Defense + without Firewall?

I would use Comodo's offering if there was a way to do away with the firewall option.

Am behind NAT router with SPI firewall so a software FW isn't really high on my list of priorities/worries.

Pity they didn't just have the Defense + as a standalone HIPS program.
You can turn off the HIPS and just have the FW, pity the option didn't work other way round too?!

 

Isn't it good enough to disable it? Comodo is light on system resources like any other standalone HIPS, so you are not sacrificing anything.

 

Am afraid I will have to disagree with you on that!

I don't think Comodo is light on resources at all comparing it to the likes of OA and standalone HIPs programs like EQsecure, SSM etc.

I also find it confusing that the likes of SSM and ProSecurity (as was) can outperform genuine Firewalls, www.matousec.com, for example, without being a Firewall at all?

Does this mean, as I feel, the need for a Firewall is so reduced that a HIPs package, properly configured, can replace one entirely?

 

I'm running Comodo (with D+ disabled, but firewall with all the exotic functions like "do packed checksum verification" ON) and EQSecure and have been running SSM before for quite long time. And can easily say that latest Comodo is almost as light as them.

Personally I never understood the idea of not having outbound protection. But if I see my face in every person I meet I'll get deadly bored for 1 day So its good that we are different.

BTW, most of the soft tested by Matousec like SSM has some sort of firewall integrated.

 

Smiggy,

The advantage of using Comodo's D+ is that you have a preconfigured HIPS when you set it to clean PC mode. You can also set Comodo to allow all inbound on the firewall. The advantage of D+ over EQS is that you still have the build in white list of Comodo. Comodo has a large development team and is also avilable on Vista64.

When behind a decent configured hardware FW, you can also get an excellent score on leaktest using a sandbox with outbound control of sandboxed aps (GW or SBIE, DW from future version 2.5) and ThreatFire with extra outbound rule.

When you are familiar with SSM (paid) why not keep using it together with its outbound control (for normal aps seeking outbound connection) and SSM's intrusion protection (to stop suspicious leak attemps).

Regards Kees

 

Hi Kees can you point me to your thread where you explain how to make outbound rules for ThreatFire? I cant find it. Thx