Discussion in 'other firewalls' started by Blutarsky, Mar 16, 2007.
Does anyone knows if comodo is CPU hungry?
I have it working fine on 1 pc (xpHome/256Mb-HD) but have the issue you mentioned on another pc (xpPro/767Mb-HD)
Right now Comodo is one of the best firewalls around and even has one of the lowest resources.
So if you want to use Comodo, please do.
It is quick and safe
I had a strange issue with CPU usage a month or two ago. It was the 2.4.17.xxx (I ditched it, don't remember exact build #) version. When using P2P, torrents specifically, CPU usage of cmdagent.exe 'sometimes' (not regulary) suddenly jumps from 2-5% to 70+%. I lurked comodo forums of course, and found out that I was not alone. The possible solution suggested was to turn off monitoring of DLL injections which just didn't seem as a reasonable solution to me. Anyway I decided to keep that build of Comodo running on my system for a few days more, but in a day or two this strange behavior stopped and CPU usage went back to normal, without any specific reason. My immediate decision was to uninstall Comodo at this point, and give it a couple of builds more to mature. I tried the latest and didn't have such issues, but I still prefer waiting for v3.
When using P2P somethimes these things happen. It happens with KIS as well. Also with any other suite or firewall I tested.
Hello The One.
Well I really don't find this normal. I tried a lot of security software also and never had similar issue. These are not occasional peaks as you may think (that can be considered normal), but constant CPU engaging of 70% on user level.
I like the firewall but wont use it because it slows me down to much
I' am using it (188.8.131.52) on my notebook (Pentium M 1.6GHz + 512MB RAM) and as I've noticed that the fan is running more often than in the past, I've checked out what was happening in task manager and I've noticed that cmdagent.exe is one of the top scorers in CPU time. Not CPU spikes but overall CPU time.
To give an idea after a few hours surfing the Internet and downloading I have:
- System idle 2:18:00
- cmdagent.exe 0:3:37 (5GB I/O read)
- flashget.exe 0:3:10 (2GB I/O read)
- explorer.exe 0:2:29
- system 0:1:53
Is it normal
Happens with other firewalls too. ZoneAlarm is a notorious example.
The problem is the large amount of inbound UDP packets.
The workaround (for Comodo) is to switch off "protocol analysis."
If you run Comodo with all the bells and whistles there's quite a bit of redundancy. If you switch protocol analysis off but leave application & network monitoring on, you still have plenty of layers of security.
How to see this total I/O read in Task Manager?
I run Comodo with everything enabled and I rarely see my CPU go above 2%. I've used several other firewalls and on my system (when I'm online) the CPU is usually at a constant 5-7%. As far as my system, Comodo isn't really any more CPU intensive than Kerio 2.1.5, and far less than the newer versions of Kerio or Zone Alarm.
i had tried comodo 2.4 before
and i notice my system is obviously slowdown even i turn off protocol analysis especially when i use p2p application.
the reduced responsiveness of my system is noticeable.
therefore, i switch back to LnS finally.
in task manager, select the process tab, then menu View-> select columns...
Compared to Kerio 2.15 and LnS 2.6, yes it is (even when you turn off ALL the advanced options of Comodo, which combined give it it's well deserved anti-leak status as number one).
Or in other words: the plain network filtering engine of Comodo (all adv. features turned off) is more resource hungry than that of Look'n'Stop or Kerio 2.1x .
Completely different question is: do you have enough CPU & memory resources to spare on your computer. That depends completely on your computers resources and your requirements.
BTW, this has been covered before both here and in Comodo support forums.
And no, I dont think Comodo Firewall pro is a bad firewall because of this.
Ok, I was wondering it he beahviour was by design or not.
I went through Windows Firewall, CHX (a bomb but needs companions), Zone Alarm 6 (fair enough), Look'n'stop 1 (looks tough but not so easy to undesrstand, and boring keeping asking the same questions) now Comodo. Lots of features, awesome user interface. The only concern was about performance... what setting do you keep on?
