Latest Comodo Firewall vs Latest Sunbelt Kerio Firewall

I am suddenly torn between these two as they each have a Good GUI, and cool features. I realize Comodo passes all the Leak Tests, and even with the Application Behavior Blocking enabled Kerio doesn't. However that feature and the NIPS are a nice addition. I'm also not sure that Comodo offers the level of protection in other areas that the NIPS and Application Behavior Blocking do. They are close in memory usage at least on my PC when I ran each individually, and neither one slowed down the PC or Internet. I know there are many Comodo fans, and that SKPF has had its problems, but the new version of Kerio ran very smooth. Of course so did Comodo, and I think it had the better GUI. Some help would be appreciated.

 

When Comodo V3 comes out. There'll be no contest.

 

Comodo FTW!!!!

 

Comodo (for now)

 

Comodo FP without any doubt...

 

It would depend on whether you have a router hardware firewall, but I have to say that this thing with passing all leak tests is a major blunder. IMO this is not so important feature and very overrated amongst users. It sounds so good, but in reality, outbound protection is a thing suited only for very inexperienced users who hasn't got a clue what is going on with their systems and software, and there is a good chance that you will very rarely need it, if ever. Besides leak-proof, Comodo has a very basic protection for inbound, very basic HIPS, and you have far better alternatives for that. But, if you are behind a router, then Comodo should be fine with that basic inbound. I like trying out different firewalls, and somehow I stuck with Sunbelt Kerio (previous version) for almost a month, whilst Comodo didn't last more than a few days on my machine. Do not take me for granted, this is only my personal opinion, and I will not elaborate this anymore, as I am taking a serious risk here to be flamed by the majority of Comodo followers. I just had to put at least one vote against Comodo. So, go for Sunbelt Kerio for now, and wait for Comodo v3.

Regards.

 

Seer, I am currently just using the AVG Firewall behind a wireless router SPI firewall, but was thinking of using SKPF the NIPS and Application Behavior Blocking that remains in the free version. I know the Application Behavior Blocking can be intrusive for awhile, and that the NIPS may be somewhat limited. However wouldn't these two features still have some effectiveness as far as malware detection and prevention? I also use Cyberhawk as my HIPS.

 

Kerio 4 is a nice firewall, I have had my BSODs with it and the functionality not on par with kerio 2.1.5. kerio 2 is ultimate firewall to me. But now I am in deep doubt.

I just don't like that i feel like someone has a backdoor to my PC. You know I have been mentioning and others reading my posts about kerio 2.1.5's false mask handling regarding blitzen's loopback rule. He told me that is all in my rules When all was so clear to read in my post! Just telling me it is in my ruleset. When it was the loopback rule set to log and resolved to that address.
https://www.wilderssecurity.com/showpost.php?p=946394&postcount=9

I lost credibility on many things, when I found my thunderbird was trying to connect to IP 140.211.166.205 port tcp 443 to some "Oregon State System of Higher Education" after posting to above thread to wilders. Without myself starting that email client, just seeing it on my task manager running! Why not China or anything else but Oregon when my Thunderbird wanted to start on its own? Never found a virus on my system nor any spyware stuff except cookies.
Never noticed this before happening and totally mysterious. To Oregon!
I put that IP to block and log in kerio 2.1.5 and then Firefox did the same thing, alerted me.
And a few other things has happened to me before, months ago, so my credibility to a firewall I love and is most functional of all I have tried is now thin.

I have seen a few things happen before that are strange and would not say such things lightly. I don't use a router as blitzen so strongly advocates.
I also used Comodo, but it was NOT on par with kerio 2.1.5 on functionality.
But maybe better protection as a basic packet filter I only need. Just don't like comodo.

