The best settings for the commodo of the firewall. Installing and configuring Comodo Firewall for network security purposes

This lesson is a continuation of the article: Network screen.

So, we found and downloaded last version Comodo Firewall. Only one firewall can be installed on the computer. Therefore, in order to avoid inter-program conflicts, the embedded Windows firewall must be disconnected. How to turn off Windows XP and Wiindows 7 firewall, you can see in previous lessons: and. But when we install Comodo Firewall, this is not necessary. The firewall installation wizard will turn off the built-in Windows Firewall.

The firewall controls application attempts to exchange data on the network. The illustration shows how the firewall intercepted the Nokia phone software attempt to enter the Internet. it need appTherefore, click the "Allow" button:

One of the first to be allowed to allow the connection with the system components "Windows ALG.EXE" and "svchost.exe". They are needed for fostering to the network. After installation, Comodo Firewall will again and re-set alerts for various programs. If we know the application, allow the connection request. If there is doubt and the program seems suspicious, press the "Block" button. Noting checkbox check box "Remember my choice", we fix our choice for this application. And the next time you connect the alert window for this program will not appear. It is necessary to act neat. Allow connections and consolidate the selection can only be magnificent programs. If you click on the name of the application, the Program Properties window will open.

Also, the firewall notifies the incoming connections:

The following illustration shows how Comodo Firewall intercepted the incoming package for the popular client of the peerge networks:

First, the alerts of the firewall are somewhat bored. But we make our choice and over time they are becoming less and less.

Malignant programs can be masked for harmless software to deceive the firewall and get permission to connect. Therefore, you need to regularly scan the machine with an antivirus program. You can read more about the choice and work of antivirus.

We turn, now, to the Faervol settings.

Open Comodo Firewall, like any other application, double click On the icon on the desktop or on the icon in the area of \u200b\u200bnotifications. The main window of the program with open tab "Summary":

Here reflects traffic information and system status. By clicking on the numbers of the connections, you can see detailed data of active network connections. Pressing the "Stop all connections" button will stop any network activity. You can apply this function in the case of inadequate behavior of the system - suspicion of interference with the work of programs. For example, the system is long freezing and does not respond. This may be a consequence of the network activity of any malicious application. By blocking traffic, you can find out the reason and determine the program representing a threat. All connections are turned on by pressing the same button "Restore all connections".

Firewall mode You can change by opening the drop-down list with the "Safe Mode" button.

"Block all" - a mode that does not allow any network activity - the "Stop all connections" buttons.

"Custom Policy" is a hard mode in which the network screen will display an alert for each program connecting with the Internet. Here, it is necessary to create program policies yourself - clearly understand what applications can be resolved.

"Safe Mode" is set by default and is universal. The firewall applies user policies - performs the user settings for individual programs, and also itself allows the network exchange of applications that it considers secure. Alerts will be a little and the firewall will not distract much.

"Training Mode" appoint when you need to watch various applications without interfering with their work. Here, Comodo Firewall independently defines the policy policies without outputing any alerts.

In the "inactive" mode, the network screen is turned off. It is necessary to turn off the firewall in the case of an explicit inter-program conflict, for example, with an anti-virus program or other network screen.

On the next tab, the firewall settings are located. "Log of Firevola Events" - "Log" reflects all events - firewall reactions on network activity of various programs.

"Add Trustee" allows you to select the desired application and add it to the permitted.

"Add a blocked application", on the contrary, makes it possible to add the selected application to the forbidden to connect.

Section "Politicians network security"Opens a window where you can choose one of the pre-installed policies for applications or create your own.

In the window "Active network connections"Showing programs showing this moment Network activity.

"Master of Hidden Ports" - you can hide certain ports with these settings and make the computer invisible in the selected networks.

"Faervola Settings" is a window for selecting a working mode that duplicates the drop-down list on the Summary tab. Also, install the slider "Safe Mode" and set the checkbox in the check box "Create Rules for secure applications":

The following "Protection +" tab is located proactive protection control functions. When installing a firewall, proactive protection is activated by default. Protective protection is another layer of protection that controls the behavior of programs and preventing the system to infection. Settings for proactive protection, mostly similar to the installation of the firewall.

The item "Run the program in Sandbox" makes it possible to launch a dubious application in a kind of sandbox. Working isolated in this protected area, a malicious program will not be able to harm the system:

The "Proactive Protection Settings" item opens up the operation mode of proactive protection. And, in short, let's go through these settings.

The "paranoid" mode implies paranoid suspicion of protection against any network activity. Protective protection will give an alert for each attempt to establish a connection.

In safe mode, protection applies policies installed by the user, and also permits the performance of applications that consider secure.

In the "Pure PC" mode, protection certainly trusts all the programs installed on the computer and requests permissions on connections only for newly installed applications.

"Training Mode". In this mode, protection does not give any alerts and monitors independently.

"Protection is disabled." In this mode, proactive protection is disabled. Disable protection is not worth it. Optimal decision There will be a security setting to a safe mode.

On the Miscellaneous tab are located additional settings Farvola. They can be viewed alone. Review, and so it turned out volumetric. The main thing is that Comodo Firewall, it is very reliable, flexible in management, Russian-speaking and free network screen. Comodo Firewall in a bundle with a good antivirus program will provide comfortable and safe work online.

In detail about work and choosing antivirus program We read.

The main modes of the firewall in the Advanced Settings window: The user set of rules when for all programs that do not have a network rule will be an alert, and the secure mode when trusted programs are allowed outgoing compounds. Details The procedure for applying rules. Additional, low-used modes: Full blocking when any network activity is supplied, regardless of the rules, and the learning mode in which any connections are allowed and automatically created by allowing rules.

The option "Create Rules for Safe Applications" is prescribed in "Safe Mode" not only to allow the network activity with trusted programs, but also automatically create rules for them. I do not recommend include, as well as. To work in the "Custom Rule Set" mode, this option does not affect.

If the option "Do not Show Alerts" is noted, then the selected action will be applied instead of alert: resolution or blocking. New rules will not be created. I recommend setting the "Do not show alert mode: block requests" after creating all the necessary rules.

If, when answering a notification, mark the "Remember My Choice" option in it, then the appropriate rule will be created. The option "The level of alerts" determines how detailed will be this rule. If, for example, set the "very low" level, the rule will allow or prohibit any network activity at once. I recommend the level "very high": then the rule will contain the IP address and port.

If the "Automatically detect private network" option is enabled on the Network Zones tab, then when connected to new network It will appear offering to specify its status. At the same time, a new entry will be created in the list of network zones, and in the case of the selection of the "home" or "working" network, the resolution will also be created for it. If simultaneously with this option included the option "Do not show alert, considering that the Internet connection location ...", then new records of network zones and allowing rules for them will be created automatically, without alerts. I recommend to disable both options: In this case, the connection will occur without warning and without creating new rules, i.e. The network will be silently perceived as "public."

When connected to unprotected Wi-Fi network Alerts arise with a proposal to use paid service TrustConnect. The show of these alerts is disabled with the corresponding option.

To control connections inside the computer (for example, to prohibit certain programs to the Internet via the local proxy server), you will need to note the "Enable Loopback Traffic Filter" option (I recommend).

To monitor connections on the IP protocol version, not only IPv4, but also IPv6 should be noted the option "Enable Filtering IPv6-Traffic" (I recommend).

The "Block Fragmented IP traffic" option protects against an attack based on the departure of the TCP packet, fragmented so much that it is not possible to determine its heading and accessory to the TCP session. I recommend to turn on.

The "Analyze Protocol" option prescribes to check each packet for compliance with the standards of the protocol, fake packages are blocked. I recommend to turn on.

Finally, the "Enable Arp-Script Protection" option protects the ARP table from changing the attacker, sending "Spontaneous ARP response" (response without request). I recommend to turn on.

Creation of firewall rules

Rules for applications

Normal order creation order for application:

open the "Rules for Application" tab, click "Add";
specify the application, it can be done different ways:
- press Overview → Files and specify the file;
- press Overview → Running processes and choose the application;
- press Overview and choose a group of files;
- directly in the "Name" field enter the path (or a template using characters * and? and environment variables);
set rules:
- either click "Use Rules Set" and select the desired set from the list;
- or click "Use your own set of rules" and add your own rules (you can copy any set);
press "OK" and arrange rules for applications using the Up / Down buttons.

When adding your own rule, you will need to specify:

action: "Allow", "Block", or "Ask";
direction: incoming (i.e., initiated remotely), outgoing (i.e., initiated on this computer) or any;
description: Text representing this rule; If you do not specify, the list of rules will be displayed detailed description;
address of departure and destination address;
protocol:
- IP, in this case, you can specify the protocol on the "IP Details" tab;
- ICMP, in this case, on the ICMP Details tab, you can specify the type and ICMP message;
- TCP and / or UDP, in this case you can specify the port of the source and the destination port;
option, whether to register network activity in the journal.

I will note that as an alternate IP address, but also a network zone, and many other objects, and you can also invert the option "Exclude" option can also be inverted. Similar to source / destination ports can be port sets, incl. Inverted. It should be borne in mind that the remote address for the outgoing connection is the "destination address", and the remote for the incoming is the "departure address"; Similarly with ports. Therefore, generally speaking, the simultaneous resolution of incoming and outgoing connections with any remote node is given by two rules:

one rule allows those incoming from the remote node to any address;
other permits outgoing from any address to this remote node.

When you specify a set of several rules, you should streamline them, taking into account that the priority has a rule located above.

Global Rules

Global rules determine the network activity of the computer as a whole, their restrictions take priority over the rules for applications. Bans specified in global rules are more effective than in the rules for applications. In particular, the global hide ports makes the computer invisible when trying to scan them.

There are pre-installed sets of global rules. The switching interface between them is represented as a choice of computer visibility mode on the network: "Block incoming connections" or "Notify about incoming connections" ( Main window → Tasks → Faervol tasks → Hide ports).

Selecting the "Incoming" mode removes the global prohibition of incoming compounds and places further control of the rules for applications. However, it is still safer than permissing only on certain ports and / or from certain networks, And the rest block. So, in the screenshot, a sample of global rules with minimal resolution of incoming connections required only for responses to ping requests from local networkOpening access from it to files, vision of network environment names and to work torrent client. There are approaches and for.

Creating your own global rules is made similarly, differs only by the lack of action to "ask."

Groups of Files, Network Zones, Port Sets and Rule Sets

You can reduce the set of one-type operations and achieve more visual presentation Rules, if you create your file groups, network zones, port sets and their rules sets.

File groups are formed on the tab File rating → File groupsIs it a named sets of ways of their templates using wildcard characters * and? and environment variables. For example, their use allows you to create rules for work and auto-updating Flash player or Java, since these processes change file names and temporarily created loaders are used. You can specify name templates without using file groups, however groups are preferable due to visibility, compactness, as well as the ability to assign restrictions of a certain kind simultaneously in different protection components. For example, you can start a "NoInternet" group, which will be simultaneously prohibited by direct Internet connections, DNS requests, use the BITS service, start a browser and access to its memory.

On the Rules Sets tab, you can see which rules are contained in the predefined firewall policies, as well as change these policies or create their own. In the future, you can assign these policies to applications: through the "Rules for Annexes" tab or through firewall alerts. I note that only those policies in which one specifically specified for this network activity is set to alerts will be offered: permission or prohibition. For example, if the application tries to contact the web server to port 80, then the policy will not be proposed in the alert. Mail client"But" web browser "politicians, FTP client, etc. - will be.

On the "Port Sets" tab, you can group any combination of ports to the named set, then use it in the rules as a port of sending or destination. When creating sets, you can combine single ports, port ranges, as well as their inversion.

