Hello, I am a long time user of this software, and I have some ideas regarding improving it a bit. I would really appreciate the developers feedback on these:
- When clicking on the ‘Blocked Applications’ log:
A) It would be really nice if there were a way to right-click on each item and with one click instantly go to the corresponding event log. The way it is right now, the user has to check the blocked applications log, then manually open the ‘View Logs’ event log area to find more details, and scroll through it manually.
B) Question: In the ‘Unblock Applications’ window, when ‘Unblock for all security components’, is this any different from ‘Add to Trusted Files’ in the "Active Processes List (Contained Only)’ log?
- In the ‘Blocked Applications / Unblock Applications’ window, you can right-click on items and select ‘File details’, but i the ‘File rating’ tab, the user rating ‘Rate Now’ option is grayed out.
A) It would be nice to be able to use this option from within this window.
B) It would be nice if the ‘File details’ option was available in the ‘Contained apps’ log as well.
In the ‘Firewall Event’ log, it would be really nice if there was a way to see which firewall rule blocked the event. For example, IPv6 traffic, loopback traffic, fragmented IP traffic, anti-ARP spoofing, or which specific block rule from within the Firewall ‘Application rules’. This would also make it possible to more properly use the ‘Advanced Filter’ option.
When running software in the Container, it seems common than a lot of them either take a really long time to open, or stall out and do not open at all. I am on Windows 10 Pro with all updates, and have tested this on several different fresh installs of Windows. Is this a known issue, or is there something I can tweak to help with this?
In Advanced settings / Firewall / Application rules and HIPS / HIPS Rules: it would be really nice to be able to right-click on items and have the ‘File details’ option.
The current ‘Learning Mode’ creates general/broad rules. It would be really nice for it to create very precise/exact rules (Verbose Learning Mode) regarding each and every action applications do:
A) For the HIPS module, this could be rather detailed and rather extreme.
B) For the Firewall module, this might have to be somewhat more limited/reasonable, for example not creating rules for specific IP addresses, just the protocol/port etc.
This would be nice for users that like fine-tuning their systems, but want to take advantage of the learning modes.
Under ‘Website Filtering’, the ‘Allowed Sites’ and ‘Blocked Sites’ rules list categories for ‘Safe Sites’, ‘Malware Sites’, and ‘Phishing Sites’, but when viewing the ‘Categories’, the only one that actually shows up is ‘Exclusions’. Is this on purpose (proprietary), or an error?
Does the information from ‘Send anonymous program usage statistics to COMODO’ get used in the statistics here Comodo Transparency Page - Historical Statistics ?
If so, it would be a cool feature to include a link to those statistics in the ‘Logging’ settings window. It might even increase the amount of users that leave this box checked.
- In Settings / Updates, I have the option ‘Use full signature database’. I am using the stand-alone Firewall installation, without the AV.
A) I am curious how this option applies to the version I have installed.
B) When I view the online help database, I cannot find any information regarding this feature: https://help.comodo.com/topic-72-1-766-9134-Configure-Program-and-Virus-Database-Updates.html Does it provide any additional security (even if at the expense of system resources)?
Is it possible for the ‘Enable Trustconnect alerts’ option to detect if an alternative VPN is being used, or would that require specific whitelisting of other VPN providers / not be feasible? It is a nice feature, but I already have a dedicated VPN. No big deal either way, just curious.
Most VPN products have built-in ‘firewall’ option that allows the user to disable all internet access while not connected to the VPN. Would it be in the scope of Comodo FW to implement a feature like this, for allow the user to specify the VPN/Adapter/Connection specifically? Regardless of other software providing this feature, it would be re-assuring if the Comodo FW itself enforced it.
There are Firewall Rulesets for ‘Web Browser’, ‘Email Client’, etc., but Comodo FW does not automatically apply these to known browsers, and instead, automatically applies general Allow all outbound rules. Is this on purpose, or is this going to be implemented in the future?
Under General Settings / Configuration, there are the three default configurations. As soon as the user starts tweaking settings on their own, the configuration technically becomes a personal configuration, but the ‘Status/Active’ is still applied to one of the original default configurations. In order to Export the current personalized configuration, the user must select the ‘Active’ configuration, but at first this can be a bit confusing.
A) I suggest that upon any tweaking of settings that differ from the selected default configuration, a fourth configuration is created, with an arrow that signifies its source configuration (Firewall Security, etc.), and is titled something like ‘Personal Configuration’.
I know this is a really small tweak, but think it would provide a little clarity and be a nice little feature.
B) When exporting a modified configuration, the prompt ‘Would you like to save your changes to the current configuration before exporting it?’ comes up. At first it seems implied that the changed to the existing default configuration are going to be saved to said configuration.
A) I think it would be more clear if it was worded ‘Would you like to save your personalized changes from the current configuration before exporting it?’. Maybe not that exact wording, but something that makes things a bit more clear.
B) The ‘Select a path to export the configuration’ window does not seem to refresh itself when creating a new folder from within the dialog, making it hard to rename said folder or save in it accordingly.
C) Upon Importing a custom configuration, it would be nice if the default name it was imported as was 'COMODO - * Security ‘Filename Security’.
D) It would be nice if the software prompted the user ‘Would you like to automatically Activate the imported configuration’.
E) When activating a new configuration, the user is asked if they want to save the changes to the current one or not, but when clicking ‘Yes’ it overrides it, instead of asking what to save it as, or verifying override. This results in the default configuration provided with fresh install to be overwritten, but maintains the original name, which can be confusing later down the road.
F) It would be nice if there were an option to reset the default configurations.
Option to enable DNS resolution in prompts.
In ‘Advanced Settings’ window, add ‘Apply’ button to each area, so settings can be applied without closing the window.
Rulesets do not update in the active settings window while they are being applied via prompts. The only way to get them to refresh is by closing and re-opening the settings window.
A) Automatically refresh settings on a pre-set interval.
B) Button to manual ‘Refresh’
C) Automatically refresh upon switching between different windows (for example ‘Applications Rules’ / ‘Global Rules’).
- Option to display more detailed network monitoring information, such as in LittleSnitch MacOS Firewall has. The ‘View Connections’ window and Killswitch provide some of these features, but something that can be displayed in the main CIS window, which provides extra details (other than just the 3 most active processes), especially the geolocation mapping, would be really stellar! Maybe the ‘View Connections’ window could be updated to have an optionally enabled geolocation map?
The DNS resolution feature I requested above, would also be really nice if it was implemented in the ‘View Connections’ window as well.
The issue of rules getting deleted at shutdown seemingly has still not been fixed. Several simple solutions have been proposed, but Comodo fails to acknowledge and address them. This has been an issue for a very long time, and it is very disappointing that nothing is being done about it. https://forums.comodo.com/verified-wish-reports-cis/hips-rules-disappear-randomly-m1897-t100199.0.html
Ability to filter traffic per Service (to differentiate svchost usage). https://forums.comodo.com/firewall-help-cis/svchostexe-and-system-trying-to-access-internet-t126188.0.html
The free software Private Win10 is able to do this: