How to set up Comodo Firewall - before there were only antiviruses. Installing and configuring Comodo Firewall Best settings for Comodo Firewall

This lesson is a continuation of the article: Firewall.

So we found and downloaded latest version Comodo Firewall. Only one firewall can be installed on a computer. Therefore, in order to avoid interprogram conflicts, the built-in windows firewall should be disabled. How to turn off the Windows XP and Wiindows 7 firewall can be found in previous lessons: and. But, when we install Comodo Firewall, this is not necessary. The firewall installation wizard will automatically disable the built-in Windows firewall.

The firewall controls the attempts of applications to communicate on the network. The illustration shows how the firewall intercepted the attempt software Nokia phone go online. This desired application, so click the "Allow" button:

One of the first things to do is to allow connections. system components"Windows alg.exe" and "svchost.exe". They are needed to connect to the network. Once installed, Comodo Firewall will set up alerts for various programs over and over again. If the application is known to us, we allow the connection request. If there is any doubt and the program seems suspicious, press the "Block" button. By checking the "Remember my choice" checkbox, we fix our choice for this application. And the next time you connect, the notification window for this program will not appear. You need to act carefully. Only programs known to us can allow connections and fix selections. If you click on the name of the application, the program properties window will open.

Also, the firewall notifies you of incoming connections:

The following illustration shows how Comodo Firewall intercepted an incoming packet for a popular peer-to-peer client:

At first, the firewall alerts are a little annoying. But we make our choice and over time they become less and less.

Malicious programs can masquerade as harmless software in order to trick the firewall and get permission to connect. Therefore, you need to regularly scan your machine with an antivirus program. You can read more about the choice and operation of an antivirus.

Now let's move on to the firewall settings.

Open Comodo Firewall like any other application by double-clicking on the desktop icon or the notification area icon. The main program window appears with open tab"Summary":

It displays traffic information and system status. By clicking on the connection numbers, you can view the details of active network connections. Clicking on the "Stop all connections" button will stop all network activity. You can use this function in case of inappropriate behavior of the system - suspicions of interference in the work of programs. For example, the system hangs for a long time and does not respond. This may be due to the network activity of some malicious application. By blocking traffic, you can find out the cause and determine the program that poses a threat. All connections are enabled by pressing the same "Restore all connections" button.

The firewall operation mode can be changed by opening the drop-down list with the " Safe mode".

"Block all" - a mode that does not allow any network activity - the equivalent of the "Stop all connections" button.

"Custom policy" is a hard mode in which the firewall will display an alert for every program that connects to the Internet. Here, you need to create program policies yourself - clearly understand which applications can allow connections.

"Safe Mode" is set by default and is universal. The firewall applies user policies - performs user settings for individual programs, and also allows network exchange for applications that it considers safe. There will be few notifications and the firewall will not be very distracting.

"Learning mode" is assigned when you need to observe various applications without interfering with their work. Here, Comodo Firewall determines program policies on its own without displaying any alerts.

In the "Inactive" mode, the firewall is disabled. You have to turn off the firewall in case of an obvious inter-program conflict, for example, with an anti-virus program or another firewall.

The next tab "Firewall" contains firewall settings. "Firewall Event Log" - "log" reflects all events - firewall reactions to the network activity of various programs.

"Add trusted application" allows you to select the desired application and add it to the allowed ones.

"Add blocked application", on the contrary, makes it possible to add the selected application to those blocked for connection.

The "Network Security Policies" section opens a window where you can select one of the predefined application policies or create your own.

In the Active network connections" shows programs showing in this moment network activity.

"Hidden Ports Wizard" - with these settings you can hide certain ports and make the computer invisible on selected networks.

"Firewall Settings" is a window for selecting the operating mode, duplicating the drop-down list on the "Summary" tab. Also, set the "Safe Mode" slider and check the box "Create rules for secure applications":

The next tab "Protection +" contains functions for managing proactive protection. When installing a firewall, proactive protection is enabled by default. Proactive Defense is another layer of protection that controls the behavior of programs and prevents system infections. Proactive defense settings are basically similar to firewall settings.

The item "Run the program in the Sandbox" makes it possible to run a dubious application in a kind of "sandbox". Working in isolation in this protected area, the malware will not be able to harm the system:

The "Proactive Defense Settings" item opens the window of proactive defense modes. And, briefly, let's go through these settings.