The Network Zones tab has the following feature: it can not only group addresses in the named "zones" for their further use in the rules (as an address of sending or destination), but also set the status of these zones. So, if you create a zone, and then add it to the "Blocked zones" tab, then all connections will be blocked, regardless of the rules. In addition, the network zone can be noted by the status "network of shared access".

The procedure for applying firewall rules

When network activity is detected, first is checked, whether the remote address to any one belongs to any. If belongs, the connection blocked. If not - the consideration begins global Rules.

Global rules are visible from top to bottom. If the requested type of connection is the first to be detected by the rule with the action "Block", connection forbidden. If the appropriate rule is not or the first one is detected by the allowing rule - the consideration begins rules for applications.

When any program is trying to establish a connection (permitted by global rules), the list of applications and rules for them is viewed from top to bottom. At the first found coincidence (i.e. when will meet this program Or containing it group of programs and the requested type of connection) will be performed specified in the Rule: allow, block or show alert (If the "Do not show alerts" option is enabled in the setting, then instead of alert, the action specified in this option: resolution or blocking).

If there are no suitable in the list of firewall rules, the connection will be automatically enabled in the following cases:

when the firewall works in "Training mode" (in this case, the permitting rule will be created);
when the option "Do not show alerts: Allow requests" is enabled;
when the firewall works in "Safe Mode", the option "Do not show alerts" is disabled, and the program is trusted and implemented in a real environment;
when the firewall works in "Safe Mode", the program is a trusted and executed in a real environment, and the requested compound outgoing.

In other cases, an alert occurs or if the option "Do not show alerts: block requests" is enabled, the connection is prohibited.

In particular, I note that programs running virtually controlled by the firewall regardless of their rating. Therefore, even if the firewall operates in "Safe Mode," you will need to create permissive rules to use browsers.

It can be noted that with "safe mode" the firewall is somewhat illogical processes incoming Connections of trusted programs. Probably this bug.

Access to the resources of the local network

By default, there are no permits for obtaining information about a network environment, opening in the local network of sharing files, etc. These permissions are not needed if the network is used only to access the Internet.

Status of the "trusted network"

Permissions for the local network are the easiest way to be appointed by the status of "trusted". This can be done in different ways.

If the "Automatically detect new private network" option is enabled on the Network Zones tab, then when connecting to a new network, an alert occurs in which you want to specify your location. The status of "trusted" is appointed by choosing the options of "house" or "at work". This will create a pair of global rules that resolve any outgoing and any incoming connections with this network, and a pair of similar rules for the System process (System). When choosing the option "in a public place", new rules are not created.

If the detection of new networks is disabled or network previously assigned the status of "public", then you should open the "Network Management" window ( Main window → Tasks → Faervol Tasks), Mark the item "Trust Networks" and click "OK". The result will be similar to the previous one.

To return a neutral status back to the network, the easiest to mention the "Block Network" item in the Network Management window, and then open the tab in the Settings window Network zones → Blocked zones and delete this network From there.

There is a bug: when a network zone is not created for the active network and actually this network is processed as "public", then the "Truster" status will be indicated in the Network Management window for this network.

Attention! If you click the "OK" button in this window, then active network It will indeed become "trusted", i.e. A corresponding entry will appear in the list of network zones and the firewall rules will be created, allowing connections in this network. If the network confidence is not required, then the "Network Management" window should be closed by the "Cancel" button.

Example of permissions to access the local network

Install the confidence of the local network can be confirable only in the case of its full safety. Therefore, it is recommended to assign a network neutral status ("Public Place"), including, and then add the necessary permissions. Usually to access network resources In addition to the initially available rules, allow the SYSTEM process ("System") of the following incoming connections (everywhere "Departure Address" - Local Network):

UDP connections with a port of the source 137 and the destination port 137: so that you can access computers via NetBIOS names;
UDP connections with a source port 138 and a port of destination 138: To see the network environment;
TCP connections with a port of 445: to open sharing files.

