Review: Comodo Internet Security Pro 5

September 18, 2010 – 12:56 by in Reviews Print Share 8 Comments
Overview
Manufacturer: Comodo Group
Price (RRP): $49.99
Best Price: $39.95
Platforms: Windows XP (32/ 64-bit), Windows Vista (32/ 64-bit), Windows 7 (32/ 64-bit)
Requirements: 210MB free hard drive space
Softwarecrew Rating:
 
More Product Images

The PC security world is a tough one. It’s hard to make your suite stand out from the crowd. Most vendors appear to believe that the answer is to cram in as many features as possible, but Comodo, interestingly, take a very different approach.

Buy Comodo Internet Security Pro 5 and you won’t get a Registry cleaner, for instance. There’s no password manager or disk cleanup tool, no parental controls, or even a spam filter. Instead the company have focused just on the security fundamentals: malware detection and removal, a firewall, intrusion detection, sandboxing and wifi encryption. But is this enough? Let’s see.

This simplicity perhaps helped with the installation process, which provided quick and easy, not even insisting on a reboot. We restarted our trial PC for safety, anyway, and after Windows had reloaded, Comodo Internet Security Pro 5 introduced itself to us with a flurry of pop-up warnings. Which was a slightly alarming way to say “hello”, but the news wasn’t quite as bad as it seemed.

Defense+

The component responsible for our alerts was Comodo’s Defense+. This is a “host intrusion prevention system” that allows only trusted processes to run uninterrupted on your PC, while monitoring everything else for suspicious behaviour and alerting you to potential problems.

While this sounds (and is) very useful, the warnings themselves aren’t exactly novice-friendly. We were variously told that “svchost.exe is trying to receive a connection from the internet”, another app was “trying to access a protected pseudo-COM interface” while a third was trying to set up a “global hook”, for instance. Suspect behaviour, or just ordinary software working as it always has? Even Windows experts might struggle to tell.

And the program also fails to recognise some very common files as “trusted”, for example warning us about the dubious nature of QuickTime’s QTTask.exe.

Still, this should improve, and quickly. One new feature in this release is that white listing of files and vendors is now cloud-based. As more people use the program, so the database of trusted files will increase, cutting down on false alarms and improving the reliability of these alerts.

And even without this, just like a regular firewall, Defense+ will question most applications only once. This will keep you busy for the first few minutes, as you run your major apps and respond to any Comodo pop-ups, but after that life soon settles down.

The system is a little noisy, then, but only because it’s looking out for you, which is no bad thing.

And if you’re still not happy then you can always reduce the Defense+ security level (there are four options available), tweak exactly what it monitors, or turn the system off altogether.

So while PC beginners are likely to panic at the initial warnings, they’re really just a result of the default settings. If the alerts don’t reduce to a level you find acceptable, then adjusting these should quickly create a quieter PC with the minimum of pop-ups, and that works for us.

Sandboxing and the Cloud

Defense+ isn’t just about watching the behaviour of programs. It’s also able to run unrecognised software in a sandbox, an isolated environment which reduces their security privileges, and allows them to write only to a virtual Registry and file system, making it extremely difficult for malware to infect you PC.

If you think this might also cause problems with some legitimate programs, then you’re right. Our standard test for these situations is to run an old copy of Paint Shop Pro 8, an entirely safe program but one that does some unusual things internally, and sure enough on launch it displayed a “Failed to update the System Registry” error message.

This type of issue shouldn’t crop up quite as often as it did, though, because Comodo has introduced a default “Partially Limited” isolation level in this version of Internet Security Pro. The company say this allows programs to access “all the Operating system files and resources like the clipboard”, improving compatibility.

And if you still run into difficulties then they’re easily fixed. Defense+ tracks all “unrecognised” applications, displaying them on request, and if you recognise a program that you know is safe then it can be moved to the Trusted Files list in just a few clicks.

You’re not left alone with these decisions, though, as Comodo Internet Security Pro 5 now includes both scanning and behaviour analysis in the cloud.

If you try to run a program that isn’t recognised ,then the program will automatically submit it to Comodo’s File Lookup server to see if it’s known to be safe, or dangerous. This is very quick, and means you get the protection of the very latest Comodo virus definitions, even if your local definitions are out of date.

And even better, these unrecognised files will also be transmitted to the Comodo Instant Malware Analysis (CIMA) server, where they’ll be run in an isolated environment and checked for the presence of malicious code. If the results are positive then your PC will be alerted, the file quarantined or deleted, and it’ll also be added to the known “dangerous” list, which means other Comodo users will be protected immediately with their cloud scanning.

And so the more people use the program, the more reliable it will become, and the quicker you’ll be alerted to even the very latest outbreaks. Which sounds like very good news to us.

Average Antivirus

Cloud-based antivirus scanning is all very well, but of course you’ll need to run local on-demand checks occasionally, too, and Comodo Internet Security Pro caters for that with a more traditional malware scanner.