The "Paranoid" mode implies that the protection is paranoid suspicious of any network activity. Proactive Defense will issue an alert every time any application tries to establish a connection.

In safe mode, the protection applies the policies set by the user, and also allows the activity of applications that it considers safe.

In the "Clean PC" mode, protection unconditionally trusts all programs installed on the computer and requests connection permissions only for newly installed applications.

"Learning mode". In this mode, the protection does not issue alerts and monitors itself.

"Protection disabled." In this mode, proactive defense is disabled. You don't need to disable protection. The optimal solution protection will be set to safe mode.

On the "Miscellaneous" tab are additional settings firewall. You can see them yourself. The review, and so, turned out to be voluminous. The main thing is that Сomodo Firewall is a very reliable, flexible, Russian-language and free firewall. Comodo Firewall in conjunction with a good antivirus program will provide a comfortable and safe work online.

Details about work and choice antivirus program read .

Antivirus with advanced network protection Comodo Internet Security is loved by many advanced users, but has traditionally been considered difficult and inconvenient to set up initially. And the number of alerts that require immediate resolution is much higher than that of automatic security suites like Norton Security or Bit Defender. But if you spend a little time on the initial fine-tuning Comodo, they will be able to work with it and ordinary users who do not want to delve into the intricacies of the work network protocols or technology antivirus protection. This is what we will try to figure out today.

After fine-tuning Comodo, ordinary users will be able to work with it

What to pay attention to when installing

1. Check the box "I want to use cloud-based application behavior analysis ...". Thus, you will entrust the adoption of routine decisions on the permission / prohibition of many operations to the user community. This will slightly reduce the level of security, but will make the work much more comfortable.
2. Whether or not to send statistics about the use of the application depends on your desire. But many users prefer to do without it.
3. On the screen for selecting components to install, check the boxes "Comodo Antivirus" and "Comodo Firewall". The rest can be safely turned off.
4. Be sure to uncheck the "If possible, do not show alerts that require the user to make a security decision" option.

What to do immediately after installation

1. Update the anti-virus databases (the "Update" icon at the bottom of the main screen).
2. Select the “InternetSecurity” configuration (“Basic Settings” - “Configuration”), then click the “Enable” button in the bottom pop-up panel.
3. In the same place, click the "Export" button and save the settings in a safe place.
4. After that, click Import, select the settings you just saved, and give a name to your own variation. Then select it in the list and click "Enable". This is necessary so that the original configuration from the manufacturer remains untouched.

Restart your computer after updates

1. Disable the useless desktop widget (right-click on the tray icon, select "Widget", uncheck "Show").
2. Reboot your computer.

"Security settings", section "Antivirus"

Leave the heuristic analysis level on "Low"

• Selecting "Do not show alerts" will help inexperienced users quickly get used to the program settings, but it is better not to use it all the time.
• Leave the heuristic analysis level on "Low", otherwise you risk drowning in a pile of messages and warnings.
• Make an exception for the folder that contains files downloaded from the Internet, the working directory of the torrent client, and the section with installation packages. To do this, in the lower pop-up panel, select "Add", "Folders" in sequence, mark the desired directory and click "OK". This will significantly increase the comfort of working with an active network life.

Cancellation of the desired directory will increase the comfort of work

"Security settings", section "Protection +"

• "HIPS settings". The recommended operating mode is "Safe". The checkbox "Create rules for secure applications" is best left enabled.

• Sandbox settings. If you are sure about the safety of certain executable files, you can add them to an exception (click the line "Do not virtualize access to the specified files and folders"). The rest of the settings are best left untouched.

Confident in the safety of files, add them to the exclusions

• Viroscope. Useful and desired system dynamic behavior analysis running programs. Sometimes it may not work quite correctly, then it is better to disable it until the reasons for the failure are clarified (untick the “Use Viruscope” checkbox).

Useful dynamic analysis system

"Security settings", "Firewall" section, "Firewall settings" block

This item should be given maximum attention, since one incorrectly set option can lead to serious consequences.

• A custom set of rules for filtering traffic provides maximum protection, but at the initial stage of configuration, it requires increased attention from the user. "Safe Mode" provides a slightly lower level of protection, but displays far fewer warnings.
• The “Create rules for safe offers” checkbox will turn Comodo into a full automaton, so if you are not ready to carefully read every warning, you can set it. In all other cases, the field should be left blank.
• Activated advanced settings ("Enable IPv6 traffic filtering", "Block fragmented IP traffic", "Analyze protocol" and "Enable ARP spoofing protection") provide additional security, but sometimes lead to problems. Use at your own risk.

