Comodo Internet Security

A few quick thoughts.
Note: The folllowing is the opinion of the poster (that's me I think).
If you don't agree... that's okay.

For as long as I've been paying attention, COMODO CIS has been an effective firewall with a poor AV which means that D+ is its first line of defense.
This is different to most other effective anti-malware apps which have a fine-tuned, definition-based detector at their core, to which additional tools/techniques have been augmented.

Whitelisting and other techniques may have made D+ less "chatty" but it's still not very smart. So it makes sense to me that in COMODO's ongoing quest for an effective set-and-forget product, that they might "give up" on AV development and make behaviour analysis and/or virtualization of anything not on the clean list, the new first line.

 

I won't agree! They does offer good protection. i have a friend who uses comodo for the last 9 months. I ve gotta say, i've done a scan on his sysem 2days back with KAV 9 just for testing, and it found no viruses. The guy connects a plethora of flash drives daily, so if he has'nt got indected yet then CIS should be good. Its very fast too.

Patiently waiting for Avast!5 Internet Security, So light & fast, efficient

 

Good to hear! I too have friends who use CIS long-term with no apparent infection! I don't believe I said that CIS can't give good protection. My comments relate to its architectural philosophy. (Also, I think this is the first time I've seen the word "plethora" used in relation to a number flash drives. )

Me too. I'm waiting for the next avast! 5 IS Beta. For some reason I can't get my test PCs to boot with the current version.

 

no problem here, I absolutely agree with that. Posted similar suggestion a few times. But they'll never acknowledge it. Competition is for them a priority and they want an AV at any cost. They're extremely good at firewalls and HIPS, and yes behavior analysis and virtualization could well be their next real achievement, I wouldn't be surprised...well let's wait and see that beta And they should definitely leave the AV thing to those who know how to do it, and have been successful for years. The whole problem is that marketing perversion where they all want a complete suite, again, at any cost
On the other hand, some, like Avast, are being more humble and therefore, even if not matching some existing products yet (new components), are in the process of developing good and very interesting new stuff >>> AIS 5 (beta) virtualization and firewall, while providing one of the best AV on the market. This is exactly what Comodo should learn, instead of claiming all over the place that they're the "chosen ones" and the best at doing anything (and nothing): humility.

 

The problem is that the general public have for so long been told that what they MUST have is an anti-virus program.

They probably know to look with Google to find competitive test sites which only test avs, so any security provider is obliged to try to compete with the anti-virus vendors no matter what technology they develop which can make an av irrelevant. Otherwise they will not be able to compete in the mass market because people won't understand what they are getting.

 

yeah I know that was the main argument when CFP + DEF+ came out first (without CAV), but excuse me I'd rather have an AV webshield abort a connection in the first place, than leave to the HIPS the task of dealing with an intrusion. And if sh*t happens, ie the AV missed a threat, I'll be glad to have, with Def+, this second line of defense.

 

Absolutely spot on there,it's all about the public perception

If you look at two of the best security products out there,(Defensewall and Sandboxie),both will offer far more protection than any traditional AV product yet I doubt that more than 3 or 4 out of every 100 people have even heard of them and fewer still know what exactly they do.

 

Sorry my bad ..i meant 'a lot' of flash drives. I'm now using CIS, Its working fine, scanned my 16Gb data in 14minutes.. cool though i have some issues with heuristics

 

Very very true! I think just using DW or SBIE alone would be enough protection for the average user.

Ice

 

2 weeks ago i ve tested CIS_3.13.121240.574_XP_Vista_x64 for W7 64 bit .
I ve installed the firewall and defence+ components and i have found out that the HIPS was useless ,any legitim software that was requesting the browser ,was able to open it in spite of my blocking actions.The settings were on default factory settings.The firewall seemed to be ok but the HIPS was disapointing.
Any new build that works properly with W7 64 bit ,that blocks what you decide to block ?

 

Of course I know both programs...but: if only they had a 64bit version... Only GESwall announced one, if I'm right. From then on the large amount of 64 bit PC users can have a better protection. Shame on the companies that wait and wait and wait with a 64 bit version.

