Comodo Help
Find the desired product help
Comodo Internet Security

Comodo Internet Security

Version 5.9/5.10

English

Print Help Download Help
Defense+ Tasks - Introduction > Computer Security Policy > Defense+ Rules
  • Introduction To Comodo Internet Security
    • Special Features
    • System Requirements
    • Installation
      • CIS Premium Installation
      • CIS Pro-Installation And Activation
      • CIS Complete-Installation And Activation
        • Installing Comodo Internet Security 2012 Complete
        • Activating Online Backup, TrustConnect And Guarantee
        • Installing Comodo Backup
        • Installing Comodo TrustConnect
      • Activating Pro/ Complete Services After Installation
        • Activating Your License
        • Activating Your Guarantee Coverage
        • Renewal Of Your License
    • Starting Comodo Internet Security
    • Comodo Internet Security - Overview Of Summary Screens
      • Comodo Internet Security – Summary
      • Comodo Antivirus – Summary
      • Comodo Firewall – Summary
    • Comodo Internet Security - Navigation
    • Understanding Alerts
  • Antivirus Tasks-Introduction
    • Run A Scan
    • Update Virus Database
    • Quarantined Items
    • View Antivirus Events
    • Submit Files To Comodo For Analysis
    • Scheduled Scans
    • Scan Profiles
    • Scanner Settings
      • Real Time Scanning
      • Manual Scanning
      • Scheduled Scanning
      • Exclusions
  • Firewall Tasks-Introduction
    • View Firewall Events
    • Define A New Trusted Application
    • Define A New Blocked Application
    • Network Security Policy
      • General Navigation
      • Application Rules
      • Global Rules
      • Predefined Policies
      • Network Zones
      • Blocked Zones
      • Port Sets
    • View Active Connections
    • Stealth Ports Wizard
    • Firewall Behavior Settings
      • General Settings
      • Alert Settings
      • Advanced Settings
  • Defense+ Tasks - Introduction
    • View Defense+ Events
    • Trusted Files
    • Unrecognized Files
      • Unrecognized Files
      • Submitted Files
    • Computer Security Policy
      • Defense+ Rules
      • Predefined Policies
      • Always Sandbox
      • Blocked Files
      • Protected Files And Folders
      • Protected Registry Keys
      • Protected COM Interfaces
      • Trusted Software Vendors
    • The Sandbox - An Introduction
      • Unknown Files - The Sand-boxing And Scanning Processes
    • View Active Process List
    • Run A Program In The Sandbox
    • Defense+ Settings
      • General Settings
      • Execution Control Settings
      • Sandbox Settings
      • Monitoring Settings
  • More Options-Introduction
    • Preferences
      • General Settings
      • Parental Control Settings
      • Appearance
      • Log Settings
      • Connection Settings
      • Update Settings
    • Manage My Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
    • Diagnostics
    • Check For Updates
    • Manage This Endpoint
    • Browse Support Forums
    • Help
    • About
  • Comodo GeekBuddy
    • Overview Of Services
    • Launching The Client And Using The Service
    • Accepting Remote Desktop Requests
    • Registration
    • Activation Of Service
    • Uninstalling Comodo GeekBuddy
  • TrustConnect Overview
    • Microsoft Windows - Configuration And Connection
    • Mac OS X - Configuration And Connection
    • Linux / OpenVPN - Configuration And Connection
    • Apple IPhone / IPod Touch - Configuration And Connection
    • TrustConnect FAQ
  • Comodo Dragon
  • Appendix 1 CIS - How To... Tutorials
    • Setting Up Security Levels Easily
    • Setting Up The Firewall For Maximum Security And Usability
    • Blocking Internet Access While Allowing Local Area Network (LAN) Access
    • Setting Up Defense+ For Maximum Security And Usability
    • How To Password Protect Your CIS Settings
    • How To Reset Forgotten Password (Advanced)
    • Running An Instant Antivirus Scan On Selected Items
    • Creating An Antivirus Scanning Schedule
    • Running An Untrusted Program Inside Sandbox
    • Restoring Incorrectly Quarantined Item(s)
    • Submitting Quarantined Items To Comodo For Analysis
    • Enabling File Sharing Applications Like BitTorrent And Emule
    • Blocking Any Downloads Of A Specific File Type
    • Disabling Defense+ And Sandboxing For Specific Files Selectively
    • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
    • Switch Off Automatic Antivirus And Software Updates
    • Suppressing CIS Alerts Temporarily While Playing Games
  • Appendix 2 Comodo Secure DNS Service
    • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
    • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Appendix 3 CIS Versions
  • About Comodo Security Solutions