Pay maximum attention to configuring this option

"Security settings", section "File reputation"

• File reputation settings block. Here it is better to trust the default settings, and if you want to get rid of some of the requests, check the "Do not show alerts" checkbox.

Leave the default settings

Additional settings

They are not necessary, so they should be used with some caution, and in case of unstable operation, return everything to its original state.

HIPS tab, HIPS settings section:

• We increase the notification time to the maximum - 999 s.
• Activating the item “Adapt the mode of operation when system resources are low” improves stability, but negatively affects the speed of the program.
• The item "Enable enhanced protection mode" makes sense only for 64-bit operating systems.
• If you are using software emulators (Daemontools, VMware, Alcohol), add the appropriate directories to the exceptions: the "Detect shell code injection" item.

"Security Settings", "Protection+", "Auto-Sandbox":

The efficiency of virtualization technologies implemented in Comodo is quite high, but due to the high resource intensity on weak computers possible problems. In this case, we do the following:

• For all objects with the "Unidentified" reputation, select the "change" item in the pop-up panel, and check "Block" in the "Action" line.

Using a torrent client

For its normal operation, it is required not only to give executable file full access, but also add a special global rule. We select in sequence “Security Settings”, “Firewall”, “Global Rules”, after which we click “Add” on the pop-up bottom panel and assign a policy:

• Action: "Allow", the checkbox "Log operation in the log" should remain unselected.
• Protocol: Check "TCP or UDP".
• Direction: Outgoing and Incoming.
• Description: Doesn't matter.
• Destination port tab. Specify the number specified in the uTorrent settings.
• When everything is ready, move the newly created rule to the very top of the list.

Attention! If, as a result of erroneous actions, the program has ceased to function normally, select "General settings", "Configuration", check the item "COMODO-InternetSecurity" and click "Enable".

We thank him and provide instructions on how to set up the Comodo firewall for maximum protection.

Introduction

According to these settings, I would like to note that, despite their "maximum", working at a computer does not cause any particular paranoia - everything is rather moderate: once you have created rules for a program / application, requests are no longer received for configured programs. It is clear that this mode more suitable for advanced users.

The second point - testing was carried out, both in tandem with avast! Free Antivirus, and without it. The result, as noted, was 100% in both cases (despite the fact that the screenshots have avast antivirus!, and without it, the Comodo firewall passed all tests 100% on these settings).

Moreover, with avast! and using these settings for Comodo Firewall - the antivirus simply does not have time to start working, since Comodo Firewall performs all the blocking.

In addition, in the "PC Security Test 2011" test, Сomodo Firewall blocked the first stage of the "Antivirus Proteсtion Test", closing the possibility of placing virus files in the system, although in fact this is the work of an antivirus (for example, in the Online Armor + avast! this work on passing the first part of this test, avast!).

As a result, Comodo Firewall, so to speak, does not allow the antivirus to work, as it simply blocks the possibility of viruses penetrating the system. Those. it can be noted that the reaction of Comodo Firewall to threats is very fast (although it is clear that this is synthetic). However, the PC Security Test is 100% (as well as the rest of the passed tests) I have not yet passed a single product from many vendors (such as Kaspersky Internet Security, Norton Internet Security, Emsisoft Internet Security, McAfee Internet Security, Bitdefender Internet Security, avast! Internet Security, etc.). I think that although it is synthetic, it is still very significant.

System used in setup testing: Windows 7 PRO 64-bit SP1, 1.65GHz Dual-core AMD processor, 4GB memory (3.6GB available).

With these settings in Proactive Security mode, Comodo Firewall passes 100% synthetic tests such as:

1) Anti-test
2) PC Security Test 2011
3) PC Flank Leaktest
4) CLT
5) SSS
6) FireWallTest
7) Mini Security Test

Comodo Firewall 2013 Settings

1. Advanced settings -> General settings -> Configuration

2. Advanced Settings -> Security Settings -> Security+ -> HIPS -> Behavioral Analysis

Uncheck "Automatically run in Sandbox detected unknown application and handle it like"

Click to enlarge image

3. Advanced Settings -> Security Settings -> Firewall -> Firewall Settings

We switch the firewall to the "Custom rule set" mode so that any network event in the system prompts you to set your own rules manually.

