Comodo Help
Find the desired product help
Comodo Internet Security

Comodo Internet Security

Version 5.9/5.10

English

Print Help Download Help
Firewall Tasks-Introduction > Firewall Behavior Settings > General Settings
  • Introduction To Comodo Internet Security
    • Special Features
    • System Requirements
    • Installation
      • CIS Premium Installation
      • CIS Pro-Installation And Activation
      • CIS Complete-Installation And Activation
        • Installing Comodo Internet Security 2012 Complete
        • Activating Online Backup, TrustConnect And Guarantee
        • Installing Comodo Backup
        • Installing Comodo TrustConnect
      • Activating Pro/ Complete Services After Installation
        • Activating Your License
        • Activating Your Guarantee Coverage
        • Renewal Of Your License
    • Starting Comodo Internet Security
    • Comodo Internet Security - Overview Of Summary Screens
      • Comodo Internet Security – Summary
      • Comodo Antivirus – Summary
      • Comodo Firewall – Summary
    • Comodo Internet Security - Navigation
    • Understanding Alerts
  • Antivirus Tasks-Introduction
    • Run A Scan
    • Update Virus Database
    • Quarantined Items
    • View Antivirus Events
    • Submit Files To Comodo For Analysis
    • Scheduled Scans
    • Scan Profiles
    • Scanner Settings
      • Real Time Scanning
      • Manual Scanning
      • Scheduled Scanning
      • Exclusions
  • Firewall Tasks-Introduction
    • View Firewall Events
    • Define A New Trusted Application
    • Define A New Blocked Application
    • Network Security Policy
      • General Navigation
      • Application Rules
      • Global Rules
      • Predefined Policies
      • Network Zones
      • Blocked Zones
      • Port Sets
    • View Active Connections
    • Stealth Ports Wizard
    • Firewall Behavior Settings
      • General Settings
      • Alert Settings
      • Advanced Settings
  • Defense+ Tasks - Introduction
    • View Defense+ Events
    • Trusted Files
    • Unrecognized Files
      • Unrecognized Files
      • Submitted Files
    • Computer Security Policy
      • Defense+ Rules
      • Predefined Policies
      • Always Sandbox
      • Blocked Files
      • Protected Files And Folders
      • Protected Registry Keys
      • Protected COM Interfaces
      • Trusted Software Vendors
    • The Sandbox - An Introduction
      • Unknown Files - The Sand-boxing And Scanning Processes
    • View Active Process List
    • Run A Program In The Sandbox
    • Defense+ Settings
      • General Settings
      • Execution Control Settings
      • Sandbox Settings
      • Monitoring Settings
  • More Options-Introduction
    • Preferences
      • General Settings
      • Parental Control Settings
      • Appearance
      • Log Settings
      • Connection Settings
      • Update Settings
    • Manage My Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
    • Diagnostics
    • Check For Updates
    • Manage This Endpoint
    • Browse Support Forums
    • Help
    • About
  • Comodo GeekBuddy
    • Overview Of Services
    • Launching The Client And Using The Service
    • Accepting Remote Desktop Requests
    • Registration
    • Activation Of Service
    • Uninstalling Comodo GeekBuddy
  • TrustConnect Overview
    • Microsoft Windows - Configuration And Connection
    • Mac OS X - Configuration And Connection
    • Linux / OpenVPN - Configuration And Connection
    • Apple IPhone / IPod Touch - Configuration And Connection
    • TrustConnect FAQ
  • Comodo Dragon
  • Appendix 1 CIS - How To... Tutorials
    • Setting Up Security Levels Easily
    • Setting Up The Firewall For Maximum Security And Usability
    • Blocking Internet Access While Allowing Local Area Network (LAN) Access
    • Setting Up Defense+ For Maximum Security And Usability
    • How To Password Protect Your CIS Settings
    • How To Reset Forgotten Password (Advanced)
    • Running An Instant Antivirus Scan On Selected Items
    • Creating An Antivirus Scanning Schedule
    • Running An Untrusted Program Inside Sandbox
    • Restoring Incorrectly Quarantined Item(s)
    • Submitting Quarantined Items To Comodo For Analysis
    • Enabling File Sharing Applications Like BitTorrent And Emule
    • Blocking Any Downloads Of A Specific File Type
    • Disabling Defense+ And Sandboxing For Specific Files Selectively
    • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
    • Switch Off Automatic Antivirus And Software Updates
    • Suppressing CIS Alerts Temporarily While Playing Games
  • Appendix 2 Comodo Secure DNS Service
    • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Appendix 3 CIS Versions
  • About Comodo Security Solutions

General Settings


Comodo Firewall allows you to customize firewall security by using the Firewall Security Level slider to change preset security levels.

