New Versions of Comodo and Online Armor

The Scot’s Newsletter Software-Firewall Comparo (you know, the series-review that just won’t die) continues to evolve. That’s largely because the makers of Comodo Firewall and Online Armor — the two products under consideration — are actively updating their products. If these guys would just slow down a bit, I could make a final judgment. But that’s one of the reasons these are the two best products in the race, neither company is resting on its laurels.

I recently security tested Comodo 3.0.15.277 (“Advanced Install”) and a late beta of a new version of Online Armor that I believe will arrive shortly. Both products came through with flying colors — passing every test I threw at them. So I can confirm that newer versions of both products continue to test as well as the somewhat older versions tested by Matousec.com.

For those of you following last month’s dramatic public clash between Comodo’s ceo, Melih Abdulhayoglu, and myself — it’s my hope that’s a thing of the past. Melih and I have had several constructive email exchanges. I made some tweaks to my Jan. 20th post urging Scot’s Newsletter readers who might have opted for Comodo 3’s “Basic Firewall” installation option not to use it. And in version 3.0.16.295, Comodo has refined the language on the installation dialog box that I had concerns about; it now looks like this:

comodo16295.jpg

[Update on February 16: Since this message was posted six days ago, Comodo released yet another slipstream update, version 3.0.17.304. That version’s installation option dialog is identical to that of v.3.0.16.295.]

The wording change does a better job of keeping people from making the less-protective choice. Melih also showed me a picture of the comparable screen for a future version of Comodo 3 that will offer three installation options. The company expects to add a third installation mode that turns off the full blown Defense+ HIPS module but continues to offer leak protection, apparently at a level similar to Comodo version 2.4. That’s an even better change. I haven’t been given access to that version of the Comodo firewall nor do I have any idea when it might arrive, but I’ll be interested to test it when it becomes available. (For more information about changes delivered in Comodo 3.0.16.295 and 3.0.17.304, see the company’s public release notes.)

I test computer products, not people. Some readers have suggested I drop my evaluation of Comodo because of things Comodo’s ceo posted in his company’s forums. Thanks, but that’s not my style. Comodo Firewall is an excellent product, so I will continue to test it until I’ve made a decision.

In the meantime, I’ve recently been testing the last two versions of Comodo under Vista. I’ve seen no anomalies on that OS. I don’t formally test products for Vista, an operating system I have recommended against using. What I can pass along is that, for the time being, I’ve adopted Comodo 3 (version 3.0.16.295 or later with Defense+ enabled) on all my Vista machines.

In other Vista-related news, Tall Emu’s Mike Nash, the ceo behind Online Armor, says his development team hopes to enter public beta testing by roughly the end of the month on Online Armor for Vista.

Having tested pre-release builds of the next Windows XP-version of Online Armor, I’m intrigued by several promising new features. I’ll go into more detail once the product ships and I’ve had time to test it thoroughly.

At one point over the last year I began to wonder whether I’d find a software firewall worthy of my recommendation. But both of these products offer full-fledged protection and are easy to use. Both run on Windows with small footprints. Both are fully compatible with other software security products, including NOD32, the antivirus/anti-malware product I continue to use and recommend. Choices are good.

36 Responses to “New Versions of Comodo and Online Armor”

  1. Pete Says:

    Re: Comodo 3.0.16.265, defense + Clean PC Safe Mode on Vista Ultimate: I’ve been using the product for a couple of weeks now. One problem I noticed, is that it blocks some functions without notifying me. Example, when using Quicken 07 file backup I was presented with a gray Quicken screen and Quicken quit responding. Not suspecting Comodo, I reinstalled Quicken, the backup function worked fine once after the reinstall, then failed again. I then changed Comodo defence +, to Train with Safe Mode. The Quicken function now works fine. I have noticed that some other problems with installed software happened when the software tried to update itself. Again no notice from Comodo. I have OA on a XP machine and it was working just fine.

  2. Scot Says:

    Hey, Pete. I think one other person mentioned an issue with Quicken to me, but with an earlier version of Comodo. I’m not a big Quicken fan — I don’t even own it. So I can’t check it out. Did you try posting in the Comodo forums?