In the "Advanced settings" field, check all the checkboxes opposite:
- Enable IPv6 traffic filtering
- Enable filtering of loopback traffic (for example, 127.x.x.x, ::1)
- Block fragmented IP traffic
- Analyze protocol
- Enable ARP spoofing protection

Click to enlarge image

4. Advanced Settings -> Security Settings -> Firewall -> Global Rules

Click to enlarge image

5. Advanced Settings -> Security Settings -> File Rating -> File Rating Settings

Trust applications signed by trusted vendors
- Trust apps installed with trusted installers

Click to enlarge image

As they say, the flight is normal, only the product is paid and after 30 days it will stop working, it will ask for money. Tell me, is there any free firewall of the same quality.

Hello friends! Today's article is about the popular and free Comodo Firewall.

Security software from the Comodo Group developer company has gained popularity in the software market due to the presence in software products three important components - the demanded scope, simplicity and convenience of the interface, as well as free distribution. Separately, it is worth noting the flexibility of the approach of developers. So, a software package for protecting a computer, consisting of an antivirus, a firewall, a Sandbox (Sandbox) and other modules, can be installed both as a whole and selectively by installing only individual modules of either the Comodo AntiVirus antivirus or the Comodo Firewall firewall into the system. It is the latter that will be discussed in more detail below. Consider the features of the Comodo Firewall, how to install this program and how to configure it.

Tasks and features of Comodo Firewall

Firewall Comodo Firewall, despite the fact that the product is free, provides complete protection for your computer against network threats. Moreover, it has repeatedly become the winner of various tests conducted by software Internet resources in order to identify the best software solution Firewall class. Comodo Firewall is able to protect against hacker attacks and malware spreading over the network at a level with paid advanced firewalls like Outpost Firewall Pro. To put it simply, you will not find software of the same quality, and even more so free, on the software market..

Comodo Firewall analyzes the suspicious activity of programs on the computer and checks all their active components, blocking the launch of everything that can harm the computer. Thanks to Stealth program mode mode computer made invisible to port scanning by malware. Comodo Firewall automatically detects the computer's trusted zones, that is, those folders and files that are authorized to be shared on a home or local network.

Unlike its counterpart - which does not coexist in one system with every antivirus, Comodo Firewall is more loyal in this regard. Even if you don't like the specifics or performance of the Comodo AntiVirus module, you can install any other antivirus because Comodo Firewall generally does not conflict with third-party security software.

Several modes of operation and flexible settings of Comodo Firewall will allow both beginners and more experienced users to configure the desired behavior of the firewall.

Installing Comodo Firewall

Run the downloaded Comodo Firewall installer.

The installation process is somewhat different from the standard one, since it initially involves setting some parameters for the program to work. After choosing the language of the program, we will see the installation wizard window, where you need to select some options. Your E-Mail is optional.

You can leave all the preset options without changing anything only in such cases:

When it comes to a productive computer or laptop and a high-speed Internet connection;

You fundamentally want to participate in the improvement of security software, in particular Comodo products, so that the company improves user protection;

You don't trust your ISP's DNS.

A window will open with options for installing the program, where the developer, hoping that you will hastily carry out the installation and will not delve into the installation settings, has prepared in addition to Firewall Comodo Firewall automatic installation of two more programs - this is a client technical support from Comodo developer GeekBuddy, and Comodo Dragon, a highly secure web surfing browser. There is no point in contacting the first program for those who do not know in English and is not going to pay for technical support from Comodo at the end of the free period. Another program - the Chromium-based Comodo Dragon browser - you can download for free on the Internet and install at any other convenient moment when the question of changing the browser arises.

Now you can safely press the "Forward" button.

In the next window, we are forced to install Yandex elements along the way and the omnipresence of this search engine in the browser. We will refuse this service, since it can hardly be called a missed opportunity in life. Click the installer button below.

The program will install. After launching it, we will see that a computer restart is required. Click the "Fix" button.

Launch Comodo Firewall

The computer will restart, and we will find a lot of Comodo Firewall windows on the desktop - information about Comodo technologies, a gadget of the program and a window presets firewall, where we need to specify which network the computer is connected to - home, work or a network in a public place, for example, with a Wi-Fi access point.

After that, Comodo Firewall will be minimized to the system tray, from where the program interface can be called at any time.

Any actions performed on the computer for which the firewall has not yet created a rule must be approved, unless, of course, we are talking about unauthorized launch.

