Jump to content

Closest to Comodo Firewall proactive mode


Recommended Posts

  • Most Valued Members

Have no idea what Comodo proactive mode is , but using Eset on interactive mode and learning rules manually as you go along is probably a similar solution ?

Link to comment
Share on other sites

COMODO - Proactive Security - This configuration turns CIS into the ultimate protection machine. All possible protections are activated and all critical COM interfaces and files are protected. During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration. If selected, Firewall is always set to Safe mode. But according to the malware scanning results performed during the setup process, if no malware is found, HIPS is set to Clean PC mode. Otherwise, the default is Safe mode.

Clean PC Mode: From the time you set the slider to 'Clean PC Mode', Defense+ learns the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards HIPS alerts the user whenever a new, unrecognized application is being installed. In this mode, the files in 'Unrecognized Files' are excluded from being considered as clean and are monitored and controlled.

Safe Mode: While monitoring critical system activity, Defense+ automatically learns the activity of executables and applications certified as 'Safe' by Comodo. It also automatically creates 'Allow' rules these activities, if the checkbox 'Create rules for safe applications' is selected. For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run. Should you choose, you can add that new application to the safe list by choosing 'Treat this application as a Trusted Application' at the alert. This instructs the Defense+ not to generate an alert the next time it runs. If your machine is not new or known to be free of malware and other threats as in 'Clean PC Mode' then 'Safe Mode' is recommended setting for most users - combining the highest levels of security with an easy-to-manage number of HIPS alerts.

 

In Eset, the equal to "Clean PC" mode is to set the Eset HIPS to training mode for a certain period of time after first performing a full system AV scan. Default period is 14 days. After training period has elapsed, you would switch the HIPS to interactive mode.

 

There is no equal to "Safe Mode" in Eset. HIPS has default rules for both "Auto" and "Smart" modes that primarily are used to protect critical system areas from unwanted modification activities typically performed by malware. The Eset HIPS will not auto create user HIPS rules for "Trusted Applications" and generate HIPS alerts upon execution of anything else. Rather Eset will auto allow limited process activities based on application trust status using both LiveGrid and local blacklisting reputation determination. The HIPS can also auto detect exploit like activities and post execution malicious process memory modification.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...