    Also, I’m guessing he version number you posted is a typo? 3.0.16.295 right? Thanks.

  3. Nnyan Says:

    I’m glad to hear that they are developing a version of Online Armor for Vista (hopefully it will work with the x64 versions too!).

  4. Scot Says:

    The forthcoming Online Armor for Vista is 32-bit only, I’m told. Tall Emu may add 64-bit support at a later time.

    Comodo and Agnitum’s Outpost are the only software firewalsl for desktop machines I’m aware of that support 64-bit Windows Vista.

  5. cdruybal Says:

    Scot,

    Kaspersky also has 64 bit support for Vista. I’ve been using it for about 2 months now, since I jumped from 32 bit Vista to 64 bit Vista. I’ve got the full suite running (virus, firewall, spyware) and am satisfied with it.

    Zonealarm’s Vista support is terrible. On multiple computers, from multiple people, it’s been demonstrated that ZA stops the pc from shutting down cleanly, forcing a push of the reset button.

  6. hkspike Says:

    Scot, A while back I posted comment on your forum regarding Comodo’s performance on home networks and also the endless sequence of nag screens it delivers; it seems a slow learner. I was amused that one nag screen was Comodo asking permission to go on-line; it worrierd me that if the firewall didn’t know that itself was safe there really wasn’t much hope for that product. I was also concerned that many of its nags ran behind game screens so stopping the game launch without actually being apparent and that the complexity of the message in some of these nags were such that any kid would inevitably take the easy option and click ok. Comodo looked to be a firewall for geeks, not the masses.
    Andy

  7. Scot Says:

    hkspike, nice to see you here on the blog.

    I tend to agree with your assessment — at least in broad strokes. I do think that Comodo will be better appreciated by people who are more experienced users and anyone who prefers belt-and-suspenders security. Comodo really does offer some layers that should make it a bit more protective than many desktop firewalls. But, I agree, you pay for that level of protection with less usability than its best competition.

    The fact that Comodo blocks its own access to the Internet actually gives me a positive feeling. If a malware program manages to spoof the Comodo online-updating tool, at least Comodo will give you one last chance to stop that action. You might have reason to know that Comodo couldn’t be trying to update at that moment.

    Based on your comment, I think you would find Online Armor more to your taste. I have it on very good authority that Tall Emu is extremely close to releasing a new version of its Online Armor firewall. Wait for that new version (the existing one is 2.1.0.31) and check it out. OA is more focused on usability than Comodo.

  8. wheelgate Says:

    The firewall leak tests at http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php#firewalls-ratings rate both free Comodo and free Online Armor as excellent. I’ve tried both, and I think I’ll stick with Online Armor. Comodo nervously pops way too frequently for my taste, which has been a big discuss item in the alt.freeware group on Usenet.

  9. Scot Says:

    wheelgate, I tend to agree with your statement that Comodo 3 has more pop-ups than Online Armor. A small percentage of these Comodo pop-ups seem to be repeat pop-ups — even when you’ve told the program to remember your choice. That’s a bit frustrating.

    The truth is, no pop-ups, no real protection. So the differences between OA and Comodo come down to slightly different strategies. Comodo is aimed more at expert users. Online Armor is aimed at everyone else. Neither product is really going to be perfect for your grandmother (if she’s like mine). But Online Armor comes closer. Its makers have settled on a usability-preferred strategy, minimizing the decisions that users have to make. Since user decisions in the wrong hands can make you more vulnerable, that’s not a terrible strategy. But it’s not a great plan for expert users who want to have as many warnings as possible.

  10. cookrd1 Says:

    Scot, have you ever addressed using one of the virtualization products for safe surfing? Just wondering how VMWare would compare with products such as SandboxIE, Safespace and ReturnIL, and would this be a safe way of surfing assuming you protected the host OS with a good firewall such as Comodo?

    Both Kapersky and Norton are on record as saying that they will have to incorporate some form of virtualization in the future.

    I have been doing this for many years. Everything I need is stored online (GMail, de.licio.us, etc), so when I shut down my virtual machine, I don’t lose anything.

