Is there a firewall training mode where you can just approve/deny apps?

Dear All,

Is there a firewall training mode in Comodo where you can just approve/deny apps like in Zone Alarm?


CFP 2.4 does not have a Learning mode except for Component Monitor; here it automatically “learns” and approves all components after being installed. Obviously, the concept is that you have installed the FW on a clean system. Typically, users keep it set to “Learn” for a few weeks or until such time as the majority (if not all) internet-connecting applications have been run; this helps minimize component-related popups.

Probably the closest thing with CFP 2.4 is to set Alert Frequency level to Very Low; this will limit the detail for each application alert to just the Application. Each AF level higher will add more detail to the alert, and thus, to any rules created. So if you adjust the level higher at any point, you will get more alerts for applications you have previously approved, based on the increased level of detail in the information.

CFP v3 (currently in Alpha testing) does have various levels of “learning” modes. They’re not quite the same as ZA’s, though.

Hope that helps,


Thanks Little Mac.

So maybe the learning mode would be best?

What’s the diff between the learning mode and the custom mode? I’m so confused… ??? ??? ??? ??? :o :o :o :o ??? ??? ??? ??? ??? :o :o


Custom Mode refers to the overall Security Level, of which there are three:

Allow All (basically disables the firewall by allowing all traffic, regardless of rules)
Custom (confusing name, as this is the “default” - just means that there are rules being used)
Block All (stops all traffic in or out, this is the “panic” button)

Learning Mode is only for Component Monitor; it has no direct impact on anything else.

However, CFP has something ZA does not… it has a built-in Safelist of known applications, which is on by default. This will automatically approve certain known applications that match the encrypted list, to help minimize user alerts.


So, you could get hacked with allow all enabled? I’m extremely worried. (:SAD) So we must set the mode to custom and figure out the firefox and Internet Explorer app?

Well, if you’re having issues with Firefox and Internet Explorer being able to connect, then yeah we need to get those worked out. There really shouldn’t be that much to it, really.

Here’s a few things to do:

Open Application Monitor. Remove any existing rules for both browsers, svchost.exe, system, explorer.

Then go to Security/Advanced/Miscellaneous. Make sure the 2nd box is checked, “Do not show alerts for applications certified by Comodo.” Also see where your Alert Frequency (AF) level is set; it should on Low by default (which, IMO, is a good place for it in general). Click OK.

Go to Security/Tasks/Scan for Known Applications. Follow the prompts, and reboot when finished.

Then open your browsers one at a time. If you get any alerts for them to connect (shouldn’t for IE, but will for FF), be sure to Allow with Remember.