Protection using vs. not using sandboxing

We have 4 computers, 3 of them are XP with Chrome and use Trend Micro Maximum Security and Zemana Antilogger. The other is a new Windows 8 64 bit on which I just installed Comodo Dragon and CIS 6. I might consider saving a little money and using the Comodo on the other 3 however, I know my wife will not want to use sandboxing or the kiosk and I’m concerned about the level of protection under those conditions compared to the Trend Micro plus Zemana that we now use. Any thoughts? Thanks

Would you be planning on entirely disabling Defense+?

Or do you mean you would enable the HIPS and disable the auto-sandbox?

Or do you mean that you would keep the auto-sandbox enabled but not use the manual fully-virtualized sandboxing technology?

Sandboxing will trap malware where as antivirus is not as reliable.

I would not disable those things that are preset or can be configured, my point being that I wouldn’t expect my wife to manually activate any sandboxing techniques because she doesn’t want to interact with it. Also, I’m still learning low everything works myself!

For very strong protection the manual sandbox is not required to be used. However, I would advise setting up CIS as I advise in this article.

If you are willing to leave at least most of the protection modules intact than I would advise that you try out CIS and see if it will work for your purposes. If so then you shouldn’t have any need to continue to use Trend Micro.

Think about money… That’s it… I would go for Comodo even if you disable half of it…

Yes think about money.
I have returned to CIS, and I use the full suite. My only hope is that the next update will boost the av performance. Overall I love CIS full suite and if you fallow Chiron steps believe me you will love CIS even more, because CIS offer a strong protection in balance with light resource. So put your “money”(figurative way of saying trust) on Comodo. :-TU

Hi Chiron! I have a question regard to your config recommendation: What is the difference between Comodo Internet Security and Comodo Proactive Security. Just added your configuration steps to my CIS, but if your steps did not use the Hips, what improvement bring the Proactive Security to the security in this case?

See here: Comodo Preset Configurations, Firewall Security | Comodo Internet Security v6.2

Thanks but from what I read, the proactive security setting is good with hips enable, again why switching to proactive security if you disable hips, I know you are protected the same way if you set the BB to Untrusted according to Chiron steps. But if you make same steps, same setting, but on the Comodo internet security setting, you do not get the same protection?

To me switching to the proactive configuration is sort of like a shortcut. Sure, you could always make all the changes manually, but if I can achieve the exact configuration I want by switching to proactive (therefore making the majority of the changes I want) and then tweaking a few things then using proactive saves me a lot of time. :wink:

:slight_smile: Ok that make sense
Thx for clarifying this. Even with proactive, I still make changes. I’m a person who love details, so I prefer the hard road ;D

I like how in the guide it says: “COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine.” It’s like you are running Pentagon security system LOL! :slight_smile:

:smiley: Yee that’s true :smiley: Good one I liked :slight_smile:

CIS v6 is very quiet so your wife will not likely see alerts. Most people don’t install new program often. I would say just install CIS see what programs get sandboxed. When you know they are from trusted sources make them trusted.

Thanks, I’ll look at this! One of my concerns is that I have already spent more time on configuring CIS 6 in a couple of days than I have needed to spend on Trend Micro and Zemana Antikeylogger in several years on 3 systems! Plus, I now have the added problem in that CIS virtual mode is not delivering my login and /or password info to some banking sites and to my Password Agent. I’m not sure how much more time I will invest in this. Thanks so much.

The idea with my advice is that for the most part you should be able to configure it once and then not have to configure it any more.