Got to make it easier to use

First of all, great work Comodo getting this far with the firewall. However the major thing that made me uninstall and go back to free zonealarm with the fact that Comdo firewall pro is so difficult to use. I would consider myself to be an advanced computer user and Comodo had me stumped to why programs wheren’t being allowed access (by checking the logs) to the Internet after allowing them. If you could make your program easy to use regardless of IT knowledge this product could be fantastic, the security is already there with a bit more simplicity and ease of use on the front end UI it could be.

For example, Zonealarm is really easy to use just put either a tick or cross under the ‘access’ or ‘server’ columns. End users, usually, have little interest or even understand Internet protocols and therefore do not understand how to use the software, like myself as I have little expertise in this field.

I would appreicate it if somebody from Comodo could give me their feedback on the above and I am more than happy to help you towards a solution or to test BETAs.

Keep up the good work guys :),

Regards,
Jim

Thanks for the feedback Jim

Can you pls give us specific instances of issues you faced and how we could improve them pls so that we understand the problems better.
thanks
Melih

One the problems that I faced was with MSN messenger 8.0. It would be in the allow list on the firewall, but it wouldnt sign me in. When I looked in the Comodo firewall pro log it said that it had denied internet access to messenger. So I was struggling to understand why Comodo was blocking it?

Thanks for the quick reply,

Jim

that is very strange and I don’t think we have any reports of anything similar to that…
hmm…

you can go ahead and enable it and see what happens…

Melih

IM programs (including MSN Messenger) frequently use protocols that the default rules of CPF do not allow (if I remember correctly, IGMP is the chief offender). Thus, even though Messenger is allowed as an Application, IGMP is not explicitly allowed as an IP Protocol; thus it is blocked.

The problem comes in that most other firewalls don’t seem to care about the IP Protocol; if an Application is allowed, it’s allowed no matter what.

Thus, Jim’s (and probably other users’) dilemma and confusion. I have a couple recent additions to the Wishlist for the Network Rules corresponding to Safe Applications to be automatically added along with the Application Rules, when running the Scan for Known Applications. The little extra of tagging/labeling/naming the rules for ease of reference would help in creating/tweaking rules for similar applications. Also, available from the App Monitor, a History of applications connection activity, so the user can see exactly how a single application is connecting/trying to connect (and if it’s being blocked, tighten rules, etc).

Look here: https://forums.comodo.com/index.php/topic,4612.msg37823.html#msg37823
and here: https://forums.comodo.com/index.php/topic,4612.msg39214.html#msg39214

LM

Thankyou very much for your help. I run a small Intranet and customer feedback is very important to me, so sorry if I sound a little critical, but I know how valuable to you feedback can be. So thanks for adding them things to the wishlist. However I still believe that people no matter what their technical knowledge should be able to use your excellent firewall and therefore you should consider a simplification of the UI to allow this (for example Zonealarms UI).

Anyway, thanks again,

Jim

For me it works fine.
I do have a IGMP rule in network monitor if that’s what make it work…?
It looks like this.
Action : Allow
Protocol : IP
Direction : In
Source IP : Zone
Destination IP : 224.0.0.1
IP Detail : IGMP

I’m in a network as you can see.

My application monitor rules for MSN (Live) Messenger is.

Application : C:\Program\MSN Messenger\msnmsgr.exe
Parent : C:\WINDOWS\explorer.exe

General
Action : allow
Protocol : TCP or UDP
Direction : Out

Destination IP : Any

Destination Port : A set of ports : 53,80,443,1863,7001,

Miscellaneous


Application : C:\Program\MSN Messenger\msnmsgr.exe
Parent : C:\WINDOWS\explorer.exe

General
Action : allow
Protocol : TCP or UDP
Direction : In

Destination IP : Zone (your IP or Any)

Destination Port : Any

Miscellaneous

There might be something missing since I have just installed the RC5 beta, and not tried to send files yet.