My favourite defense + wishes

defense + should have:

  • search function in the list of computer security policy (include also advanced search, if you only want to see trusted applications…)

  • the columns should be sorted alphabetical or on " threat as"…

  • because defense + also monitors processes… put some kind of graph in the main menu which shows which processes takes a lot of cpu power…

Just my penny… :slight_smile:

Edit:

ooh yeah, search should also be implemented in network security policy… (I know it should be listed at firewall wish list, but do not want to make a new thread for that wish… (:TNG) )

Absolutely agree. I have a lot of rules because of lots of applications. Some times (truly say “often”) I have a problem in find application I need in.

* the columns should be sorted alphabetical or on " threat as"......
Can't imagine the reason to have this feature, so I don't agree =)
* because defense + also monitors processes.... put some kind of graph in the main menu which shows which processes takes a lot of cpu power.....
I think it will be too overloaded COMODO product. Better to use built-in applications in MS Windows to monitor or graph such work.
ooh yeah, search should also be implemented in network security policy.... (I know it should be listed at firewall wish list, but do not want to make a new thread for that wish.... (:TNG) )
Like wish #1 - I agree.

Also I think it will be usefull to have opportunity to sort rows in Logs by columns (both for D+ and Firewall)

p.s. Sorry for my English - it’s not my native language.

Well, when you have columns it is in my humble opinion very logical to sort it on the name of the column, like " threat as" … because in this way you see in a second a list of all your trusted applications for example, without using the search… also it is easy if you can sort by name… also easy to find an application this way… in this way you have the option to use either search or if you want to quick sort the list…

no, it will not be overbloated… if you find that overbloated, than the whole application is overbloated… I think it is very logical to give a graph of the processes that uses most cpu time and power, because defense + is monitoring them but does not give any visual feedback of it in the main gui… the graph should look like the traffic graph you see in the summary screen…

and yes, if you want more details, you can use the task manager… but this is just a graph to give you indications like the traffic graph…

Agree. Very good explanation, thank you.

no, it will not be overbloated.... if you find that overbloated, than the whole application is overbloated.... I think it is very logical to give a graph of the processes that uses most cpu time and power, because defense + is monitoring them but does not give any visual feedback of it in the main gui..... the graph should look like the traffic graph you see in the summary screen...

and yes, if you want more details, you can use the task manager… but this is just a graph to give you indications like the traffic graph…


Hmm… Firewall designed for monitoring network activity, so it is understandable to have such graph for Network Utilization…
D+ doesn’t designed for such monitoring.
Compare Network Activity and Process Activity… Network activity = bytes transferred or number of connections?
But Processes activity… Util. of CPU? Memory? Reading/Writing to Disk? Or comprehensive rating ? Too much opportunities. It is better to use other applications (IMHO). For example “procexp” of Sysinternals (now it is division of Microsoft).

I do not think you understand me,

The firewall contains the firewall part which monitors indeed network activity… and you have a host intrusion preventions system like defense + which monitors critical system areas including system processes…

so when there is a suspicious system process, that slipped through defense + and it is hogging cpu or there are several system processes running for a long time and taking much cpu time, you can see that as an indication in the graph in the main gui of the firewall…

I am not saying cis must contains analyses graphs… NO, I say indication graphs like the traffic graph… and that graph is also not real-time… think about that!

Ok, now, I think I understand you. I realy think about real-time - my mistake.

But. For such graph (non real-time) D+ still will be needed in real-time update of counters of CPU utilization (peek util., time-long and so on). So I still think it’s not nessesary for such application like CIS.
And another reason is - if you have a lot of applications, then it is difficult to understand wich application is using a lot of CPU.
Also - you will have an over-time graph, so it would be nice to have an option (I think it REALY will be next wish) to get more local zone for graph (begining and ending points in time), also sorting, etc. So it will be realy huge work of COMODO application. Better to point CIS resourses to defeat attacks, than making not-nessesary work of gathering data from proceses.
As I said earlier - try to launch Procexp. There you can see historical real-time graph of some activity PER application/service (but just only from time of launching procexp).
So understand - all that work and data should be gathered and stored some where… So there no big differense in real-time graph or not.
I still think It’s just wasting of resourses doing such job by COMODO CIS. IMHO

I disagree with you totally! my wish is very simple and very simple to implement… you are making to difficult which is not the case… the basis for a graph I suggest is already there… al it needs is visualization in the form of a graph… and no it will not cost a lot of work for the developers and NO it is not a waste of resources…

I still think you do not understand 100% of what I am saying…

I think, that at this time D+ just intercept applications activity and dosn’t monitoring utilizations of PC resourses (CPU for example).
Making graph is very simple, but D+ should have some statistic data to make this graph. So I think CIS should include a new thread in itself - gathering data of utilization of system resourses by applications . It’s brand new for CIS.