You will have to approve the launch of each unknown Comodo Firewall program on the computer until the firewall develops for itself the rules of behavior for each of the launched programs. Of course, at first you have to tinker, but this is actually a small price to pay for the ability to control network connections.

Configuring Comodo Firewall

The Comodo Firewall program is designed for a wide range of users, including beginners, and the computer will be safe even with the settings preset by the developer. But for more experienced users, it will certainly be interesting to use the capabilities of Comodo Firewall to enhance computer protection.

We launch the firewall using its shortcut in the system tray. In the main window that opens before us, we see the status of the program - the computer is protected. We also see the number of network intrusions, the number of blocked intrusions, software updates.

With the button on the left upper corner we can switch to displaying a detailed summary by the program. And then back to the summary view again.

In the main window of Comodo Firewall is the option "Game Mode". Game mode is basically full screen mode not only in games, but also when watching videos, as well as in any other applications that are displayed in full screen. When switching to this mode, the firewall will not bother us with its notifications and will make all decisions itself.

To open the advanced firewall settings, in the main Comodo Firewall window with a detailed summary, click the Firewall link.

Detailed firewall settings will open, where you can change certain preset parameters.

You can, for example, at the top of the settings window, change the preset "Safe Mode" of the firewall when it is allowed network activity programs that are on the list of trusted ones, and Comodo Firewall does not pull on other modes for every reason. For example:

"Complete blocking" - in this mode, any network activity is excluded. This mode is simply an indispensable thing in case a computer is infected with a virus.

“User rule set” - as the name of the mode implies, it provides for strict control and participation of the user in decision-making on each network request for which there are no previously set rules.

"Learning mode" - in this case, Comodo Firewall does not interfere with the activity of running programs, but only monitors events.

firewall Comodo Firewall since version 3.5 it is included in the free comprehensive protection of Comodo Internet Security and can be installed as a separate component.

Comodo Firewall is designed to protect users of PCs running Windows, and its capabilities are almost as good as similar products, including individual commercial developments.

The interface is extremely simplified, but at the same time provides all the necessary features and functions.

Main components of Comodo Firewall

Key features of Comodo Firewall

Multifunctional firewall - firewall

Comodo Firewall provides high level protection against incoming and outgoing threats. Thus, you get the most effective protection against hackers, malware and identity theft. Now the firewall has been improved by adding new features:

• Stealth Mode to make your computer completely invisible to port scanning;
• Automatic detection trusted zones based on master;
• Predefined firewall policies allow you to quickly apply the necessary security rules;
• Diagnostics to analyze the system for possible conflicts with the firewall and much more.

Behavior Blocker

• Checking the integrity of each program before allowing it to be loaded into the computer's memory;
• Performs "cloud" behavior analysis for immediate malware detection;
• Warns you every time unknown or untrusted applications try to start or install;
• Blocks viruses, trojans and spyware before they can access your system;
• Prevents unauthorized modification of critical system files and records Windows Registry;
• Includes an automatic sandbox feature that completely isolates untrusted files from the rest of your computer

HIPS Intrusion Prevention System

• Virtually impenetrable protection against rootkits, process injections, keyloggers and other zero-day threats.
• The free Comodo firewall monitors the activities of all applications and processes on your computer and allows files and processes to run if they comply with the prevailing security rules.
• Stops malware activity by stopping any activity that could cause damage operating system, system memory, registry or personal data.
• Allows advanced users to enhance security by quick creation custom policies and rule sets using a convenient and powerful rules interface.

Virtual kiosk

• A virtual sandbox environment for running programs and browsing the Internet, isolated from your real computer. Applications and web browsers work inside the kiosk without leaving any cookies or history on real system, making it a secure environment for online banking and online shopping.
• Prevents the installation of viruses, rootkits, and spyware to your computer and provides protection against hacking.
• Includes virtual keyboard which allows the user to enter numbers securely credit cards and passwords without fear of programs for intercepting input data (keyloggers).
• The virtual kiosk in Comodo Firewall allows advanced users to run beta versions of programs in an isolated environment that will not break the stability or file structure of the real system.

Viruscope

This is a system that allows you to dynamically analyze the behavior of running processes and keep a record of their activity. Viruscope monitors the activities of processes running on your computer and alerts you if they attempt to perform suspicious activities.

Internet Security Essentials

The SSL certificate verification tool protects against fake (phishing) sites that try to steal sensitive information.