Problem
Over time entries for trusted files within Defense+ and the Network Security Policy accumulate. The list grows ever longer with installations of new programs, Windows updates, software releases and so on. However, when programs are uninstalled or temporary files from zip deflations are deleted, the entries for those files still remain within the list of trusted files. Presumably, this has an impact upon the performance of CIS and the size of the registry.
Opportunity
Although CIS has a purge facility, there is a clear opportunity to automatically initiate a purge job to clear the dead entries. Such a purge job could be set up ad scheduled in the same as virus scans are.
needed (for security from my point of view, no need for cis to trust a deleted file, but the clean us is maybe a once per month thing. You have to remember that if the file is gone from the list, CIs will have to look to the cloud again and you don’t want it to have to do that over and over, it will cause slower servers if everyone does it) but it will not impact the performance, you can have millions of files listed there before performance will be impacted, that is what Egemen said at least.
Yes, that would be true if the entry was deleted from the list of trusted files and the file remained on your PC. However, if the file is no longer on your PC, you won’t be accessing it and so there will be no need to go to the cloud.
I manually purged redundant entries from my trusted files a few days ago. My PC (about 4 years old) took about 5 minutes to identify unnecessary entries and even longer to purge them There were two main reasons for this:
I use COMODO Backup to maintain a sync copy of my C drive on my D drive and periodically I backup both drives to NAS. As a result, there multiple entries in the list of trusted files for each trusted file on each o the drives on which it resided.
my last purge was about a year ago so the list had grown significantly.
Is there a performance impact? I haven’t noticed any significant degradation but take a look at CIS’s registry entries, you will see that CIS’s list of trusted files is held in the registry. Logic tells me that thee has to be a performance impact no matter how slight to access the registry and search the list every time a file is opened.