In order to specify the "System" as an application when creating rules, you need to select it from running processes.

All these permissions must be duplicated in global rules. Also, they should allow incoming ICMPV4 connections sent from the local network with the Echo request message; This is not only necessary to respond to ping queries, but also to open sharing files. An example of a set of global rules.

Features of Firevol

Firewall Comodo does not control incoming loopback connections (but controls outgoing). Thus, when using a local proxy, it is enough to allow only outgoing Internet connections for a proxy server and outgoing in "Localhost" for a browser (while many other firewalls would still need to allow the incoming "Localhost" to proxy server).

Peculiarly arranged: if you specify a rule as an address domain name, CIS will find the minimum and maximum IP address for this name, and then all intermediate IP will be considered to be belonging to him.

The feature of the CIS 10 version, which can be called dignity, was to determine the identity of ICMP traffic with various applications. Former versions CIS (as well as, for example, Windows Firewall) perceived this traffic belonging to the SYSTEM process.

Content filter

The content-filter component restricts access to websites to their addresses. To determine the security of addresses, the Comodo updated lists are used, you can also specify custom lists. When you try to open a prohibited site, the user will see a page with a blocking message, as well as, depending on the setting, with the proposal to temporarily ignore the ban or put this site in exceptions.

Categories. Import custom lists

Lists of addresses or their (using characters * and?) Are called categories. Own category Comodo - "Secure Sites", "Phishing Sites" and "Malicious Sites". They are updated automatically, they cannot be viewed or modified. The remaining categories are available for changing the user - are set on the Content Filter tab\u003e "Categories". Initially, there is a category "exceptions", there are sites, excluded from blocking through alerts in the browser.

It makes sense to add categories with lists of malicious sites from other sources. Lists and Symantec WebSecurity are recommended. For the last one follows on the MalwarePatrol website.

To use an additional list, follows the "Categories" tab context menu Create a new empty category, and then import a list from the file. If you select the file, you must specify the list format, otherwise the content filter will work incorrectly (typical user error).

Record Format in Content Filter Categories

The recording in the form of a template covers the addresses, the whole corresponding to this template. For example, records * .example.com corresponds to the address http://test.example.com, but not http://test.example.com/404 and not http://example.com.

Recording without substitution symbols is identical to the template obtained by adding at its end of the symbol *. For example, the entries https://example.com and https: //example.com* are identical, they are consistent with the addresses https://example.com, https://example.com/404 and https: //example..Example .com. Thus, the record in the form of a domain name site also covers its catalogs, but not subdomains.

The designation of the HTTP protocol in the content filter is absence Protocol. For example, the records of the view Example.com will comprise the address http://example.com, but not https://example.com. Records of the type example.com/* corresponds to the address http://example.com/404. Attention! The address http://example.com does not match the entries http * example.com * and * / example.com *, i.e. At least part of the protocol specifying.

The HTTPS protocol is indicated explicitly either using templates. For example, the entries https://example.com correspond to the addresses https://example.com, https://example.com/404, etc. Entries * // Example.com corresponds to the address https://example.com, but not http://example.com and not https://example.com/404.

It should be said that the blocking of the HTTPS-pages content filter occurs without notifications and proposals to cancel the ban. Moreover, the blocking of HTTPS pages may not work, depending on the browser used.

So, suppose it is required to block the EXAMPLE.COM website at the same time for HTTP and HTTPS protocols, with catalogs, but without subdomains. To make it the most "sighting", we will make the 4 records in the blockable category:

example.co?
example.com/*
https://example.co?
https://example.com/2

(Using a sign? Instead of any letter prevents the symbol * by the end of the line.)

Alternatively, you can do the only view of the type of * example.com *, but then not only the required addresses will be blocked, but https://www.example.com/404, https: //myexample..common.html.

Content filter rules

Each content-filter rule contains a list of categories to which it applies, and a list of users or their groups indicating their restrictions. The interface change in the category list is obvious.