    -Bob

  11. Scot Says:

    I really haven’t tested this field of products. I’ve certainly used VMware and like it very much. (I also like Parallels on the Mac.) But to me the notion of desktop users running their browsers and other Internet clients out of a virtual machine seems a little unwieldy. On the other hand, the reality is that Microsoft employs a mini-sandbox (not based on virtualization) for IE7 running on Vista — what it calls protected-mode browsing. Essentially, IE7 is running in a highly limited Vista user account. I do think this is the future. But I think we have a long way to go before sandbox products are ready for mainstream desktop PC users. For enthusiasts who like dabbling with something like this in the name of ultimate security, great. Apparently that describes you. But it doesn’t describe me yet.

    I’ll be honest with you, and you likely won’t agree — there’s a level of security possible on the desktop that I’m not sure most of us really need. I realize them’s fighting words to many people. I just don’t happen to believe that the right level of security is as much security as our technology allows. Of course, you may have a reason for working as you do. It could be that down the road we will all have reason to work that way. I hope not. But if so, I’ll be among the first to recommend it.

    So, no, I haven’t evaluated SandboxIE, Safespace, etc.

    That said, I would think that VMware would stack-up pretty well security-wise in the hands of someone who understands how lock down everything else around it.

    Hope this offers some helpful insight.

    — Scot

  12. dlsheeks Says:

    Scott – I was a bit behind on the blog, typically only visiting when I receive a newsletter update via e-mail. One thing I noticed about Comodo v3 is that it no longer works on Windows 2003 Server, whereas the 2.4 version does. I know that doesn’t fall into your review criteria, but I didn’t see any mention of that change on the Comodo web site, nor did I see any mention of possible future support for Windows 2003. It doesn’t appear that Online Armor works on 2003 either. If you happen to hear anything about Windows 2003 support it would be nice to hear about it. Thanks for the excellent posts.

  13. Scot Says:

    disheeks: An email from Mike Nash, ceo, Tall Emu, makers of Online Armor, states that Online Armor does, in fact, support Windows 2003. He says that Windows 2003 is not an area of primary focus for Tall Emu [realistically, Online Armor is a desktop product, not a server product], but Online Armor does run on Microsoft’s previous generation Windows server.

  14. jimn Says:

    Scot – along the same theme as Win 2003, I wonder if OA could be used with Windows Home Server? I’ve been considering buying one of the new HP Media Smart (WHS) machines but I’m a little unsure of the best way to protect the system – both firewall and A/V. Considering that one of the features of Home Server, external access to your home network, could open the door to some very undesirable stuff, I would not want to go ahead with this until there’s a good solution. Thus far, I’ve only been able to find early reviews on the features and performance of WHS and there hasn’t been much said about security. What have you been hearing so far about security and WHS?

  15. LilBambi Says:

    Nice to see that the interaction with Comodo is paying off in expanded choices and explanations of what it means.

    I have a comment on OA, which I also like btw. However, I had a problem with it on Win2K. It caused a crash that I had never seen before of the network layer. The reason I say it like that is it complained about something crashing with my FTP client and then the firewall would not let any traffic through first on the FTP client and then in general. No matter what I did in the settings for that.

    I also noted that if you allowed it to configure the settings, it automatically allowed windows ports (135,139, 445) so there was no true stealth mode? Is that correct if you allow it to configure itself instead of teaching it yourself? Or is that only for certain programs, or what?

    Did anyone else notice that about 3-4 weeks ago for OA? Sorry I have been too busy to test it further on Win2K so far. Went back to previous Firewall for now.

  16. alexgieg Says:

    Here I am, back to report some findings about Comodo Firewall Pro, Online Armor Free and virtualization, which coincidentally is a subject of some of the above posts, so I’ll dwell into this a little more than I previously intended.

    The thing is, I’m not a Windows user anymore, at least not in my home, where I run Ubuntu. But I do have a small selection of Windows softwares I’ve purchased over the years, and I didn’t want to see them just stay there, in their CDs, unused. So, there I went over the weekend installing VirtualBox, then my old Windows XP Home in it, and then my old apps.