 

sometimes is not the fact they waite and waite but more of the dont have the resources yet.

 

And can you imagine that that can also be because they didn't invest when they could in making 64 bit software? In Linux most of the apps are available in 64bit versions. And at the moment almost every new PC has a 64bit chip. The chicken and the egg story.

 

I agree that the Comodo threads here too often turn unfriendly.

Throughout the past month, I ran CIS 2010 on my primary PC & it performed wonderfully. Ultimately, after several weeks of use (much of it Defense+ learning mode), I decided to uninstall CIS when I discovered that it had accumulated 28,000 registry keys. No exaggeration -- literally twenty eight thousand (plus) keys, representing the array of CIS policy groups/objects/rules. Although this didn't noticeably hamper the overall performance of the PC, I've been on a spree of adding/changing apps lately (and poking around in the registry) so, for the near-term I'm leaving CIS out of the (my) picture.

The install was perfect. During the custom install, I carefully unchecked "HopSurf" etc. I also thinned the (much too generous, too trusting) list of trusted apps/vendors. It respected my elections and installed EXACTLY what I chose -- just firewall component plus Defense+ component. The default D+ ruleset seemed fairly sensible (too trusting, probably intended to minimize popups). The popups are wonderfully clear (informative); I felt that I might recommend it to an "Aunt Nellie" without worrying she would become intimitated by the popups.

During day-to-day use, the informative (and flexible: ask/allow/block, temp or permanent rule) popups began to lose their charm. Temp allow doesn't mean allow ONCE (as it does in Malware Defender), it means "app is allowed to perform this action for the balance of this session, until I close the application". For an 'unknown' app, that seems like a risky prospect -- forcing you to slow down and really think through the implication of allowing each action)(or not, haha).

I wish the app provided a more application-centric interface for creating/managing rules (it's a chore to apply D+ rules for an app then switch tabs, and open multiple sub-windows, so that you can apply firewall rules for the same app) but arguably that's a by-product of design -- interoperable "modular" components which can each be toggled on/off. The degree of granularity available in the Defense+ rules (down to controlling an app's access to individual COM objects) really impressed me... but you need to click to open six separate sub-windows, then wait 45 seconds (consistent delay, throughout my testing) for the list of COM objects to populate.

The current app does have several GUI / usability design flaws, IMO. Too many nested windows ( many of which are TOO SMALL to display the data at hand without requiring a horizontal scrollbar) and windows which are not resizable... but, across several weeks of testing, I never encountered a single bug. Bottom line: although I didn't stick with using CIS, I'm certainly favorably impressed by the app & will be eager to check out the next version release.

 

I think you should take a look through almost EVERY Norton thread.

Nortons winning the most trolled software title of 2009, undisputed champion Very unfriendly places those Norton threads.

 

Me too. Black screen, and nothing else.

 

Just to let everyone know that the Comodo Mods are now testing the Alfa of CIS 4 and the beta should be released shortly after.

 

^great

anyways... which option do you recommend:
http://comodo.andgird.webd.pl/obrazy/cis/inst10.png


and to disable windows defender or not?

 

never used the Comodo DNS; i dont think there arent any WD conflicts its really up to you if you want. i would.

 

I personally don't use comodo, but I did find this.
http://www.myhostnews.com/2009/12/comodo-dns-excels-commercial-broadband-routing/

 

So by posting this you're saying you're FOR it?

 

I tried Comodo a while ago and found detection very poor. However I thought I would try it again and am very impressed with the heursitics on some 0 day malware.

Also I sent in some undetected stuff and the next day detection had been added so looks like the product is improving.

Will run with it for a little while and see how I get on.

Jlo31

 

I may try it too
But my bro always uninstalls Comodo because of D+, he finds it too annoying

 

Having trialled CIS 4 for a couple of days my early impressions have been that it's a significantly quieter product than previous versions.The addition of a sandbox is welcome too.

 

Do you know when the beta version will be avaliable for everybody?