Comodo Free FirewallVersion 2.4
It’s Free. Forever. No Catch. No Kidding
The Award-Winning Comodo Firewall Pro
- PC Magazine Online’s Editor’s Choice
- Secures against internal and external attacks
- Blocks internet access to malicious Trojan programs
- Safeguards your Personal data against theft
- Delivers total end-point security for Personal Computers and Networks
Install now for out-of-the-box protection against identity theft hackers, Trojans, scripts and other unknown threats
Yesterday I decided to upgrade my Trend Micro SMB software to version 3.6. While I was at it I decided to give their firewall another tryout. I was using Microsoft’s firewall so there must be something better. Within a few minutes I remembered why I was not using Trend’s firewall. Microsoft’s firewall is much easier to configure. If you have a bunch of exceptions to the rule, Trend Micro’s firewall is best forgotten.
Since I knew that there had to be a better firewall out there, I started looking around. Zonealarm is the traditional favorite. Comodo has a nice firewall that received some nice reviews recently and it is free, so I decided to give it a try. Since the online threats have morphed over the years I wanted a firewall that was easy and flexible to configure, have some built-in monitoring, and incorporate some application level filtering. The old port blocking firewalls are not very adept at catching the new online threats which take advantage of ports that are normally open(e.g. http-port80). It takes some application level filtering to catch the new threats. Comodo’s application level functionality reminded me of Microsoft’s ISA firewall. Microsoft’s ISA is a more robust product but Comodo’s application filtering looks pretty good.
Downloading and installing the program was easy. Configuring the program took me a lot longer since my laptop has an Apache web server, a FTP server, a MYSQL server, a Subversion server, and a VMware server on it and I wanted to restrict the access to these servers. The firewall will prompt you to add rules for specific programs. You can use the rules that the firewall creates but they were too general for me. So I changed them to be more specific. I restricted the ports and destinations available in each rule. My servers are for testing and development so there is no need to expose them to the world. Along the way I found out that I have a lot of chatty programs I have been ignoring and Google Desktop is the biggest culprit. It is amazing how many programs have to call home.
So far I have been impressed with the firewall. Its got great flexibility and monitoring capability. This is a nice addition to a layered approach to security.