Defense+ Rules


The Defense+ Rules tab lists the different groups of applications installed in your system and the security policies applied to them. You can change the policy applied to selected applications and also create custom policies to be applied to selected applications.




The first column, Application Name, displays a list of the applications on your system for which a security policy has been deployed. If the application belongs to a file group, then all member applications assume the security policy of the file group. The second column, Treat as, column displays the name of the security policy assigned to the application or group of applications in column one.

 

General Navigation:

  • Add... - Allows the user to Add a new Application to the list then create it's policy. See the section 'Creating or Modifying a Defense+ Security Policy'.

  • Edit... - Allows the user to modify the Defense+ security policy of the selected application. See the section 'Creating or Modifying a Defense+ Security Policy'.

  • Remove - Deletes the current policy.

 

Note: You cannot remove individual applications from a file group using this interface - you must use the 'File Groups' interface to do this.

  • Purge - Runs a system check to verify that all the applications for which policies are listed are actually installed on the host machine at the path specified. If not, the policy is removed, or 'purged', from the list.

Users can re-order the priority of policies by simply dragging and dropping the application name or file group name in question. To alter the priority of applications that belong to a file group, you must use the 'File Groups' interface.

Creating or Modifying a Defense+ Security Policy

 

To begin defining a application's Defense+ policy

 

(1) Select the application or file group that you wish the policy to apply to.

 

(2) Configure the security policy for this application.

(1) Select the application or file group that you wish the policy to apply to

 

If you wish to define a policy for a new application (i.e. one that is not already listed), click the 'Add...' button in the main Defense+ Rules interface.

 

This brings up the 'Application System Activity' Control interface shown below.

 



Because you are defining the Defense+ security settings for a new application, you can notice that the 'Application Path' box is blank. (If you were editing an existing policy instead, then this interface would show that policy's name and path.)

 

Click 'Select' to begin.

 



You now have 3 methods available to choose the application for which you wish to create a policy - File Groups; Running Processes and Browse.

  1. File Groups - choosing this option allows you to create a Defense+ security policy for a category of pre-set files or folders. For example, selecting 'Executables' would enable you to create a Defense+ policy for all files with the extensions .exe .dll .sys .ocx .bat .pif .scr .cpl . Other such categories available include 'Windows System Applications' , 'Windows Updater Applications' , 'Start Up Folders' etc - each of which provide a fast and convenient way to apply a generic policy to important files and folders.

To view the file types and folders that are affected by choosing one of these options, you need to visit the 'File Groups' interface.

The File Groups interface can be accessed by the following method:

  • Navigate to Defense+ > Computer Security Policy > Protected Files and Folders then click the 'Groups...' button.

  1. Running Processes - as the name suggests, this option allows you to create and deploy a Defense+ policy for any process that is currently running on your PC.



You can choose an individual process (shown above) or the parent process of a set of running processes. Click 'Select' to confirm your choice.

  1. Browse... - this option is the easiest for most users and simply allows you to browse to the location of the application for which you want to deploy the Defense+ security policy.


In the example below, we have decided to create a security policy for the Opera web browser.

 

Having selected the individual application, running process or file group, the next stage is to Configure the rules for this application's policy.

(2) Configure the security policy for this application     

 

There are two broad options available for selecting a policy that applies to an application - Use a Pre-defined Policy or Use a Custom Policy.

  1. Use a Predefined Policy - Selecting this option allows the user to quickly deploy a existing security policy on to the target application. Choose the policy you wish to use from the drop down menu. In the example below, we have chosen 'Limited Application'. The name of the predefined policy you choose is displayed in the 'Treat As' column for that application in the Computer Security Policy interface (Default = Disabled).