    Why VirtualBox, and not VMware or Parallels? Well, first, because Parallels costs money, while the other two are free. Second, because VirtualBox and VMware have roughly the same speed, while Parallels is slower. Third, because VirtualBox installer is 6.5x smaller than VMware’s and also uses less memory while running. Fourth, because much like Parallels, it can hide XP’s desktop and show the apps running directly on Ubuntu’s desktop, thus providing seamless integration, what VMware Server doesn’t. In short: free, fast, small and beautiful. What’s there to not like in it? :)

    On the other hand, an OS running inside a VM is just like another computer on the network, and thus no more secure than a standalone computer would be. This being Windows, thus, there I went install some free anti-malware security packages (Windows Defender, SpywareBlaster, Spybot S&D, Ad-Aware); then to renew my expired NOD32 license, which for the speed alone is a must have in any VM; and then to try the two recommended firewalls. This is how the last versions (as of yesterday) of both Comodo Firewall Pro and Online Armor Free behaved:

    * Comodo Firewall Pro: Any time I rebooted the VM and XP loaded, it apparently crashed. An error message appeared with a text box for me to describe what I was doing when the crash happened. Clicking “Send” would opens a new e-mail window with a file attached. The firewall, however, never actually closed. It kept running and working as if everything was normal, except for the fact that whenever I open its main window I saw a nasty message in red saying that virtualization was detected and thus some of the advanced protections were disabled, although it didn’t inform me, anywhere I could see, which features had actually been disabled. Not good!

    * Online Armor Free: It installs perfectly, doesn’t crash, and just keeps working, with leak protection enabled and fully functional (as far as I know, obviously). Needless to say, this is the solution I opted for.

    And that’s it. In any case, I hope this mini review will help those wondering on which firewall would be best for virtualized installation of XP. As of now, Comodo Firewall Pro simply isn’t an option, while Online Armor Free just works.

    If I were Tall Emu, I would most certainly advertise this. For those using virtualization it is, quite literally, a killer feature!

  17. bwaverman Says:

    since kaspersky’s firewall has been mentioned , l just want to add the following. kaspersky’s protection is just about as good as comodo and oa but not at default settings. AND it is not a stand-alone product. it can only be purchased as part of their security suite. it does run with vista64 as cdruybal has stated but there is some system slowdown.

  18. Scot Says:

    Kaspersky has been mentioned. I agree with bwaverman’s statements.

    To expand on them: The Kaspersky AV product was tested and rejected by me a couple of years ago. Even more importantly, the only Kaspersky product that contains a firewall is a suite (containing antivirus, anti-spyware, anti-spam, and firewall) — and so not eligible to compete in my evaluation.

    I have routinely excluded all big, bloated suite products from my tests. They don’t meet my needs, and I think an increasing number of Windows users feel the same way, that less is more. The combination of NOD32 and either Online Armor or Comodo is really all you need for malware protection — which is what this is all about.

    I agree that Kaspersky’s firewall is a decent product from a testing perspective. Too bad it’s not available standalone.

  19. Buffet Says:

    Scot, You mention using Comodo in conjunction with NOD32. I’ve always been led to believe that using more than one antivirus program, at the same time, was taboo. Can you enlighten me? Thanks.

  20. Scot Says:

    Hi, Buffet. Comodo is a software firewall. NOD32 2.7 (the version I use and recommend) is an AV/anti-malware program.

  21. Joe Momma Says:

    A number of comments have been made concerning Comodo asking permission to grant access to programs which have previously been granted permission. If you read the text of the alert, many times it will say that the cryptographic signature of that program has changed. When a program is updated, frequently an .exe or a .dll file is changed, thus changing its cryptographic signature. Comodo is just doing its job when asking permission for a changed application.

  22. Scot Says:

    Joe M.: I agree this is a possibility. But I’ve also seen times where this happens when apps have not been updated. There are also different actions that apps take, and I believe this also contributes. I’m not criticizing Comodo for this behavior. I did see times under v.2.4 where it was clearly not due to updating and it was repetitive, several times a day. And I had many, many reports of this. I also saw it personally in the Comodo 1.x timeframe where Comodo just did this day in, day out.

