Yesterday installed Comodo Firewall - with DNS feature (what does that do?)

Hi. I’ve Comodo Firewall (free version) installed for years. Yesterday I needed to do a particular diagnostic scan which required that I uninstall Comodo Firewall. I ran the scan and immediately afterwards downloaded the Comodo Firewall installation file from Comodo website and re-installed it.
During the setup process, I was asked about using the Comodo DNS server. I don’t really have a clue as to what this means… but from the few lines explaining what it does, it seemed like a good thing to have.
I distinctly remember when previously installing Comodo Firewall, I for some reason decided to leave the box unchecked and NOT install this DNS feature. Yet, this time I thought I’d try it out.
So far all is good, but it seems to me that surfing the web has slowed down a bit since installing Comodo with the DNS server feature. I remember the setup window actually stating that it does the opposite - that it speeds up loading web pages… but from what I can tell, my web experience has been slowed down.
Of course, I can’t say for sure that this slowdown is related to the Comodo DNS feature… but I thought I’d post here to try and get a better understanding of what exactly this feature does and if it is at all possible that it is the cause of my sudden slower internet.

It will block malicious website. That’s the function that the DNS feature has.

Valentin N

Thanks for your quick reply Valentin N!
So that’s cool. Could this feature in any way be responsible for webpages loading slowly?

Every page on the internet has an IP address, which is a string of numbers. Strings of numbers aren’t very memorable to human beings, so the IP addresses have basically been given a nickname that is easy for us to remember. Something like a company name, or catchphrase. It’s much easier to remember than

DNS is basically a translator of sorts that keeps track of the nicknames and their corresponding IP addresses.

So if you want to browse to a new web page, your computer asks your DNS service what the IP address of the webpage you want to visit is.

With SecureDNS, this gives a chance to block known malware sites. If you want to visit a potentially harmful site, SecureDNS will warn you before you actually have the website rendered in your browser.

As for the speed, DNS has no impact on your actual throughput. If you have a 20MB connection, you will still have a 20MB connection regardless of what DNS you use. Upload and download speeds aren’t affected by DNS. Where DNS can affect speed is the actual web page lookups. However, unless the DNS is really bad, you’re only looking at a difference in the neighborhood of milliseconds, or at most, tenths of a second. So really, nothing that would realistically impact your browsing speed.

However, you can always easily disable SecureDNS if you feel it is slowing you down. Details on this page.

ok. cool. thanks HeffeD! :slight_smile:


Given that you are unfamiliar with DNS services, here is a link to a Sept 2010 PC Mag very short article. Sunbelt Software Secure DNS Enters Beta | PCMag You can add to the list DNS Advantage which you can find at

For me, the important difference between them is that Comodo and ClearCloud DNS offer realtime alerts/blocking of malicious sites, sites that are flagged within their respective databases. OpenDNS, which has been around for some time, presently only allows users to block sites by user-selected categories. For example, through one’s dashboard, one can elect to block pornographic/sex sites, malicious or not, but users can inadvertently access a malicious site if the site does not fall within the user-selected blocked categories.

If you do a web search you will find a consensus that Comodo SecureDNS and ClearCloud DNS are comparable in blocking malicious sites (which you have the option of overriding) but each will block only those sites which are in their respective databases. On the other hand, OpenDNS is unmatched in giving you the ability to block sites by topics or categories.

Although these DNS services are working on doing both, at this time, I am not aware of one that blocks malicious sites while, at the same time, allowing the user to additionally block selected categories. Since one can only designate one preferred DNS server address at a time, one has to choose one or the other: blocking user-selected categories or allowing the DNS server to block what it designates as malicious sites.

Finally, HeffeD makes an excellent point about DNS lookups. If you’ve read enough of them, you know that test labs/reviewers love to point out that one entity is a millisecond faster, uses a few bits less RAM, etc., etc., etc. I dare say that in most instances, the average end-user is not going to notice the differences. So it is with DNS services: lots of discussions about speed but, for one’s needs, it’s what they are doing that’s important to consider, not how fast they are doing it.