Users and their groups are added through the context menu in the "Limit" field: "Add"\u003e Advanced ... »\u003e Object Types\u003e Mark All\u003e OK\u003e Search\u003e Select need Record \u003e OK.

Usually, the "All" group is used as a user. If you want to set different restrictions from different users, it follows be sure to specify limitations for each of them.. Otherwise, it is possible that the user not specified in the rule will receive access to sites from the listed categories, even if there is another prohibiting rule.

According to, for Windows 8 and above, in each rule, you should add "all application packages" to the list of users ("All Application Packages") with the same limitations as users. Otherwise, the blocking will not work for Internet Explorer. 11.

For correct operation with exceptions from blocking, the "Allowed Sites" rule should be above the "Blocked Sites" rules.

optimally, with a minimum pop-ups alerts, quickly andconfigure yourself . The author's option of advanced settings of the program largely coincides with the International Comodo Forums recommended in the Russian part of the "CIS / CFP for beginners in firewalls"). Forum data can be visited by clicking on the "Miscellaneous" tab to "visit the Support Forum" tab. The only thing you will get to the main English-language page, so not to look for, here is straightlink On the Forum "In Russian / Russian". Useful information A lot of - those who wish, of course, can "eat". And I, for convenience, in points, I will start what promised.

Customize Comodo Firewall

1. At the beginning I propose to change the default gray-sad "face" Comodo Firewall on something more interesting. To do this, in the same tab "Miscellaneous" clamp "Settings"\u003e " Appearance"\u003e" Topic "by changing the top theme Comodo Default Normal on, say ,. Comodo Blue Normal and," Smoking ", moving on.

Comodo Personal Firewall Designed to protect PC users running Windows. It is extremely easy to appeal, provides all the necessary features and functions. The most important thing is that he "flies" even on the most low-power computers. Another important plus, especially for beginners, requires minimal user intervention.

Why use our firewall?

Comodo Firewall Pro presents a new stage of development in the field of computer security: Prohibition of blocking proven applications (DDP ™). What is DDP? Most security programs, support a list of well-known malware, and use this list to decide which files and applications should not access the PC. The problem is obvious here. What if there are no records in the list of malware, or not before the date? DDP eliminates this problem to ensure complete safety. Firewall References List of more than two million well-known PC-friendly applications. If the file that does not find in the safe list "knocks" on the computer in the "door", Firewall immediately warns about the possibility of attacking the harmful software. All this happens before malicious programs Infect computer. This is a security prevention, the only way to maintain complete safety.

Firewall functions:

Easy to understand informative alerts
No challenging configuration Questions Ideal for novice users
Many configuration options, let technye confuse everything as they like :)
DDP security, introformative for user and reliable for PC
Fast Adaptation of Users to Personalized Protection
Comfortable, attractive graphical interface

One of the first steps in providing a computer to load and activate the quality of the Firewall to reflect intrusions. Only this is free software Firewall has access to Comodo, a huge list of PC-Friendly applications, a "default prohibition" component

Comodo Firewall recognizes more than ten thousand diverse applications (secure, spyware, adware and other), which is a unique function inherent only to this firewall.
The main features of Comodo Firewall Pro
tracking of program components;
program behavior analyzer;
against protocols;
smart alerts;
integration in Windows Security Center;
protection against critical completion;
Protection during computer boot;
automatic update;
error report sending an interface;
Detailed magazine;
monitor compounds;
Program database - more than 13,000 programs with their safety risks.

Program Description can be found

Installing Comodo Personal Firewall Pro.
Download the program on the official website.

Attention! Be sure to remove the "tick" with "Install and do not put a" tick "" Install Comodo LivePC ... ".

Installation has been successfully completed! Restart the computer.

