Installation & initial configuration the hassle-free way (CIS 5.x)

Installation & initial configuration the hassle-free way

Who is it for?
This approach is suitable for most CIS users, particularly the less expert. More specifically it is for those who:

  • want an approach to installation that minimises the hassle of answering alerts but still results in a secure configuration.
  • want to use a configuration close to the default ‘internet security’ or ‘proactive’ configurations, including the automatic sandbox.

Who is it not for?
The automatic sandbox works well in CIS 5.x, but those who are a) expert in the use of CIS and b) looking to achieve the absolute maximum level of security, should probably still switch off the automatic sandbox and use a more tailored manual approach to installation and configuration.

How does it work
It suggests that you do a clean install of CIS so you take full advantage of CIS 5.x’s stronger security facilities [1]. Please note this means you will lose all pre-existing CIS configuration information. It also takes full advantage of CIS’s instant online analysis capability to, in effect, answer the alerts for you.

The process

[ol]- Do not import any CIS 4.x or 5.x configuration at any stage of this installation

  • Uninstall the previous version of CIS and reboot.
  • Install CIS 5.x
  • Reboot when requested
  • Open all the programs you use reasonably frequently especially any utilities, ignoring all except AV alerts. Close them when they have fully loaded. (When I say ignore I really do mean ignore them - let them time out, or reboot before they do it does not matter which!)
  • Wait 15 minutes after machine has completely booted and you have opened & closed all your programs, ignoring all except AV alert alerts.
  • In Defense plus, open Unrecognised Files and move all files that you trust to Trusted Files. If you are not sure, don’t move them. CIS may deal with them itself later.
  • Then open the Active Processes List and look for early-loading files running as sandbox level=disabled, verdict=unknown. Use right click menu to add any that you trust to Trusted Files. This stage may not be needed in 5.3+, but I’d do it anyway just to be safe.
  • If you wish, upgrade to proactive configuration (using More ~ Manage My Configurations) at this stage
  • Now respond to any ‘New Private Network Detected’ alerts. Do not respond to any other alerts except AV alerts
  • Reboot
  • On reboot respond to any further alerts you may receive. These should be very limited in number. If they are internet access alerts and you trust the files, make them trusted by the firewall using the drop down menus.
  • Optionally reboot again, if any application malfunctions are experienced.[/ol]

Error 1314
A few users on Windows XP machines may receive this ‘installer cannot reboot your machine’ error. It does not indicate a problem. You may reboot your machine manually instead, at the point indicated in the above process.

[1] Importing configurations or upgrading from 4.0 configurations may seem less hassle but past experience suggests it is likely to result in a less secure system, and may incur greater installation and reliability problems.
[2] If you have tried this process and your update fails or malfunctions, please try the approaches described by Chiron here.

[i]Please help us improve this introduction by posting suggestions to the ‘Help materials - Feedback topic’ here.

This FAQ has been prepared by a volunteer moderator – with input from many other moderators (Thanks everyone). It has been produced on a best endeavours basis - it will be added to and corrected as we find out more. Please note that I am not a member of staff and therefore cannot speak on behalf of Comodo.[/i]

Updated: 15 June 2011, to reflect changes up to CIS version