Comodo Help
Find the desired product help
Comodo Internet Security

Comodo Internet Security

Version 8.4

English

Print Help Download Help
Appendix 1 CIS How To... Tutorials > Set Up The Firewall For Maximum Security And Usability
  • Introduction To Comodo Internet Security
    • Special Features
    • System Requirements
    • Installation
      • CIS Premium – Installation
      • CIS Pro - Installation And Activation
      • CIS Complete - Installation And Activation
      • Activating CIS Pro/Complete Services After Installation
        • Activating Your License
        • Activating Your Guarantee Coverage
        • Renewal Of Your License
    • Starting Comodo Internet Security
    • The Main Interface
      • The Home Screen
      • The Tasks Interface
      • The Widget
      • The System Tray Icon
    • Understanding Security Alerts
  • General Tasks – Introduction
    • Scan And Clean Your Computer
      • Run A Quick Scan
      • Run A Full Computer Scan
      • Run A Rating Scan
      • Run A Custom Scan
        • Scan A Folder
        • Scan A File
        • Create, Schedule And Run A Custom Scan
    • Instantly Scan Files And Folders
    • Processing Infected Files
    • Manage Virus Database And Program Updates
    • Manage Quarantined Items
    • View CIS Logs
      • Antivirus Logs
        • Filtering Antivirus Logs
      • Viruscope Logs
        • Filtering Viruscope Logs
      • Firewall Logs
        • Filtering Firewall Logs
      • Defense+ Logs
        • Filtering Defense+ Logs
      • Website Filtering Logs
        • Filtering Website Filtering Logs
      • Alerts Logs
        • Filtering Alerts Displayed Logs
      • Tasks Logs
        • Filtering Tasks Logs
      • Configuration Changes Logs
        • Filtering Configuration Changes Logs
    • Get Live Support
    • View Active Internet Connections
    • View Sandboxed Processes List
  • Firewall Tasks – Introduction
    • Allow Or Block Internet Access To Applications Selectively
    • Stealth Your Computer Ports
    • Manage Network Connections
    • Stop All Network Activities
    • Advanced Firewall Settings
  • Sandbox Tasks – Introduction
    • The Virtual Desktop
      • Starting The Virtual Desktop
      • The Main Interface
      • Running Browsers Inside The Virtual Desktop
      • Opening Files And Running Applications Inside The Virtual Desktop
      • Configuring The Virtual Desktop
      • Closing The Virtual Desktop
    • Run An Application In The Sandbox
    • Reset The Sandbox
    • View Active Process List
  • Advanced Tasks – Introduction
    • Create A Rescue Disk
      • Downloading And Burning Comodo Rescue Disk
    • Remove Deeply Hidden Malware
    • Submit Files
    • Identify And Kill Unsafe Running Processes
    • Manage CIS Tasks
  • Advanced Settings
    • General Settings
      • Customize User Interface
      • Configure Program And Virus Database Updates
      • Log Settings
      • Manage CIS Configurations
        • Comodo Preset Configurations
        • Importing/Exporting And Managing Personal Configurations
    • Security Settings
      • Antivirus Settings
        • Real-time Scanner Settings
        • Scan Profiles
        • Exclusions
      • Defense+ Settings
        • HIPS Settings
        • Active HIPS Rules
        • HIPS Rule Sets
        • Protected Objects
          • Protected Files
          • Blocked Files
          • Protected Registry Keys
          • Protected COM Interfaces
          • Protected Data Folders
        • HIPS Groups
          • Registry Groups
          • COM Groups
        • Sandbox
          • The Sandbox - An Overview
            • Unknown Files - The Scanning Processes
        • Configuring The Sandbox
        • Configuring Rules For Auto-Sandbox
        • Viruscope
      • Firewall Settings
        • Firewall Settings
        • Application Rules
        • Global Rules
        • Firewall Rule Sets
        • Network Zones
          • Network Zones
          • Blocked Zones
        • Port Sets
        • Website Filtering
          • Creating And Modifying Website Filtering Rules
          • Defining And Modifying Website Categories
      • Manage File Rating
        • File Rating Settings
        • File Groups
        • File List
        • Submitted Files
        • Trusted Vendors List
  • Comodo GeekBuddy
    • Overview Of Services
    • Activation Of Service
    • Launching The Client And Using The Service
    • Accepting Remote Desktop Requests
    • Chat History
    • Using Free Diagnostic Reports
    • Scanning My PC
    • Uninstalling Comodo GeekBuddy
  • TrustConnect Overview
  • Chromodo Browser
  • Appendix 1 CIS How To... Tutorials
    • Enable / Disable AV, Firewall Auto-Sandbox And Viruscope Easily
    • Set Up The Firewall For Maximum Security And Usability
    • Block Internet Access While Allowing Local Area Network (LAN) Access
    • Block/ Allow Websites Selectively To Users Of Your Computer
    • Set Up The HIPS For Maximum Security And Usability
    • Create Rules For Auto-Sandboxing Applications
    • Password Protect Your CIS Settings
    • Reset Forgotten Password (Advanced)
    • Run An Instant Antivirus Scan On Selected Items
    • Create An Antivirus Scanning Schedule
    • Run Untrusted Programs In The Sandbox
    • Run Browsers Inside Sandbox
    • Run Untrusted Programs Inside Virtual Desktop
    • Run Browsers Inside The Virtual Desktop
    • Restore Incorrectly Quarantined Item(s)
    • Submit Quarantined Items To Comodo For Analysis
    • Enable File Sharing Applications Like BitTorrent And Emule
    • Block Any Downloads Of A Specific File Type
    • Disable Auto-Sandboxing On A Per-application Basis
    • Switch Between Complete CIS Suite And Individual Components (just AV Or FW)
    • Switch Off Automatic Antivirus And Software Updates
    • Suppress CIS Alerts Temporarily While Playing Games
    • Renew Or Upgrading Your License
    • How To Use CIS Protocol Handlers
  • Appendix 2 - Glossary Of Terms
  • Appendix 3 - CIS Versions
  • About Comodo Security Solutions