I think going to install kerio 2.1.5 on my new PC, but this time making all the rules myself instead downloading someone elses ruleset. I have my old rules saved as pictures, but it is sad I cannot now rely on my old rule configuration files. And if making them again by hand, should I trust kerio 2.1.5 install file?
These are HARD accusations and I am sorry if I am wrong!!! But I feel a backdoor.
Of course this has nothing to do with sunbelt Kerio I hope. Should be just a fine firewall, but not working as functional as kerio 2.1.5 that my crediblity loss concerns.
Jarmo

EDIT
And I did delete all the md5's, but there was always when I started my kerio 2.1.5 some local temp or something directory file that was there, undeletable. Not able to tell more since this is new PC with no kerio 2.1.5 running.

 

Jarmo,

I would also agree with whoever it was that suggested you use a router. They are not expensive and well worth the added security they provide.

 

Hello duke1959.

My previous post asumed that you don't have a router firewall, and this is why I suggested SKPF as a standalone firewall. But, if you are behind a wireless router, and use Cyberhawk as your HIPS, you are already well off IMO. As I presume you want the best possible outbound protection as well, then go with Comodo, SKPF is not a match there to CPF. Just turn off HIPS and inbound filtering in Comodo, you don't need those with CH and a router. Comodo's behaviour blocking is based on a CRC32 checksum which is inferior to MD5 or SHA-type hashes, so it doesn't really add any protection to CH. I don't see any need for additional protection software with your setup if you, of course, use a good AV also. Comodo's log capabilities are rather modest, and if you want the most comprehensive logs, go with Outpost, it also rates well with leak tests.

Regards.

 

I'm installing it now. I'll try to see why you say Comodo's inbound is basic, but i prefered if you could say why you think so.

 

Me too...

 

Well, it is not basic, the HIPS is basic, I know you have the ability to filter the IPs as well as the ports in Comodo, but if you are behind a router, than it's obsolete.

 

Oh, ok
I can even say it does not have HIPS, it has some abilities in that department. v3 will have that in full.

 

Not obsolete, but could be redundant...

But even if could be redundant, you will have another layer of protection if your router failed...

 

Sorry guys, my bad, I tend to be quick sometimes. Comodo is a fine packet filter, but the application control and logs are realy a joke.

Cheers.

 

I agree with you that it needs a lot of work, but let we see what will happen on v3.0...

 

I stated something similar in post #10 on this thread.

 

I also agree with this, as I already said a lot of times on Comodo Forum...

 

Also, VaMPiRiC_CRoW,

thanks for correcting my terminology, "obsolete" realy means "old-fashioned", that's certainly not what I meant. Yes, "redundant" is the correct term.

Cheers.

 

Thanks The Seer. I will most likely stick with my current set up at least for awhile. I just really wanted a firewall with better logging info than AVG FW. tak care and thanks again.

 

You're welcome, duke1959.

 

First question: where are the network rules? Is it all checkboxes and application permitions?
And a statement: SandboxIE crashed. Looks like KPF won't stay for long.

 

Ok Comodo's logging is a joke. Application control seems to be ok to me. However, exactly what do you mean by "Basic incoming protection"? Don't all firewalls have this. Is there an Advanced incoming firewall protection? Personally I think that if you have a Router the No Leak attributes of Comodo are a Very big Plus. Nothing gets past most routers anyway. I used to use Kerio & I never liked it much. Maybe the new Kerio has hips but the old versions never did. Kerio also leaks. If you use a network I think you need to pay the 20.00 for networking. am I correct in this thinking? To my way of thinking Comodo is a better firewall than Kerio ever was. It is also free & as far as I am concerned works a lot better than a lot of other firewalls that you pay for! I really don't care whose firewalls I use as long as they work & cause no trouble. Comodo does this. Sure it could be better but it does the job for me.

 

I have Kerio version 4.3.246 and unless my latest uninstall and reinstall - as per Sunbelt Tech Support - corrects the weekly BSODs it causes, as confirmed by the minidumps, I am flushing it down the toilet. And to think I dumped ZA Pro for this, though ZA Pro was a system hog but at least it didn't crash my system. The previous version Of Sunbelt Kerio was even worse for BSODs.

Duke1959, what version of Kerio were you considering?

I have a router, NOD32, and Spysweeper -- what else do I need? (Sorry for the hijack)