Friday, February 1, 2013

Comodo Internet Security Premium (2013)


It's not hard to find free firewall protection, or free antivirus, but a free security suite that combines both is a rare bird. Comodo Internet Security Premium (2013) is one such. In addition to firewall and antivirus protection, it offers some interesting bonus features including sandboxing, a secure DNS replacement, and a Comodo-themed browser.

Like the standalone Comodo Antivirus, this suite has gotten a serious makeover for 2013. It main window, previously a bit busy, now focuses on a big security status icon and a rectangular landing zone. It looks almost the same as the firewall. The main difference is that dropping a program onto the landing zone scans it for malware, while in the firewall doing so runs the program within the sandbox.

If you want to know more about security status than just "it's green," you can click the Tasks link. This visibly "flips" the main window, revealing tasks arranged in four groups: General, Firewall, Sandbox, and Advanced. A few essential tasks, including scanning for malware, get their own buttons on the main window.

Functional Firewall
The firewall protection in Comodo Internet Security is exactly the same as what's found in Comodo Firewall (2013). Do please read that review. I'll summarize here.

The firewall stealths all ports, making your system invisible to outside attack. It automatically configures Internet access permission for trusted programs. When it encounters an unknown program trying to access the Internet, it asks you, the user, whether to allow it. As with Outpost Security Suite Pro 8, in addition to allowing or denying the connection you can choose a functional preset like Web browser or email client.

The dozen leak test program I tested slipped right past the firewall's program control, but the Behavior Blocker detected suspicious activity in every case. Even so, some of them managed to make an Internet connection.

Like ZoneAlarm Free Antivirus + Firewall, Comodo didn't detect any of the thirty exploits I threw at it. Unlike ZoneAlarm, it caved to some of my direct attack techniques. The firewall could use a little toughening up.

Other Shared Features
The Behavior Blocker, turned off by default in the standalone firewall, blocks access to critical system areas and offers to run suspicious programs in the sandbox as "partially limited." This restricts the program's ability to make permanent changes to the system.

In previous years, Comodo's behavior-based detection system generated a deluge of popups color-coded red, orange, yellow, and green. With the 2013 remodel, the popups are both fewer and less garish. However, just as in previous years, both good and bad programs get slapped down by Behavior Blocker.

I tried to install twenty older PCMag utilities and noted Comodo's reaction. In all but two cases it found the installer suspicious and offers to sandbox it. Five installers thus treated failed utterly, and most of the rest ran into problems saving files, registering DLLs, or updating the Registry. Only seven managed to install and run correctly. If you're totally sure a program is valid, don't let the Behavior Blocker sandbox it.

Comodo re-routes your system's DNS lookup through Comodo Secure DNS to protect against pharming and other DNS-based attacks. Secure DNS also aims to steer you away from malicious or fraudulent websites. However, in testing it hardly blocked any phishing sites, with a detection rate 91 percentage points below Norton's and 47 percent below Internet Explorer 8 alone. See the article How We Test Antiphishing for a full explanation of my antiphishing test.

Related Story

Comodo's Dragon browser, installed with the suite, is a hardened version of Chrome. Dragon adds a couple of handy button that let you evaluate the safety of the current page or easily share it on social media sites.

The optional desktop widget keeps you apprised of security status and offers links to launch your browsers in the sandbox. A sandboxed program can't make permanent changes to the system, so even if you're hit by a drive-by download or other malicious website, your system remains safe. For desired changes, like legitimate downloaded files, Comodo provides a shared folder that's accessible both inside the sandbox and out. A green border around sandboxed program windows serves as a reminder.

For even more security, you can invoke the Virtual Kiosk, a fully sandboxed and isolated environment. You can leave the Kiosk and re-enter it with your virtualized changes intact, or wipe it back to its initial state if you suspect a problem. As noted, all of these features are also found in the standalone free Comodo Firewall.

Source: http://feedproxy.google.com/~r/ziffdavis/pcmag/~3/z_YYhxq4uDQ/0,2817,2414905,00.asp

jason varitek andrew breitbart dead sheriff joe arpaio limbaugh aaron smith wilt chamberlain joe arpaio

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.