Hmm, CIS 4 without sandbox and (probably) Allow All outgoing rule removed is in fact CIS 3.x so basically they retested old version against 148 tests. I was curious how CIS 4 performs out-of-the-box with Sandbox enabled. :a0
Also I want to see how it performs in 64bit environment.
Nevertheless it’s a very good result so kudos to CIS development team. :-TU
LE: LegendOfTheKipper is not a fair comment. I don’t like synthetic tests but at least I heard something about Matousec. About that MRG here I heard for the first time and I hope that for the last time too. BTW nice thread about MRG. :P0l
Heres to Melih and his developers.100%, a huge well done to you all , lets get the other improvements into Cis asap and it may just go 110% if that were possible.!
Once again, thanks for the peace of mind Cis brings.
How much configuration is required to achieve these results? What settings need to be changed? (network security policy, network security level, stealth ports settings, ect.)
The products are configured to their highest usable security settings and tested with this configuration only. We define the highest security settings as settings that the user is able to set without advanced knowledge of the operating system. This means that the user, with the skills and knowledge we assume, is able to go through all forms of the graphic user interface of the product and enable or disable or choose among several therein given options, but is not able to think out names of devices, directories, files, registry entries etc. to add to some table of protected objects manually, not even if such a configuration is suggested on the product's support forum or website.
A bit vague, but I bet this probably means configure CIS to proactive and disable the sandbox. I wouldn't classify paranoid mode as a usable security setting for an ordinary user.
I have no idea about the stealth ports wizard, but would that matter for this test?
Still, wouldn’t mind knowing exactly how they configured it. Does anyone know if that information is available to anyone outside of Matousec?
All tests were executed outside the Comodo Internet Security's sandbox.
Last page in this [url=https://docs.google.com/viewer?url=http://www.matousec.com/projects/proactive-security-challenge/reports/PSC%2520report%2520-%2520Comodo%2520Internet%2520Security%25204.0.141842.828.pdf]pdf[/url].