What is new in pure Firewall v5?


The questions are for the developers

Some clients of mine have an itch for trying v5
(sure not me, but what can i do about it? 88))

I have no interest whatsoever and will never consider using Comodo’s:

  • Sandbox
  • CIMA
  • Cloud
  • AV
  • nobody (here) cares about the new & better working “game mode” as well
  • etc.

I only would use pure Firewall as usual
(most likely with Defese+, which is in place currently )
The 3.14 is installed and working fine on XP Pro in my case
and on win 7 x64 for about 23 clients of mine

Therefore, it would be nice to have some info regarding v5

1) what is new in pure Firewall? That is unclear according to current descriptions
sure I got the “cloud thing”… but again we do not need that at all & will never consider using it;

2) are there any enhancements in pure Firewall / defense+ which are not include “less alerts” insanity? ;

can the installation Wizard opt-out the Sandbox, Cloud and CIMA?
If that is not available during the installation is it possible to disable all the above completely! after v5 was installed;

If the Sandbox & other unneeded stuff are disabled, do we still need to “tweak” the Firewall settings/rules in order to get a normal outgoing traffic control or it is still allowed by default?

Thanks in advance

As it was declared in the past - the Behavioural Blocker was intended to be a standalone component. Is it over, since integrated (again! :o) CIMA is in place?

Thanks, Siber
Almost the same situation here (customers going to v5)
You just put in words my thoughts and wishes. (I couldn’t express myself as good as you did)
Let’s wait for an (knowledge) answer.

Find attached the essential D+ stuff from Proactive Configuration.

Network Firewall has not changed much. In Proactive it uses the “Alert me to incoming connections and make my ports stealth on a per-case basis” Global Rules. When changing to All Stealth the basic block and log rule changed to block (not log). Nothing major there.

In default settings (both Internet and Proactive Security) CIS won’t make rules for safe applications in D+ and Firewall. It means it uses one policy for each and every safe program and does not store rules for it; it is meant to keep CIS responsive I guess.

For the rest I would say shake off the fear and fiercely face the beast yourself… Eventually the apparent market pull will force you to face it… :wink:

[attachment deleted by admin]

Thanks for the reply, Eric.

I do appreciate that & your effort, but

mainly what I can pick up from you answer is that

That is just a basic part from which I can make a conclusion that I can stay with v3
Unfortunately other questions were not answered and those are important
Please do not get it wrong I cannot demand that from you by any means
Probably the devs will eventually reply & clarify the rest

Sorry, that is not an answer
I have enough experience - therefore I do not have any “fear”(s) re: the Software
I can face any “Software beast”, but my opinion is - one must have a plan and clear understanding ahead - that is not a “shuffling a deck of cards”
As for the “…market pull” - No, nothing can force me :wink:
… except the decent design, which as I can see is not the one in this case.
(my personal point of view - nobody should care ;D)

That’s why I want to be sure that I have and ability to disable all that is not needed prior to diving into the the swamp.

That was the essence of all other unanswered questions

Thanks again. Cheers!


Thanks AeoniAn
Yeah, let’s hope we will have clarification from the developers


Sorry, I just want to follow this thread. As usual Syber is very pertinent.

Then you might want to try the

button instead. :-La

I didn’t know that, thanks.

Point 3):
No for the wizard (altough not absolutely sure for the sandbox), yes for post-installation, at least for sandbox and cloud.
In order to answer for CIMA, please explain to the poor french speaker what this acronym means.

Point 4) Same ■■■■.
If, say, i want to customize a dns out rule only for port 53 to my isp dns, svchost and/or system become allowed outbound to all the world, and one has still to amend this rule as soon as cis writes it.
This lousy behavior already exists in v3, and never was corrected altough again reported by someone last week.

Moreover, and as i describe elsewhere, if you want to remain the “only man onboard after God” (configuration proactive, firewall and defense+ to highest degrees, sandbox, cloud, av and updates disabled, no trusted editor), as soon as you try to transform a predefined group of rules (“system”…) into custom so as to, e.g., monitor svchost, cis throws you out of whatever windows action (don’t ever do that if you don’t have like a do a multiboot partition or external boot device to save you).

CIMA (Comodo Instant Malware Analysis)

Danke sehr.

Only remaining, to answer the question, to reboot my cis 5 partition (my present working one is cis 3) to check whether some feature allows to enable/disable this CIMA in post-installation (during it, the answer is no), unless someone now running v5 konws this answer.

After rebooting, and if i understand well, it seems to be enough to uncheck the cloud settings both in av and defense+.

One could also try to modify the application groups concerning comodo applications both in firewall and defense+, customizing these rules, but i was thrown out of the gui trying to do that with the system applications group…

  1. Changed since v4.1:

To disable cloud you will have to do that in Execution Control Settings. No such thing as a wizard upon start up.

Did i say something different?

I just mentioned it too. Nothing deep. Was simply wrapped up in writing.

brucine & Eric,

Thanks for the additional info.
Probably the only unanswered question remaining (as in p.s. of the initial request):
whether the standalone BB will be developed or not ?


Behaviour blocker is scheduled for CIS 2011 and should be there before the end of the year according to Melih in May this year.

It was supposed to be in V4 if I remember well.
But then again I drink too much.

I can only tell what I know. I cannot tell the future… if I could I would not be doing this but making disgustingly much money… .:smiley:

Thanks for this answer as well.

Sure, but the question was

, which is about the past, and that you definitely can do … but… for free ;D Cheers!

People want to know when it will arrive though…