PC Tonic

Fact file -

Comodo Firewall Pro
!!!!!
Available for : Windows Vista / XP
Links : Home | Download.com | FileHippo

Comodo Firewall Pro 3 is easily the most comprehensive firewall you can possibly get. It’s completely free to use but still beats out the best of paid firewalls out there. Version 3 of CFP includes a proactive HIPS tool called Defense+, which monitors odd / malicious behavior in your computer and notifies you of the same. As mentioned in an earlier post, HIPS can be a bit irritating at times because of the excessive number of alerts it causes. I was recently following a what-is-your-favorite-firewall poll on MakeUseOf, where some users (including MUO’s administrator, Aibek) were smug at the continuous alerts that Comodo produced. This is why I felt it necessary to jot down some points on how to minimise the alerts by this tool. I wouldn’t recommend switching over to another free alternative, because there isn’t one that matches Comodo’s standards.

1.Be patient for the first 1-2 days.
HIPS is a learning tool, it analyses every file on your system and asks you to allow / block the ones it can’t recognise. As your system might have thousands of files, it will definitely take some time for Defense+ to cover up all of them. As it keeps on learning, you will notice that the number of alerts come down significantly in a couple of days.

2.Turn on Installation Mode while installing a new software.
Any new software contains a bunch of files which are alien to your computer. This is why you will get repeated alerts from Defense+ as the files get added to Windows (? read HIPS). To stop these alerts, just turn on the Installation Mode momentarily (as shown in the figure). After sometime, Comodo will ask you to turn off the Installation Mode and you can do so.

Similarly, you can set an application as “trusted” so that CFP will include all the files of that software under “My Own Safe Files”.

3.Review pending files once in a while.
Defense+ stores all unrecognised files under “My Pending Files”. Occasionally it may alert you to review these files and mark them as safe or unsafe. Unless you had a recent virus / spyware attack, all the pending files are usually safe and can be transferred to “My Own Safe Files”. You should preferably do this every 4-5 days. This is required only for “Clean PC Mode” and higher security levels (read point 5).

Click to enlarge

4.Hide balloon messages.
If you see balloon pop-ups like “Defense+ is learning …”, you can easily turn them off from Miscellaneous > Settings in CFP.

Click to enlarge

5.Lower the Defense+ Security level.
Let’s say you still get more alerts than you’d like to. To further decrease the alert numbers, open CFP and navigate to Defense+ > Advanced > Defense+ Settings. Decrease the Defense+ Security Level bar from Clean PC Mode (default) to Training Mode. You can simply turn it off as well.

6.The last stand – throw out Defense+.
If you want CFP to behave like a firewall and nothing else, open up the Defense+ Settings again and select “Deactivate Defense+ Permanently”. After a system reboot, Defense+ will be gone. Alternately you can reinstall CFP from the installer file and choose to install just the firewall from the options given. CFP will now behave just like it’s older version and produce only firewall alerts.

I wouldn’t recommend doing this because Defense+ can actually detect and remove all kinds of virus and malware (real-time and on-demand). If your primary antivirus or antispyware fails to catch a malware, chances are Defense+ will detect and remove it. This also applies (to the geeky and daring folk) that you can use CFP as your all-in-one security suite without having to use another antivirus / antispyware, thereby using less system resources.

Have you tried out Comodo Firewall? If yes, how would you rate it and what modifications would you like in it? Feel free to drop a comment and share your thoughts.