    No pop-ups, no real protection. Comodo errs on the side of being more protective — the better safe than sorry strategy. But I think with average users, they quickly get to the point where they just say “OK” to every prompt. I believe that the art and science of creating a software firewall is reducing the prompts to preserve the user’s attention. It’s hard to do safely though.

  23. Buffet Says:

    Scot, Here’s what I was talking about: IMPORTANT: Before installing ESET Smart Security you must uninstall your existing antivirus solution.
    The previous line was taken directly from NOD32’s download page. It would seem to imply that they don’t recommend using their product along with Comodo’s, or, am I still missing something? Thanks again for your help, Steve.

  24. Scot Says:

    Buffet: OK, but, again, I have specifically recommended *against* using Eset Smart Security. This may be the point of your confusion. Eset Smart Security is a suite product that contains NOD32 3.0 (antivirus/anti-malware), firewall, and antispam module. Yes, I specifically tested Eset Smart Security’s firewall — since I already recommend NOD32 and it might have been a smart pairing. But I decided that the firewall wasn’t great, and I’m not sure about NOD32 3.0 either.

    The only Eset product I have ever recommended is NOD32 version 2.7. While I have had no trouble with NOD32 3.0, I have not formally reviewed it. And the things that have been written about it in Wilders and elsewhere do concern me a bit.

    — Scot

  25. qwerty246 Says:

    I tried to install Comodo with Defense + but during installation was informed that DiamondCS Process Guard was not compatible with Defense+. If I wanted to continue installation, I had to choose firewall only. I use PG to defend against unauthorized rootkit changes/installations. I like Comodo and the idea of Defense+ but I’m not willing to let go of Process Guard without further information. Has anyone had a similar experience? Does Defense+ accomplish the same thing as PG? I don’t remember seeing anything about rootkits with Defense+ mode. Does anyone have further info about Defense+?

    Thanks, Paul

  26. evan Says:

    “While I have had no trouble with NOD32 3.0, I have not formally reviewed it. And the things that have been written about it in Wilders and elsewhere do concern me a bit.”

    Aw crap! Do you have any links handy to these “things”? I’ve just been touting the merits of Nod32 to a customer… Looks like some web searching for me tonight when I get home – sigh.

  27. Scot Says:

    Bottom line: NOD32 3.0 uses a proxy. The previous version didn’t. Other security products do this too. It’s not all that unusual, but it may require more configuration to get the most out of a HIPS-based firewall product in combination with NOD32 3.0.

    Ever since NOD32 v.3.0 came out I’ve been hearing about problems with it, and there are various threads around the Internet about what’s right or wrong with it. It’s somewhat controversial. I’m not saying that it doesn’t protect as well or better than it used to. And I haven’t done my own research on the new version — other than to set it up and play with it. I do a lot more than that before I recommend a security product.

    Evan, since you asked for links — here is one thread about the sins/virtues of NOD32 3.0 over at Wilders Security Forums you might want to check out.

    I don’t even know if Eset has commented formally about this thread or the concerns it raises.

    I continue to use and like NOD32 2.7. At some point, though, that product won’t be supported any longer and it’ll be time to make a decision.

    Anyone else with information about NOD32 3.0, please feel free to post here.

    — Scot

  28. evan Says:

    Thanks for the feedback, Scot. The proxy wont be an issue for this customer, and I can always fallback to 2.7 if any other issues arise. Whew!

  29. Fox Says:

    I used NOD32 2.7 running on W2K for a couple of years and had no problems.

