Down to One: Windows Software Firewall Evaluation
It’s taking forever to kick the door closed on the long-term Windows software firewall evaluation. In the last installment of the series, Windows Software Firewalls Evaluation Rolls On, I wrote about issues with Comodo 2.4 that Scot’s Newsletter readers have reported — and which the Comodo folks graciously owned up to. With a rearchitected version of the firewall on the way, I decided to hold out to see whether the new product would get the job done with fewer issues.
A couple of days ago, Comodo released what some have dubbed Comodo 3.0 Beta 3 (version 188.8.131.52). With this new rendition of the code, for the first time you get the sense of what the company expects the user experience to be. The product relies heavily on user prompts to warn you of possible threatening actions, but you can tell it to remember your answers and make specific programs “trusted applications,” which effectively silences future prompts. The user experience is pretty good, overall, but it’s way too early to determine whether the product will perform without bugginess on some desktops.
I ran Comodo Beta 3 through the standard battery of outbound leaktests performed by sites like Firewall Leak Tester and Matousec, which I’ve referred you to many times in the past. Some of these tests really mean very little, but some are quite good. Like its predecessor, Comodo 2.4, the new 3.0 product offers excellent outbound protection — the factor that I’ve identified as the Holy Grail of this long-term review. (For more on the leaktests I’m using, see the ZoneAlarm review in More on Software Firewalls for Windows.) Comodo 184.108.40.206 passed every single test I threw at it.
It’s not time yet to do a full review on this product, which supports XP and Vista, but Comodo 3 is promising. Even so, there’s one aspect of the all-new Comodo I’m not in love with: the redesigned user controls, logs, and settings interface. It’s pretty, but not really well designed. It’s difficult to know whether items you’re clicking into give you a way to configure or just a window for viewing historical data. I’d like a single place to review the decisions I’ve made about specific programs. While your actions are recorded, there’s no place to review and change them. Seems like something this product definitely needs.
The addition of the HIPS technology (host intrusion prevention system) adds a layer of defense without overly complicating the operation of the software firewall. That’s a key advantage of Comodo 3. But the extra layer of protections and settings does make for a far more complex set of controls and settings dialogs. It’s easy to get lost in Comodo 3’s rabbit warren of options.
Although I don’t have the latest word from Comodo yet, judging from this version of the product, the company is six to eight weeks away from shipping Comodo 3. There are still a few missing features. With security software, I like to see it ship before I recommend it. So hang in there. It may be a few more months before I can tell you whether to adopt this firewall.
If you’re thinking about testing Comodo 220.127.116.11 too, be sure to uninstall any previous software on your system before installing this one — including Comodo 2.4 or any of the Comodo 3 betas. After you install it and reboot it, the best way to train it is to launch every program installed on your system that you use regularly, one after the other, making selections in Comod’s pop-up prompts. Definitely use the Remember check box, and setting programs you use frequently as trusted applications (from the drop-down menu) will eliminate future Comodo pop-ups.
Once you’ve had a chance to try it out, send me a note about your experiences. This is a beta product, so you may run into bugs and issues. Making a backup of your entire drive before you install beta software is always a shrewd thing to do.
Eset’s Firewall — and Updated Nod32 Antivirus Program
Meanwhile, the Best Antivirus Product of 2007, as named by yours truly, Eset’s Nod32 2.7, is being reworked by the company into a new 3.0 version. Eset has two flavors of its new product line: the antivirus/anti-malware-only product and the new Eset Smart Security, a suite product that adds a firewall and an antispam option.
I’ll be retesting Eset’s forthcoming Nod32 3.0 when it finally ships. My initial impressions are quite positive. For now, Scot’s Newsletter continues to recommend Nod32 2.7.
But I’ve made a decision in the opposite direction about Eset Smart Security suite. Take a pass on this one. The firewall seems very pedestrian; it’s able to handle only three of the leaktests on my list of 17. And what’s with the antispam module? That doesn’t belong in a package like this. The best thing about Eset Smart Security is Nod32 3.0 and the fact that you can turn the other two modules off.
So, where does that leave things? If Comodo 3 winds up having issues, we’ll be back at square one. And what that should mean for you is a solid hardware firewall/router just behind your connection to the Internet with WPA Personal encryption for any wireless networking you have on your network. For more information about the hardware side of the equation, please see Kicking Off a Software Firewall Comparo from June of 2006. Many experienced users are content with this level of protection.
Previous Installments in the Software Firewall Series:
- Windows Software Firewalls Evaluation Rolls On (September 2007)
- Twists and Turns on the Road to the Best Software Firewall (July 2007)
- Review Roundup: Slim Is in for Windows Desktop Firewalls (June 2007)
- More on Software Firewalls for Windows (June 2007)
- Update: Software Firewalls for Windows XP (April 2007)
- Kicking off a Software Firewall Comparo (Sept. 2006)