Set up the Firewall For Maximum Security and Usability

 

This page outlines the functions of Comodo's Firewal and helps you to set up a secure connection to the Internet.


Stealth Ports Settings


Port Stealthing is a security feature whereby ports on an Internet connected PC are hidden from sight, sending no response to opportunistic port scans.

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface

  3. Open Stealth Ports interface by clicking the 'Stealth Ports' icon  from the Firewall Tasks panel




  1. Select 'Block Incoming Connections' to make computer's ports are invisible to all networks

Click here for more details on Stealthing your Computer Ports

 

Network Zones Settings

 

The 'Network Zones' settings allow you to configure the protection level for network connection to a Router/home network. (This is usually done automatically for you).

 

To view the configurations

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.

  3. Click 'Network Zones' under Firewall from the left hand side pane

  4. Click 'Network Zones' tab from the 'Network Zones' interface





Check the Loopback zone and Local Area Network #1. In most cases, the loopback zone IP address should be 127.0.01/255.0.0.0


In most cases, the IP address of the auto detected Network zone should be 192.168.1.100/255.255.255.0 .

  1. Check these addressees and click 'OK'.

Click here for more details on Network Zones settings

 

Firewall Settings


The Firewall Settings option allows you to configure the protection level for your Internet connection and the frequency of alerts generated.

 

To open Firewall Settings panel

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.

  3. Click 'Firewall Settings' under Firewall from the left hand side pane

  4. Ensure that 'Enable Firewall' is selected and choose Safe mode from the drop-down beside it.




Safe Mode: While filtering network traffic, the firewall will automatically create rules that allow all traffic for the components of applications certified as 'Safe' by Comodo. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application Internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.

 

Alert Settings

 

Under 'Alert Settings' in the same interface:

  • Deselect Do NOT show popup alerts

  • Select 'Set alert frequency level' option and choose 'Low' from the drop-down. At the 'Low' setting, the firewall shows alerts for outgoing and incoming connection requests for an application. This is the setting recommended by Comodo and is suitable for the majority of users.




Advanced Settings

 

When launching a denial of service or 'flood' attack, an attacker bombards a target machine with so many connection requests that your computer is unable to accept legitimate connections, effectively shutting down your web, email, FTP or VPN server. To protect from such attacks, make the following settings under 'Advanced' in the 'Firewall Settings' interface:

  • Select Filter loopback traffic

  • Ensure that the Block fragmented IP traffic is selected

  • Block fragmented IP traffic - When a connection is opened between two computers, they must agree on a Maximum Transmission Unit (MTU). IP Datagram fragmentation occurs when data passes through a router with an MTU less than the MTU you are using i.e when a datagram is larger than the MTU of the network over which it must be sent, it is divided into smaller 'fragments' which are each sent separately. Fragmented IP packets can create threats similar to a DOS attack. Moreover, these fragmentations can double the amount of time it takes to send a single packet and slow down your download time.

  • Select the Do Protocol Analysis checkbox to detect fake packets used in denial of service attacks

  • Select Enable anti-ARP spoofing




  1. Click 'OK' for your settings to take effect.

Click here for more details on Firewall Settings

Setting-up Application Rules, Global Rules and Predefined Firewall Rulesets


You can configure and deploy traffic filtering rules and policies on an application specific and global basis and predefined firewall rulesets.

 

To view the Application Rules

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.

  3. Click 'Application Rules' under Firewall from the left hand side pane




  1. Click the handle from the bottom and Add or Edit rules for specific applications manually or remove them.

Click here for more details on Application Rules

 

To view the Global Rules

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.

  3. Click 'Global Rules' under Firewall from the left hand side pane




  1. Click the handle from the bottom and Add or Edit global rules manually or remove them.

Click here for more details on Global Rules

 

To view Predefined Firewall rulesets

  1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen

  2. Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.

  3. Click 'Rulesets' under Firewall from the left hand side pane




  1. Click the handle from the bottom to and Add, Edit or remove rulesets.

You need not make your own rulesets, the defaults are usually enough.

 

Click here for more details on pre-defined firewall rulesets


Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.