    I’ve only just gotten around to upgrading to v3.0 and my initial reaction is that it’s good – now. However it did conflict with Firefox or one / several Firefox extensions (Firefox crawling and continually generating ‘Unresponsive Script’ message), which reverting to v2.7 didn’t solve. I ended up removing and reinstalling Firefox, and everything seems to be running smoothly now…

  30. Expresso Says:

    I was a longtime COMODO firewall user. I loved the applications and resisted the idea of change. Up until ver. 3.0 – I downloaded and installed – never looked back. Updating from ver. 2.4.xx to 3 was a different story. Everything worked except email. I tried setup with default email client settings, trusted application, opening all UDP, TC, TCPIP ports – still unable to send or receive. Turning Defence+ on, off, and disabled. COMODO emailed me instructions on a “clean install”. I followed the directions, but it still doesn’t work. After a few more email exchanges I started reluctantly looking for a replacement firewall (free). I tried the usual suspects. Then ran across a number of reviews saying Online Armor was an outstanding product. I downloaded the latest version and tried it – I liked it. But, too many years of COMODO usage – I went back to ver 2.4. After a while I decided to try Online Armor one more time. I am currently using OA ver. 2.1.0.85.

    I have to admit – I like it. It is now my firewall of choice and I recommend it to all my friends and business associates. Tallemu has produced a brilliant product.

  31. Buffet Says:

    An interesting note – today, I tried, once again, to install Comodo 3.0. Everything went fine with the install, but any time I clicked on ANYTHING in the program, my pc would restart. Tried downloading and installing fresh several times, to no avail. There can be only one conclusion: 3.0 is corrupt! Went back to 2.4. May try again in the distant future. One more failure may drive me to the OA camp.

  32. Scot Says:

    Well, winding up with OA is A-OK.

    But be careful not to make general assumptions about a product based on a sample size of one. I also downloaded and installed this current version of Comodo 3 yesterday and had no issues whatsoever.

    Did you fully uninstall any previous versions of Comodo? You may have a failed installation or uninstallation. A failed install might have occurred if you attempted to install Comodo with another firewall already installed, such as ZoneAlarm or literally any other firewall (except Windows Firewall). For more information about manual uninstallation of Comodo, see this thread on the Comodo forums.

    Hope this is helpful.

    — Scot

  33. RabidWolf Says:

    I’m currently running ZA-Pro and WebRootSS with AV on my main PC.
    I’m not totally happy with them, but I’m not seeing anything that tells me something is better.

    There is absolutely NO way I will ever run a Symantec product ever again! I do not want it on any system I own. Their continued accolades in magazine reviews only make me weep for those who might even try it.

    Perhaps next renewal time I will revisit Comodo.

    Thanks for the review!

    RW

  34. Scot Says:

    Thanks, RabidWolf. Just a quick note of clarity: My final review has not arrived yet — but we are finally on the home stretch.

  35. hisb Says:

    Hi Scot et al. I’m a first-time reader and like what I’ve seen so far.

    My experience with Comodo has been somewhat limited. I’m running Vista Ultimate and started using Comodo when v. 3 was in beta. I’ve kept it up to date and like it very much, for the most part.

    The only issue I’ve had with it was that there were some Windows Updates that wouldn’t take while Defense+ was installed. And it wasn’t something that I could just disable and run, I actually had to uninstall Comodo completely, updates Windows, then reinstall Comodo. This took several tries to figure out, and countless failed installs/reboots before I even figured out it was Comodo. The Comodo forums have at least a couple threads on this issue, but the response tends to boil down to the uninstall/update/reinstall work-around.

    When this happened a second time on a different Windows Update (the first was an update to Windows Update itself to prepare for SP1, I forget what the second update was), I figured I’d just go down to the basic firewall. When I downloaded the most up-to-date version of Comodo (at that time was 3.0.18.309), I new I didn’t want the Defense+ there, at least not until after SP1 roles out later this month. I Chose the basic installation but was given the option to have additional protection. This must be the middle-ground third installation option talked about above. I was still wary of having even that middle ground be enough to stop updates, so I went with just the basic firewall. After reading through your posts, it looks like it may be worth my while to give the middle ground a try.

    In your comparison, when you are referring to OA, are you talking about the free version or the pay version? I read in one of your posts that you’ve tried both. Is there a difference in the security of the free and pay versions? If the free version of OA is what is being compared with Comodo, and if the freeware version upgrades to being Vista-compatible, I will certainly try it out! Else I’ll stick with Comodo.

  36. Personal Firewalls Says:

    […] one I recommend) software firewall is still getting good comments from Scot Finnie over on his blog along with Online Armor <sic> from […]

Leave a Reply

You must be logged in to post a comment.