 

The choices available are:

  • Block All

  • Custom Policy

  • Safe Mode (This is default mode)

  • Training

  • Disabled

The setting you choose here is also displayed on the summary screen.




  • Block All Mode: The firewall blocks all traffic in and out of your computer regardless of any user-defined configuration and rules. The firewall does not attempt to learn the behavior of any applications and does not automatically create traffic rules for any applications. Choosing this option effectively prevents your computer from accessing any networks, including the Internet.

  • Custom Policy Mode: The firewall applies ONLY the custom security configurations and network traffic policies specified by the user. New users may want to think of this as the 'Do Not Learn' setting because the firewall does not attempt to learn the behavior of any applications. Nor does it automatically create network traffic rules for those applications. You will receive alerts every time there is a connection attempt by an application - even for applications on the Comodo Safe list (unless, of course, you have specified rules and policies that instruct the firewall to trust the application's connection attempt).

    If any application tries to make a connection to the outside, the firewall audits all the loaded components and checks each against the list of components already allowed or blocked. If a component is found to be blocked, the entire application is denied Internet access and an alert is generated. This setting is advised for experienced firewall users that wish to maximize the visibility and control over traffic in and out of their computer.

  • Safe Mode (Default): While filtering network traffic, the firewall automatically creates rules that allow all traffic for the components of applications certified as 'Safe' by Comodo, if the checkbox Create rules for safe applications is selected.  For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application Internet access by choosing 'Treat this application as a Trusted Application' at the alert. This deploys the predefined firewall policy 'Trusted Application' onto the application.

    'Safe Mode' is the recommended setting for most users - combining the highest levels of security with an easy-to-manage number of connection alerts.

  • Training Mode : The firewall monitors network traffic and create automatic allow rules for all new applications until the security level is adjusted. You will not receive any alerts in 'Training Mode' mode. If you choose the 'Training Mode' setting, we advise that you are 100% sure that all applications installed on your computer are assigned the correct network access rights.

Tip: Use this setting temporarily while playing an online game for the first time. This suppresses all alerts while the firewall learns the components of the game that need Internet access and automatically create 'allow' rules for them. You can switch back to your previous mode later.

  • Disabled: Disables the firewall and makes it inactive. All incoming and outgoing connections are allowed irrespective of the restrictions set by the user. Comodo strongly advise against this setting unless you are sure that you are not currently connected to any local or wireless networks.

Check boxes -

 

Keep an alert on screen for maximum (n) seconds


Determines how long the Firewall shows an alert for without any user intervention. By default, the timeout is set at 120 seconds. You may adjust this setting to your own preference.

Create rules for safe applications - Comodo Firewall trusts the applications if:

  • The application/file is included in the Trusted Files list under Defense+ Tasks;

  • The application is from a vendor included in the Trusted Software Vendors list under Defense+ Tasks; 

  • The application is included in the extensive and constantly updated Comodo safelist.

By default, CIS does not automatically create ‘allow’ rules for safe applications. This helps saving the resource usage, simplifies the rules interface by reducing the number of 'Allowed' rules in it, reduces the number of pop-up alerts and is beneficial to beginners who find difficulties in setting up the rules.

 

Enabling this checkbox instructs CIS to begin learning the behavior of safe applications so that it can automatically generate the 'Allow' rules. These rules are listed in the Network Security Policy > Application Rules interface. The Advanced users can edit/modify the rules as they wish (Default = Disabled).

 

Background Note: Prior to version 4.x , CIS would automatically add an allow rule for ‘safe’ files to the rules interface. This allowed advanced users to have granular control over rules but could also lead to a cluttered rules interface. The constant addition of these ‘allow’ rules and the corresponding requirement to learn the behavior of applications that are already considered ‘safe’ also took a toll on system resources. In version 4.x and above, ‘allow’ rules for applications considered ‘safe’ are not automatically created – simplifying the rules interface and cutting resource overhead with no loss in security. Advanced users can re-enable this setting if they require the ability to edit rules for safe applications (or, informally, if they preferred the way rules were created in CIS version 3.x).

