Comodo Dome Firewall

• Introduction To Comodo Dome Firewall - Virtual Appliance
  • Install Dome Firewall And Login To The Administrative Console
• The Main Interface
• The Dashboard
• View And Modify System Status And General Configuration
  • Manage Admin Accounts
    • Add And Manage Administrators
    • Manage Administrative Roles
  • License Activation
  • SNMP Settings
  • Central Management
  • Configure SSH Access
  • High Availability
  • View And Update Firmware Version
  • Create And Schedule Backup Of DFW State
    • Manually Create A Backup
    • Schedule Backup Operations
    • Encrypt Backup Archives
    • Export A Backup
    • Import A Backup Archive From A Local Computer
    • Roll Back The Virtual Appliance To A Previous Time Point
    • Reset The Virtual Appliance To Factory Defaults
  • Shutdown Or Restart The Dome Firewall Virtual Appliance
• View DFW Virtual Appliance Status
  • System Status
  • Network Status
  • System Usage Summaries
  • Network Traffic
  • Network Connections
  • SSLVPN Connections
• Network Configuration
  • Configure Interface Devices, Uplinks And VLANs
    • Configure Interface Devices
    • Add And Manage Gateway Uplink Devices
    • Create VLANs
  • Routes
    • Add And Manage Static Routes
    • Add And Manage Policy Routing Rules
• Configure DFW Virtual Appliance Services And Protection Settings
  • DHCP Server
  • Advanced Threat Protection
    • Manage The ATP Profiles
    • Comodo Antivirus
  • Time Server
  • Intrusion Prevention
    • Configure Intrusion Prevention System
    • Manage IPS Rulesets
    • Manage Application Identification Rulesets
  • Configure Wireless Hotspot
    • Configure Captive Portal Service
    • Customize The Login Page
    • Add And Manage Permanent Users
  • Internet Content Adaptation Protocol
  • Quality Of Service
• Manage Firewall Configuration
  • Firewall Objects
    • Manage Firewall Address Objects
    • Manage Firewall Object Groups
    • Manage Firewall Schedules
    • Active Directory Integration
  • Destination Network Address Translation
  • Source Network Address Translation
  • Configure System Access
  • Configure Firewall Policy Rules
    • Manage Firewall Policy Rules
    • Manage VPN Firewall Rules
• Configure Proxy Services
  • HTTP/HTTPS Proxy Server
    • Configure URL And Content Filtering
    • HTTPS Proxy
• Configure Virtual Private Network Settings
  • SSL VPN Server
    • Configure General SSL VPN Server Settings
    • Manage SSL VPN Client Accounts
    • Configure Advanced SSL VPN Server Settings
    • Configure Clients To Connect To Dome Firewall
  • IPsec Configuration
  • Configure L2TP Server
  • Configure IPSec/L2TP Users
• View Logs
  • Realtime Logs
  • Configure Log Settings
  • Generate Reports
• Appendix - Minimum Requirements For Software Installations

Intrusion Prevention

Comodo Dome Firewall includes 'Snort', a state-of-the-art network intrusion prevention and detection system (IDS/IPS) directly built-in to its IP tables. Snort employs signature, protocol, and anomaly-based inspection of incoming traffic and is the de facto IPS standard and checks the data flow through the network for intrusion detection and prevention.

Snort uses IPS rulesets, containing a number of intrusion detection/prevention rules and application detection rule sets containing a number of rules for identifying applications generating TCP/IP traffic on the network. The application rule sets enable reporting application names along with IPS events. The rules are developed by their Vulnerability Research Team (VRT) for inspecting different parts of data packets and actions to be taken. The rule sets are constantly updated to confront emerging network intrusion techniques, that can be periodically downloaded from Snort servers. Using up-to-date rule sets enables Dome Firewall to detect and prevent unprecedented network intrusions attempts.

The Intrusion Prevention System interface allows the administrator to configure Snort rules update schedule, create and upload Snort rules and enable/disable rule sets.

• Click 'Services' > 'Intrusion Prevention' from the left hand side navigation.

The Interface has three tabs: 

• IPS Settings - Allows the administrator to enable/disable the intrusion prevention system and configure ruleset updates. See Configure Intrusion Prevention System for more details.

• IPS Rules - Currently loaded IPS rulesets and allows the administrator to manage them. See Manage IPS Rulesets for more details.

• Application Identification - Currently loaded Application Identification rulesets and allows the administrator to manage them. See Manage Application Identification Rulesets  for more details.