Firewall

Comodo Internet Security - CIS News / Announcements / Feedback - CIS
#1

I. Best Software Firewalls for Maximum Protection and Greater User Involvement

The following personal firewalls provide excellent network protection. Each firewall comes with default settings and shouldn’t require much adjustment except for the needs of advanced users. Some information for configuration is provided whenever possible to help you learn about your firewall and to better suit it to your needs.

Firewall products in this section may require a fair amount of time to learn their features. Some products rely of lists of known safe applications, safe vendors, or valid digital signatures. Some products can optionally give safe or trusted status to all your current files, some have training or installation modes, and some have lesser configurations to reduce monitoring.

Since firewalls are often praised for their level of protection at their maximum security settings, users may not have the degree of protection mentioned in the reviews below if they reduce security levels using the firewall interface, or if users employ methods to increase automation in order to reduce alerts.

Comodo Firewall is the best choice for users seeking a full featured security suite. It has a robust and a very active HIPS or application monitoring feature called “Defense+”, which matches or exceeds the security performance of pay products. Comodo also provides a “memory firewall” which in their words, “Cutting-edge protection against sophisticated buffer overflow attacks.” Comodo allows for much control and customization, with a plethora of additional settings to adjust for the curious or for the paranoid. This latest release of Comodo is suitable for both lightly-skilled users (still must have knowledge of installed programs) and technically advanced users.

Comodo includes a very effective Sandbox component to limit how many applications and new software installations affect your computer. The use of sandbox protection helps to limit the negative effects of malware if some terrible infection manages to enter your system. Comodo Firewall boasts a “Default Deny Protection” for applications. Though they maintain a lengthy list of known safe applications in their database, if an unknown application attempts entry through the Firewall, Comodo will deny the application and ask the user what to do. The new release contains many new features while allowing experienced users to maintain absolute control over their system by controlling ports, protocols, and complete configuration command.

During installation, it gives you a choice between two levels of security. The “Firewall Only” mode (discussed in the next section) and the Comodo Internet Security (includes antivirus, antimalware, and additional features). After installation Comodo automatically selects “Safe Mode” which maximizes proactive protection to a high level, and is the best mode for most users. It will generate numerous popup alerts for applications not in its trusted vendors list (you can browse this list to see if you trust the vendors: go to the Defense+ tab > “Common Tasks” > “View My Trusted Software Vendors”). When you answer “allow” and “remember your answer” to popup alerts for an application, Comodo creates a custom policy for it. Some of its policies are fairly liberal.

In the more liberal “Clean PC Mode”, Defense+ automatically treats all applications on your drive as safe (but if any malware is currently hidden on your drive, it too would be considered safe). Applications still receive some minimal monitoring for Comodo’s two protected lists (“my protected registry keys” and “my protected COM interfaces”) and for running as an executable, or more/less monitoring depending on their custom policy. And new files get sent to a list of files “waiting for your review” in the “Summary” page. Files listed for review will be considered possibly unsafe and will provoke popup messages, as if in Safe Mode, until their custom policies are made.

Comodo limits the frequency of alerts by automatically treating some programs as safe and allowing some applications to access the Internet. You can additionally automate the behavior of Defense+ by one or more of these methods for treating applications as safe:

*

  Have it "remember your answer" to all popup alerts when an application first runs, which works for some applications (because some custom policies set this way are close to "trusted" status). But if an application still nags you, click "More Options" in the alert and use the drop down box to select "trusted" or "blocked" (etc.), if available, or set an application to trusted manually ("Defense+" > "Advanced" > "Computer Security Policy" > "Edit..." > "Use a Predefined Policy"), which finally ceases popup alerts and most intrusion prevention for that application.
*

  Add files to the lists of "My Own Safe Files" or "My Trusted Software Vendors" in the interface (see the "Defense+" tab), which is most helpful for "Safe Mode" or "Paranoid Mode".
*

  Use the "Clean PC Mode" (right-click the tray icon and select it under the "Defense+ Security Level"). But make sure to scan and remove any malware first.

Take a look at this guide on How to Install Comodo (version 4.1)

The following guides are far outdated and being reviewed for update so they are relevant to the current release of Comodo, but you are welcome to look at them anyway for any useful information that might help you: How to Tame Comodo Defense+ Without Disabling It and Comodo Forum Help.

Alternatively, see this mini guide (currently reviewing for update relevant to current version of Comodo) for an example of how to maximize some of its basic settings. Comodo nicely allows you to quickly increase or decrease protection with its different modes, configurations, and settings.

“Don’t Change anything”

Thanks Guys…

turnorburn