First start.
When rebooting a computer, Comodo Firewall will automatically replace the regular firewall from Windows. If after the first start you will not see any shortcuts on the desktop, simply reboot once again. The program needs to "teach" what programs you allow you to run and which is not. If you are an inexperienced user, I recommend "not clever" and allow everything (naturally reading the program recommendations), for example:

Put the "Training" mode. To do this, right-click the firewall icon on the panel (right at the bottom of the screen) and select "Firevol Mode", and then "Training".

Now all your actions will remember all your actions, and after training your actions will no longer be accompanied by the opening of windows to confirm permission.
You can familiarize yourself with the functions of the program. To do this, click 2 times with the mouse button on the program icon. It is not difficult to deal with her, but you can not delve. Just leave all settings without changes. Once again, the program requires only the minimum user intervention.

Leave your comment!

Baby Son came to his father, and asked Kroch:

- Whose protection is good, but whose is not very?

I have no secrets, listen guys.

Opinion on this score is public below.

In fact, the best firewall does not exist, just as it does not exist best Antivirusa Or browser - each computer user chooses its best software product for yourself.

Perhaps now many disappointed, but it is. Here is a huge number of users believe that Comodo Firewall - the best free firewall For Windows and I do not argue, but I have worked fine for several years ESET NOD32 with his defender, and after him worked Avast! Internet Security, also with a firewall ...

Excellent and powerful free firewall for Windows

I never had any complaints about their protection until I experienced the last complex firewall reliability program.

He failed the test and decided to change the firewall. The choice fell on the Comodo Firewall - it is tested for reliability and is naturally completely free.

Some nuances of installing it and settings I want to describe today.

Our whole life is to find anything. Search for money, fame, love ... better firewall or browser (folk wisdom).

The first question you may have about the size of the installer of this firewall, which is downloaded after launching the web installer - 202 MB! Why is such a wild size?

Because there is a whole bunch of unnecessary additions, even the browser shoved there.

I'll show you how to install one Comodo Firewall and then you can safely remove this gigantic installer. But you need to download anyway the entire file, by reference from the official site of manufacturers, which is above ...

I met on the network, somehow a long time, lightweight installation file. of this protective screen, without additions, but first - he was not official, and secondly - I lost a link 🙂.

Installing Comodo Firewall

Over time, program manufacturers change the interface of their creations, in every possible way improve them, add new features and remove unclaimed ... they have the right to it. In any case, the logic, purpose and spirit they always remain the same - repulscing from this review can be understood in any Ipostasis of software.

Here they are extra add-ons. Remove the checkboxes with them and go on ...

I already described you how to find yourself quick DNS servers So here - Comodo DNS servers are not only slow, but also frightened to the entire head.

Leaving the top jack. You will acquire yourself a headache - half of the sites will be blocked. I recommend left second dawk.

Be sure to go to "Set up installation" ...

Here it is, our relatives - how without Yandex !!!

Of course remove all the daws ...

Looking around and find out where we are. If you do not have your home LAN - I recommend clicking "I am in a public ... place."

Congratulations! You installed Comodo Firewall - the best free firewall for Windows.

Let's now throw it a little ...

Customizing Comodo Firewall

In fact, there are many configurations of the settings of this firerolla - they are littered with the Internet (here is one of them). You can configure the defender so much that sigh will not be able between its notifications, warnings and questions.

And you can convince him to work quietly and unobtrusively - you will decide, I will give only a few tips below ...

Go to the program settings ...

... And put all the daws in the extended settings (so many are advised on the network), but if you have problems with Internet access - remove the two bottoms.

Here you can disable the display of the widget on the desktop, if you do not need it ...

I left him, although I categorically do not like all sorts of widgets on the desktop. Slightly edited by clicking the right mouse button on the firewall icon in the tray ...

But the worst configuration of the firewall, which will turn it into a real reinforced concrete wall ...

Instead safe mode You can install ...

In this mode, get ready for a million questions from the defender for any reason. But check for reliability Now your Comodo Firewall will pass - 100%.

Questions from Firevol look like ...

You can put the box at the bottom of this window (remember ...) and simply allow execution. This is if you know a program that is trying to enter the network. You can still "process as" ...