There are a lot of questions answered or avoided entirely by using the following steps when you initially install and set up CPF.
Even if you are familiar with firewalls, CPF has a layered approach to security that is very different; using these steps will get you a working firewall, internet connection, and full security. If you try to create your own custom setup and rules from the ground up, you may unintentionally reduce CPF’s functionality, lose your internet connection, block applications, open your system up to hackers, and just generally give yourself a string of headaches. After you’ve used CPF for a while and get it all figured out, if you want to reinstall using your own custom settings, be my guest ~ but for now, it’s best to follow these steps:
- Uninstall any previous third-party (non-OEM) firewall; if you have WinXP, turn OFF Windows Firewall. Reboot.
1a. If you have a dedicated HIPS program running, I recommend turning it off temporarily while you install and set up CPF. It may block some components and not warn you, thus causing conflicts and improper installation. You can reactivate it once you have CPF up and running.
- Install CPF. Use Automatic - do not choose Manual/Advanced install. Follow the prompts. Reboot.
2a. When you open CPF after reboot, you are prompted to Activate. If you are on a LAN or behind a Router, you may have some difficulties connecting to Activate CPF. You can skip it until later, if you want; it will not impact functionality of CPF. (Note: As of v.18.104.22.168, you will now have 6 network rules)
If you are on a LAN, are using one computer to share internet connection, or are behind a router, run the Network Wizard (if these do not apply, you can skip this step). Go to Security/Tasks/Define a New Trusted Network (lower left). Follow the prompts. Reboot when finished. (Note: As of v.22.214.171.124, you will now have 8 network rules)
Run the Applications Wizard. Go to Security/Tasks/Scan for Known Applications. Follow the prompts. Reboot when finished.
CPF is now fully functional for the majority of users, and is fully secure.
I realize a lot of people want to create their own rules, and “tighten” things up. In order to do so effectively, you need to understand CPF, and how it works.
At the base of CPF is the Network Monitor - it controls how all applications are allowed to connect to the internet; everything occurs within the context of these rules.
Next in line is the Application Monitor - this defines what applications are allowed to connect (or not connect; you can block applications here as well), in the context of the Network Rules.
Finally comes the Component Monitor - this loads & approves all components within each application; it’s CPF’s way of saying, when you start an application, “Okay, all these pieces of the application check out; they’re good to go.” The Component Monitor will be a large list; the more Applications you have, the larger it will be. You can block components here if you want, or remove components altogether - just be sure to click “OK” after making your changes (by default, Component Monitor is set to “Learn”; do not change it to “On” until you’ve run the majority of your applications, or you will get a lot of popups).
That said, read m0ng0d’s post on Network Control Rules, Here. This will help you understand how to work with these rules better, when you do your tweaking.
If you use any P2P applications, or do online gaming, you will need to create special rules to allow the necessary ports, etc.
Here are a list of links to FAQs; read through these as well, for specific issues like the P2P, gaming, WIFI LAN, etc.
While following these installation steps will provide you the “out of the box” security that Comodo is already famous for, please be aware that this does not mean you won’t have any problems. This is the case with any and all computers, along with any and all software; there are a lot of variables involved, and some combinations of configurations just don’t play well together. That’s where this Forum, and Comodo’s Support site, are invaluable. Use the Advanced Search feature to narrow your results to the Firewall, to look for similar problems. If you have questions that aren’t answered, or need clarification, just ask; someone will be glad to help (Note: the Moderators are not Comodo employees, but volunteer users). When posting a new topic, please keep the Subject line concise and accurate to describe the problem (for example, “CPF blocks IE7” rather than, “Help! It doesn’t work!”).
Welcome to your new Comodo Personal Firewall ~ Happy Hunting!