 

 

Note on 'Installer or Updater' Policy : Applying the Predefined Policy 'Installer or Updater' for an application defines it as a trusted installer and all the files created by the application will also be considered as as trusted files. Some of the applications may have hidden codes that may potentially impair the security of your computer if allowed to create files of its own. Comodo advises you to use this Predefined Policy - 'Installer or Updater' with caution. On applying this policy to any of the application, an alert dialog will be displayed, describing the risks involved.

 

 

 

 

General Note: Predefined Policies, once chosen, cannot be modified directly from this interface - they can only be modified and defined using the 'Predefined Policies' interface. If you require the ability to add or modify settings for an specific application then you are effectively creating a new, custom policy and should choose the more flexible Use Custom Policy option instead.

  1. Use a Custom Policy - designed for more experienced users, the 'Custom Policy' option enables full control over the configuration specific security policy and the parameters of each rule within that policy. The Custom Policy has two main configuration areas - Access Rights and Protection Settings.(Default=Enabled)

In simplistic terms 'Access Rights' determine what the application can do to other processes and objects whereas 'Protection Settings' determine what the application can have done to it by other processes.

  1.  Access Rights - The Process Access Rights interface allows you to determine what activities the applications in your custom policy are allowed to execute. These activities are called 'Access Names'.



Click here to view a list of definitions of the Action Names listed above and the implications of choosing to Ask, Allow or Block for each setting.

 

Exceptions to your choice of 'Ask', 'Allow' or 'Block' can be specified for the policy by clicking the 'Modify' link on the right.

 

Select the 'Allowed Applications' or 'Blocked Applications' tab depending on the type of exception you wish to create.

 


 

Clicking 'Add' allows you to choose which applications or file groups you wish this exception to apply to. (click here for an explanation of available options)

 

In the example above, the default action for 'Run as an executable' is 'Ask'. This means Defense+ generates an alert asking your permission if 'Opera.exe' tried to run another program. Clicking 'Modify' then adding 'oemig50.exe' to the 'Allowed Applications' tab creates an exception to this rule. Opera.exe is now allowed to run 'oemig50 .exe' but an alert is generated if it tries to run any other application.

  1. Protection Settings   - Protection Settings determine how protected the application or file group in your policy is against activities by other processes. These protections are called 'Protection Types'.




Select 'Yes' to enable monitoring and protect the application or file group against the process listed in the 'Protection Type' column. Select 'No' to disable such protection.

 

Click here to view a list of definitions of the 'Protection Types' listed above and the implications of activating each setting.

 

Exceptions to your choice of 'Yes' or 'No' can be specified in the application's policy by clicking the 'Modify...' button on the right.

  1. Click 'Apply' to confirm your settings.

 

Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved

Our Products
  • Free Antivirus
  • Free Internet Security
  • Website Malware Removal
  • Free Anti-Malware
  • Anti-Spam (Free Trial)
  • Windows Antivirus
  • Antivirus for Windows 7
  • Antivirus for Windows 8
  • Antivirus for Windows 10
  • Antivirus for MAC
  • Antivirus for Linux
  • Free Endpoint Security
  • Free ModSecurity
  • Free RMM
  • Free Website Malware Scanner
  • Free Device Manager for Android
  • Free Demo
  • Network Security
  • Endpoint Protection
  • Antivirus for Android
  • Comodo Antivirus
  • Wordpress Security
Cheap CDN
  • Bootstrap CDN
  • Semantic UI CDN
  • Jquery CDN
  • CDN Plans
  • CDN
  • Free CDN
Enterprise
  • Patch Management Software
  • Patch Manager
  • Service Desk
  • Website Down
  • Endpoint Protection Solutions
  • Website Security Check
  • Remote Monitoring and Management
  • Website Security
  • Device Manager
  • ITSM
  • CRM
  • MSP
  • Android Device Manager
  • MDR Services
  • Ransomware Prevention
  • Managed IT Support Services
  • Free EDR
Free SSL Certificate
Support Partners Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2024. All rights reserved.