop tomy recommendation and had his wireless stop working, has been fiddling with it and says he managed to obtain “partial internet access”. Sadly, I have not spoken to him in detail to find out what he did. But it goes to show that even those who have the old “I installed a 3rd party fw and my internet stopped working” cliche may just be a settings issue.

I would advise Comodo specialists to take more interest in “exotic connections”(shared networks, NAT, wireless), because it seems the issue can actually be resolved simply by having it configured properly. These settings should be discovered and automatically applied for said connections. I believe I can help with this discovery, I will check with my friend and see what he has managed to do…

Best of wishes!

I get a total of 82M on disk.

I must be getting only 70 because I have my harddrive compressed. ;D

Not only that, it depends on your OS bit like 32 or 64 and how many files are on your pc. This is because I believe due to Defense+ capturing all the files that are considered safe (or not).

Here’s my at the current moment. Please note this does not include other system driver files like in the Windows\System32 directory.

[attachment deleted by admin]

Huh… My “\Program Files\Comodo\Firewall” takes just 28 MB… (WinXP32.) Where else should I look (I don’t mean DLLs in system folders and registry entries)? Also it seems that CFP keeps duplicates of some files in a subfolder called “Repair” just in case.

EDIT: Ah yes of course, in Documents and Settings…

I searched for the word “Comodo” (with hidden & system files revaled in Explorer) and found that. Yes that repair folder must be backup files.

personally, Im not impressed at all. the first reboot crashed my computer and i had to do a cold boot cause it just would not cooperate. the firewall slowed this pc to a crawl, and all i wanted to do was play company of heros. If things dont drastically improve in the next 48hrs, im going back to version 2. cause so far, im very disapointed.

What is with companies that think prettier interfaces and memory hogging graphics is the way to go? simplicity, straight to the point and now bullchit is what people want. they want a program that doesnt use any memory to speak of, is transparent when not in use, and doesnt throw a temper tantrum over stupid ■■■■ like this thing does.

its nice but i dont know how to check the files iv already assigned riles too!!! help! 2 was so eassy bt 3… ??? (:SAD)

I agree, 2 was very intuitive compared to 3. Frankly the idea of having to engage myself in a relationship to my firewall just so I can properly set it up gives me the idea that I should go back to 2.4.

I liked the interface of 2.4 much better. I that I have to define most of my applications with the firewall MANUALLY. Why should I bother submitting apps to Comodo if the user base has to set things up on their own now. I do like some of the changes with setting up port rules, but sadly someone forgot the important part. The Interface is also feels very foreign compared to 2.4 and in my opinion it looks like someone is mimicking Jetico. I might like to take this time to mention how much I hate that firewall. But I won’t. I’ll just say I can attribute more BSODs to Jetico in my experience, and overall I think maybe I should just uninstall CPF3 and go back to 2.4 until I feel confident that 3 will be an improvement and not a massive step back. If someone makes a firewall that somehow integrates the best of 2 and 3 I may end up moving to that instead of going to 3 after major changes are made.

well its confirmed, the new firewall has hosed my system… looks like i gotta reinstall xp now ;(

system restore doesnt work, games no longer work, internet shortcuts from my quick launch no longer work, keep getting ’ this is not a valid win32 application’ games throw the same error till i close comodo completely, then the games work fine. but now i cant even restore windows cause this half bake ‘update’ just phucked everything.

Disable the “Defense+” and apps will work. I had the same problem! This is a pain in the a**e!!! Why is that? [!] is comodo thinking!!! Ok, maybe the Firewall is better but somebody forgot people got to use this. And quite frankly, its AWEFUL!!! The interface is shocking, and defense+ is worse than M$/Vista UAC thing. Comodo, I don’t know what happened but this latest installment is like M$ and Windows ME all over again! A tchnically sound system… just unusable in real life. I have never been so outraged by software I used to LOVE!!! (L)? I THINK NOT!!! PLEASE LOOK AT YOUR FORUM AND FIX IT!!!

OK, rant over, heres my conclusion of rant:

1 - changing rules took ages to work out. Finally figured out - Firewall>advanced>Network Security Policy

2 - defense+ is rubbish. Whilst good in theory, its just a pain.

2a - WAY too many popups everytime I do something
2b - Uses lots of resources (good cause I’m sure)

but mainly
2c - Not vaild win32 app. YAY! I’m safe…just cant run anything! Wooopeeee!!! I noticed Defense+ popping up to ask if it wanted me to allow it, I said yes, its says not valid app. So I turned it off and hey presto! It works! I have my computer back. Theres security and then theres taking it too far. Preventing everyting from running? thats too far.