Comodo Firewall

toggle-button

Comodo Firewall

A good choice for lightly-skilled and advanced users seeking a full featured security suite.

3

Our rating: 

3

Pros & Cons:

Its Defense+ HIPS performance exceeds commercial products and leads the class, it includes a "memory firewall" feature, and it allows you to quickly switch between Defense+ security modes and configurations. Includes automatic updates. Installation can automatically configure your PC to use the Comodo SecureDNS (but you can do this without installing CIS).
No built-in help. Despite not installing the AV component, the AV files are still placed in the Comodo program folder. Possible problems when uninstalling program; remnants of the program are sometimes left on the computer.

Our Review:

Comodo Firewall is a good choice for users seeking a full featured security suite. This latest release is suitable for both lightly-skilled users (who still must have knowledge of installed programs) and technically advanced users. Its robust and active HIPS, or application monitoring feature, called "Defense+", matches or exceeds the security performance of pay products. Comodo allows for much control and customization for the curious or the paranoid.

Comodo includes a "memory firewall" (against buffer overflow attacks) and a light sandbox component to limit the way unknown applications and new software installations affect your computer. The use of sandbox protection limits the negative effects of malware. It maintains a lengthy list of known safe applications, but if an unknown application attempts entry through the firewall, Comodo will deny the application and ask the user what to do. The new release contains user friendly features by default while allowing experienced users to maintain control over ports, protocols, and configurations.

During installation the user has three firewall installation options to choose from:  Firewall Only, and Firewall with Optimum or Maximum Proactive Defense (ie. the Defense+ feature; disabling it will cause Comodo to behave as a two-way firewall only, with no proactive/HIPS functionality). After installation Comodo automatically selects "Safe Mode", which generates numerous popup alerts for applications not in its trusted vendors list (you can browse this list to see if you trust the vendors: go to the Defense+ tab > "Common Tasks" > "View My Trusted Software Vendors"). When you answer "allow" and "remember your answer" to popup alerts for an application, Comodo creates a custom policy for it. Some of its policies are fairly liberal.

In the more liberal "Clean PC Mode", Defense+ automatically treats all applications on your drive as safe (but if any malware is currently hidden on your drive, it too would be considered safe). Applications still receive some minimal monitoring for Comodo's two protected lists ("my protected registry keys" and "my protected COM interfaces") and for running as an executable, or more/less monitoring depending on their custom policy. And new files get sent to a list of files "waiting for your review" in the "Summary" page. Files listed for review will be considered possibly unsafe and will provoke popup messages, as if in Safe Mode, until their custom policies are made.

Comodo limits the frequency of alerts by automatically treating some programs as safe and allowing some applications to access the Internet. You can additionally automate the behavior of Defense+ by one or more of these methods for treating applications as safe:

  • Have it "remember your answer" to all popup alerts when an application first runs, which works for some applications (because some custom policies set this way are close to "trusted" status). But if an application still nags you, click "More Options" in the alert and use the drop down box to select "trusted" or "blocked" (etc.), if available, or set an application to trusted manually ("Defense+" > "Advanced" > "Computer Security Policy" > "Edit..." > "Use a Predefined Policy"), which finally ceases popup alerts and most intrusion prevention for that application.
  • Add files to the lists of "My Own Safe Files" or "My Trusted Software Vendors" in the interface (see the "Defense+" tab), which is most helpful for "Safe Mode" or "Paranoid Mode".
  • Use the "Clean PC Mode" (right-click the tray icon and select it under the "Defense+ Security Level"). But make sure to scan and remove any malware first.

The following exclusive guides from Gizmo's Freeware also contain many useful information about Comodo's settings: How to Install Comodo, How to Tame Comodo Defense+ Without Disabling It, and MC's Mini Tutorial.


Comodo Firewall was reviewed by on