This is not a workaround! Protocol analysis is Comodo's SPI. I wouldn't switch that off, this is one of the most important features in a firewall. I actually tried to switch off DLL injections as suggested in post #4, and that solved the problem with CPU usage. But what's the point of HIPS in Comodo if you switch off DLL injections? How many leaktests will it pass then? Comodo is designed to pass that leaktests with all its features enabled, right? I would say just one word for Comodo v2.x: Beta (with a capital "B").
The most important feature is blocking unsollicited packets, the second most important feature is ensuring that incoming packets only reach apps that are allowed to receive them.
Protocol analysis is just another layer in a stack of safety nets. Useful to detect a DoS attack, but that's a threat that most users of personal firewalls don't need to worry about.
On the other hand, there's plenty of malware out there that uses DLL injection to bypass application filtering rules. You should only kill Comodos "monitor dll injections" feature if you run an app like ProcessGuard.
I am currently trying out firewalls myself. I have a subscription to Zonealarm pro, but the recent version irritated me, so I tried comodo vs ZAP.
Each time did complete uninstall (from registry and files), crap cleaner, then defragged. All measurements at least 3 times. Again this is my computer, others may differ.
With just XP and nod32 and little else.
shutdown 8 seconds (start>>turn off computer>>reboot).
desktop reappears 61 seconds.
cpu idle at 68 seconds.
IE opens in 3 seconds 1st time, 2nd time 1 second.
Word opens 3 seconds 1st time, 2nd time 1 second.
Outlook express opens 4 seconds 1st, 2nd time 1 second.
With XP, nod32, Zonealarm
shutdown 15 seconds
desktop reappears 80 seconds
cpu idle at 90 seconds
IE opens in 10 seconds 1st time, second time 1 second.
Word opens 5 seconds 1st time, second time 1 second.
Out express opens 8 seconds 1st time, second 1 second.
CPU usage is minimal, 2-3% or less as viewed in taskbar and only that high when opening new web page. resources ~35,000k.
With XP, nod32, Comodo
shut down 25 seconds (repeatable 10 seconds hanging)
desktop reappears 78 seconds,
cpu idle at 87 seconds.
IE same as with XP and nod32 alone, no initial slowdown
Word again no slowdown
Outlook Express, no slowdown.
minimal CPU usage, resources ~23,000k.
On my 1.5 year old duo core amd, comodo (and Zonealarm for that matter) are light on system resources and cpu usage. Those who get high cpu usage usually have software conflicts or corrupted files, like when Vsmon gets corrupted and eats 70% cpu in ZAP.
However, Zonealarm does slow computers down by 1) reboot times 2) scanning engine in version 7 is ridiculously slow in interacting with the first use of any application after reboot, which is the new annoying feature for me. (I have slow anitspyware turned off)
Comodo only issue for me, added 17 seconds to shutdown time, that seemed to be sole reason for slowing reboot, dont know if thats just my computer or typical. Granted most firewalls will add some time to reboot. After the initial learning and scanning apps on setup, comodo wasnt noticeable running on my system, and did not slow any apps. Just the little annoyance of the increased shutdown time.
Hope that helps, I still havent decided myself.
How do you know that all of ZoneAlarm was gone? ZA is well known for leaving lots of junk behind which may cause compatibility issues with other security apps.
A clean backup image of your system would get you more reliable results. And of course restoring a system partition from a backup image takes less time and effort than cleanup and defragging.
Your right, I cant be 100% sure all of ZAP was gone (and like most installed programs probably wasnt). Even though my times reverted to those prior to install, and I used ZAP's version of complete uninstall - copy/paste large file list to search all files then registry after normal uninstall.
Which is why I stated wasnt sure if just my computer or typical for prolonged shutdown time of comodo. If other computers with it shut down in 12-14 seconds or less, than may well have been a remnant of ZAP. Comodo did perform flawlessly without any sluggishness, other than the slight hang in shutdown time on mine.
As an aside, I never use system restore or a backup image, from my experience that can cause as many problems as it fixes. With my backup system, I can reformat, and reinstall back to normal in just few hours.
As I try out more firewalls, and screw my computer up more, I probably will reformat after done. I actually like comodo, if others dont report a slow shutdown, then will try it on a fresh reformat.
Separate names with a comma.