Have a question to COMODO Firewall

I would like to ask, some people know COMODO blockade IP and MAC blockade which benefits the most? Or almost? Sometimes, the server was udp attacked, and the log has a COMODO firewall blockade of traffic, but traffic still continue to enter. replaced by Kaspersky Firewall after the blockade of traffic also disappeared. This is how to do it? Is the underlying architecture different? Or what? How COMODO a way to achieve?

Blocking or allowing by IP or MAC are subject to spoofing. Neither can prevent intrusion, but are very good protection against that. By using BOTH IP and MAC, i.e., specific MAC(s) from or to particular IP or IP zone, then the principle of least permission is enforced for specific and particular.

The default CIS behavior is to block and unless logging is disabled it will show in the logs. I’m not familiar with Kaspersky, but understand it has good reviews. If there is no logs of the traffic that is at issue, then either its not being blocked, the blocking isn’t being logged, or the traffic isn’t occurring.