And also - for what period of time you want to have such graph? Overall since installing CIS? Last week? day? hour?
The longer period - the more place needed for storing data and more resourses.

Also Network Activity has only one creteria - traffic.
And what should show you D+ ? % of CPU util.? Amount of time it totaly received on CPU?
And if 1 app used 100% for a 3 seconds, and other used 100% for a 3 min - should it together showed like 100%?

Tells us more clear your vision of this graph.

hmmm… :THNK… if you really have knowledge about how defense + is working and if it is true that defense + ONLY does intercepting of activities it does not know, than I agree with you that this is a new concept for CIS and it needs a new infrastructure… hmmm… :THNK

The period of times is just the system uptime… and for space you just make a rule like a max space of 2 MB for example…

This should not be a problem, just let us choose out of certain criteria like cpu time and the percentage of cpu power it has taken for let us say 10 seconds and refresh it automatically…

The graph should be a supplement of the process list you see in the defense + section… a better idea would be when viewing the process list you would see the cpu history of that certain process…

I am only suggesting this feature because it makes your pc more transparent…

I realy think so, and that is why:

  1. CIS should be very light and very-very fast. All extra-activity of CIS is not nessesary.
  2. In example, when some Application use 99%-100% of CPU the only way to see it in historical (or better real-time) way is using application with Thread Privilegies Above Normal (like TaskManager), otherwise you will wait for a minutes to redraw CIS GUI and waste more CPU =)
The period of times is just the system uptime.... and for space you just make a rule like a max space of 2 MB for example....
System uptime may be months long. (For me it is usuall case). Also at night time (when I sleep) some process may give so much data... so it could be overwitten by some other activity of other application.... (For example sheduled defragmentation, torrent, DC and so on ). So little time of monitoring period - it's bad. Too much time - also bad because of CPU, memory and other resourses fo calculating and drawing graph.
I am only suggesting this feature because it makes your pc more transparent.....
All-in-one application... It's becoming a monster =) I agree with AV+Firewall+Defense together because of possible problems in compatibility... but all other tasks should be done by other applications. That is my point of view.

I still think my suggestions are very valuable for the future CIS… and we can only know if it is being tested for real… just the integration of process monitoring with defense + giving alerts about processes and the ability to view the history about processes is a very strong combination against unwanted system infiltrations… (:WIN)

Re: Search/Sort
I also mean that there should be ability to have sorting based on column
headers. The search is there. When you click Name column header, then you can
start write name. But it’s still searching path also. It just search from the
start of the string.

Re: CPU Monitor
I think that there are better things to monitor CPU usage. I prefer free
Process Explorer by Sysinternals. It’s not neccessary to charge CPU usage of CIS
itself because of this. There’s no need to monitor CPU all the time. IMHO
I don’t even need or ever used Traffic Monitor in CIS. There’re better external
tools to use for this things. CIS is security thing. Not monitoring SW.

P. S. :
I added some ideas from this suggestion to “my” “AIO” list - Point(s) 4.5. If you have some free time please check my post if it’s fitted with your idea.

Thank you!

Suggestions for future version(s) AIO

I also like the idea of having a central database in CIS. The central database consist of known malicious code that can be used either by defense + or of course by cavs. The current defense + is not very intelligent… so if we say so to defense + some files are safe by putting for example the pc in clean pc mode, defense + makes itself smart by learning safe files… But how about learning known nasty piece of code ??? This can be achieved by implementing a central database of known baddies in to cis, in this scenario cis knows the bad files and knows the good files, good allowed, bad blocked automatically… This is handy for users who do not run cis with av and it is also very user friendly… (:WIN)