 

Automatically detect new private networks – Instructs Comodo Firewall to keep monitoring whether your computer is connected to any new  wired or wireless network. The firewall will display an alert as shown below on detecting a network, e.g. when you connect to a wired home or office local area network, a Wi-Fi network at an airport, cafeteria and so on.

 


 

You can select the type of new network you are connected to, so that the firewall configuration is optimized for the type of connection. Comodo recommends users to leave this option at its default, enabled setting (Default = Enabled).

 

Show Trustconnect alerts for unsecured wireless networks - If you are connecting to Internet  through a new wireless network, e.g. a Wi-Fi connection at a restaurant, the network needs to be encrypted and secure. Performing your Internet routed activities through an unsecure wireless network proves the risk of exposing your communication and revealing your confidential information to potential hackers.


On detection of  your Internet connection through a new wireless network, Comodo Firewall checks whether the network is encrypted and secure.  If the network is unsecure, the firewall will display an alert as shown below, if this option is enabled.  (Default = Enabled).

 


The alert enables you to secure your connection by using  TrustConnect - secure Internet proxy service that creates an encrypted connection session. For more details, refer to TrustConnect Overview. 

 

Show Trustconnect alerts for public networks - If you are connecting to Internet  through a new wired or wireless network at a public place like an airport or a coffee shop, irrespective of whether the network is wired or wireless, you are exposed to a danger of other people in the same network gaining access to your computer and hack or steal your confidential information. In order to safeguard your connection session against such attempts, Comodo recommends to encrypt your connection using TrustConnect  - a secure Internet proxy service.


Comodo Firewall will display an alert as shown below if you are connecting to Internet through a new network in a public place and select   'I am at PUBLIC PLACE' in the 'New Network Detected' dialog, if this option is enabled.  (Default = Enabled).

 

 

The alert enables you to secure your connection by using  TrustConnect.  For more details, refer to TrustConnect Overview. 

 

Enable IPv6 filtering - Enabling this options means CIS will filter IPv6 network traffic in addition to IPv4 traffic. (Default = Disabled)

 

Background Note: IPv6 stands for Internet Protocol Version 6 and is intended to replace Internet Protocol Version 4 (IPv4). The move is primarily driven by the anticipated exhaustion of available IP addresses. IPv4 was developed in 1981 and is still the most widely deployed version – accounting for almost all of today’s Internet traffic. However, because IPv4 uses 32 bits for IP addresses, there is a physical upper limit of around 4.3 billion possible IP addresses – a figure widely viewed as inadequate to cope with the further expansion of the Internet. In simple terms, the number of devices requiring IP addresses is in danger of exceeding the number of IP addresses that are available. This hard limit has already led to the development of ‘work-around’ solutions such as Network Address Translation (NAT), which enable multiple hosts on private networks to access the Internet using a single IP address.

 

IPv6 on the other hand, uses 128 bits per address (delivering 3.4×1038 unique addresses) and is viewed as the only realistic, long term solution to IP address exhaustion. IPv6 also implements numerous enhancements that are not present in IPv4 – including greater security, improved support for mobile devices and more efficient routing of data packets.


Do not show popup alerts - This option allows you to configure whether or not to show firewall alerts when malware is encountered. Choosing ‘Do not show popup alerts’ will minimize disturbances but at some loss of user awareness. If you choose not to show popup alerts then you have a choice of default responses that CIS should automatically take – either ‘Block Requests' or 'Allow Requests’. (Default = Enabled )

Show traffic animation in the tray - By default, the Comodo Internet Security's 'Shield' tray icon displays a small animation whenever traffic moves to or from your computer.

 

 

If the traffic is outbound, you can see green arrows moving upwards on the right hand side of the shield. Similarly, for inbound traffic you can see red arrows moving down the left hand side. This provides a very useful indicator of the real-time movement of data in and out of your computer. Clear this check box If you would rather not see this animation (Default = Enabled). 


Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.