Windows Software Firewalls Evaluation Rolls On

For about a year now I’ve been researching software firewalls for Windows. There are at least five previous installments in this series, and several early contenders have been dropped from my prospect list, which has been winnowed down to one or two products in beta. (For links to previous installments in this series, see the end of this article.)

I stopped short of naming Comodo Free Firewall 2.4 the Best Software Firewall of 2007 in the last issue of the newsletter because several SFNL readers reported issues they’re having with Comodo. I asked readers last time to send me their experiences with Comodo, and thank you, many of you did just that.

The results of that little exercise were interesting. Many people are having no issues with Comodo’s 2.4 firewall. That included me at my last writing on this subject. Since then, I have had some of the problems others describe on one of the now five Comodo installations I’ve been testing. Not the worst of the problems, mind you. But at least I’m no longer totally in the dark. And I’ve also worked with two or three SFNL readers to the point that I’m satisfied that their reconfiguration of the product isn’t causing the symptoms they’re having.

There are three different problems with Comodo 2.4 reported by sufficient numbers of readers (also posted elsewhere on the Internet) to make me think they are actual bugs:

1. Comodo forgets user inputs in user permission pop-up boxes. Comodo offers a “remember this” check box, but checking the box doesn’t appear to work.

2. Comodo throws off a blizzard of user-permission pop-ups — so many pop-ups that most users don’t even last 24 hours before uninstalling Comodo.

3. User’s system slows down dramatically after install.

The only problem I’ve seen personally is the first one, and only very recently. I was able to make the second problem occur by making a settings change to Comodo away from the default setting. If you’re seeing a blizzard of Comodo pop-ups, try making this change:

Click the Security button along the top of the Comodo program. Then click Advanced on the left. Then click Miscellaneous on the bottom. A dialog box will open. Set the Alert Frequency Level to Low. That’s the default setting.

A large percentage of the people who’ve written to me to complain about Comodo 2.4 will see significant improvement of the user experience with this step. About the first problem, though, the only suggestion I can make is to uninstall and reinstall the product.

At the end of July, I interviewed Comodo’s president and CEO, Melih Abdulhayoglu, and senior research scientist Egemen Tas. This is a pretty rare thing, but they readily admitted that some Comodo 2.4 users are experiencing the first two problems described above. Instead of trying to fix version 2.4, they said that version 3 (under development now and currently projected to be released in October) has been entirely rearchitected so that these problems won’t reoccur.

The strategy Comodo is employing for version 3 to block malware is different from any other product I’m aware of. Comodo 3 adds a host-intrusion prevention system (HIPS). If you’ve ever tried a HIPS, you probably know that on the desktop, such a system would probably add pop-ups and warnings. To make it easier to work with, Comodo is adding two features — whitelist and program profiling — that when combined should eliminate many pop-ups and warnings. Comodo 3 will be able to online updated with new information to support these features, and presumably users will be able to add their own intelligence about accepted program behaviors.

I’m not 100% convinced about this strategy, but I’ve decided to look at version 3 before I come to a decision. An early look at the first beta of Comodo 3 shows that the program has been heavily upgraded. But since the whitelist and profiling features haven’t been added yet, the product is all but unusable.

Meanwhile, Eset recently released Eset Smart Security Beta 2, which combines Nod32 with a new lightweight software firewall and an anti-spam tool. Beta 2 adds direct support for Outlook Express, in addition to Outlook. I have not had a chance to test Beta 2, but this suite — which did not do well in my leak testing of an earlier beta — is still a possible contender for me.

Previous Installments in the Software Firewall Series:

One Response to “Windows Software Firewalls Evaluation Rolls On”

  1. knacker Says:

    I installed this older version 2.4 on three systems replacing the Sunbelt Kerio firewall I was using. Two of the systems have not experienced a problem after about 5 weeks. My main system was a different story though.

    I had problems with the third thing you mentioned, “User’s system slows down dramatically after install.” My Windows XP Pro had not been reinstalled for a year and a half and I had been putting it off. Because I had been experiencing problems I decided it was time to do just that. After everything was in, I installed the 2.4 version of Comodo again and immediately had the same slowdown. It was so bad that it took two hours to full boot the system and I couldn’t be sure things were running properly.

    I used a boot disk to start the system and disable the firewall. Now everything was fine except I had only my router as a firewall.

    Extensive searching of the Comodo forums gave me a quick fix. In the Security tab under Advanced is a section call Application Behavior Analysis. Click Configure and a window pops up with all options checked. Unchecking Monitor DLL Injections allowed me to start the firewall and run normally now. It is suggested to shut down an application at a time and reenable this option but my system is so slow with this enabled that Comodo Firewall 5 would likely be out before I got through all of my applications. For now I’ll just run it with the option unchecked. I’m hoping this is resolved in the final version 3.

    One last thing about another slowdown. Users of uTorrent can experience extreme slowdowns in their torrents with this firewall. A search in the forums for “firewall slowdown utorrent” give good advice on resolving this.

Leave a Reply

You must be logged in to post a comment.