Explorer integration means that, at the most basic, you can have any file or folder checked for threats by right-clicking it and selecting “Scan with COMODO Antivirus”.

You’re also able to run one of three default scan profiles: “Critical Areas” for speed, “My Computer” for thoroughness, on an enhanced “Spyware Scan” to quickly check for and remove signs of infection. And we do mean quickly: it concentrates on only the most commonly infected areas of your PC, which on our test system meant scanning 84,547 objects in a mere 81 seconds.

If this isn’t enough then you can create new scan profiles of your own, to scan whatever files and folders you like.

And of course there’s both real-time scanning, and the option to schedule scans whenever appropriate. These all work well enough, although we noticed that there’s no option here for scanning when your PC is idle, a convenient feature that’s increasingly appearing in other packages.

Scanning accuracy was only average, with the program detecting and removing 80% of our malware samples. However, Comodo Internet Security is more about preventing unknown malware from running or doing damage to your PC in the first place, so that isn’t the problem it might be with other packages.

Resource use was relatively high, however, with the various COMODO components using anything up to 240MB RAM. And while CPU use was generally around 4 or 5%, it spiked at over 40% on a couple of occasions. Our PC was noticeably slower while scans were running, and showed some lags at other times, too.

We don’t think any of this would cause great problems with most modern PCs, but if you’re thinking of running Comodo Internet Security Pro 5 on an underpowered system or laptop then be sure to check its performance with the trial version, first.

Configurable Firewall

The Internet Security Pro firewall recognised our network connections during installation, and set them up correctly, hiding our PC online while leaving it accessible to other systems on our local network.

The module also did a reasonable job of identifying the applications we were using, allowing most known safe apps online without displaying any pop-up alerts.

The firewall is also very configurable. This starts by choosing one of 5 security levels, ranging from “Disabled” to “Block all traffic”. And you can choose the frequency of alerts you’d like to receive, ranging from one per application, to alerts for incoming and outgoing requests, TCP and UDP protocols, every IP address and every port.

There are interesting abilities hidden away in the settings dialog, too. The program is able to perform protocol analysis, for instance, checking all incoming and outgoing packets to confirm that they look normal. It’s a welcome bonus feature but is turned off by default, perhaps because it will use quite a few system resources.

This isn’t the most unobtrusive firewall we’ve seen, then. Competitors like Norton Internet Security do a better job of minimising alerts, and figuring out what can (and really should not) be allowed to make and receive internet connections.

However, if you take just a few minutes to set up the firewall to suit your needs then it will do a good job of keeping you safe online.

Other features

Comodo Internet Security Pro 5 now also includes a Game Mode, which turns off Defense+ and firewall alerts, as well as suppressing resource-hungry tasks like scheduled scans or database updates. Which is good news, though spoiled a little by the fact that it doesn’t kick in automatically. You must instead enable it yourself from the COMODO system tray icon, disabling it again when you’re done, which apart from being a minor hassle also means there’s at least a chance you might forget to turn your security back on.

You also get access to TrustConnect, a VPN service that will encrypt your internet traffic, perfect for accessing the web from wireless hotspots.

Comodo provide Secure DNS servers, which now block known malware sites, an important development as Internet Security Pro didn’t until now have any other form of browsing protection.

And you can still benefit from Comodo’s excellent Live Support. If you’ve a problem setting up the program, removing malware or resolving a network issue, then one click on the Get Live Support issue will launch a chat tool where an expert will talk you through the problem. When we tried this with a network issue, “Peter” responded within seconds, listened to our query and provided an intelligent answer immediately. Which sure beats the emails and support forums you might have to go through with other suites.

Thoughts

As we pointed out earlier, then, this isn’t the most complete of security suites. There’s no spam filter, no parental controls, no online backup or identity theft protection (though the last two are available in the Comodo Internet Security Complete 2011).

And this emphasises the fact that Comodo Internet Security Pro 5 won’t be suitable for total PC beginners, even with the excellent support. There are too many alerts, there’s too much configuration required to make the program run as you’d like.

There’s a vast amount of protective power in Defense+ and the sandbox, though, now greatly enhanced with the new cloud features. Even if you happen to run a brand new, previously undiscovered threat, the chances are that you’ll remain safe, and that’s a benefit worth having. New goodies like active DNS protection are also welcome, and if the Live Support helps you solve one big issue a year then it could be worth the subscription all on its own.

So, if you’re tired of overweight security suites, looking for something a little focused, and are happy to spend 10 minutes setting things up, then you’ll discover there’s a lot to like about Comodo Internet Security Pro 5.

But if you’re sure you won’t need TrustConnect or Live Support, then keep in mind that Comodo Internet Security Premium is still available for free, amazingly – one of the best security bargains around.

Related Posts Plugin for WordPress, Blogger...

Verdict:
While it can be intimidating to PC novices, Comodo Internet Security Pro does a great job of preventing malware from damaging your PC. Check out the trial and find out more for yourself
We Like:
Powerful intrusion detection system; fast and extended spyware scan; new cloud-based service; feature-packed firewall; improved sandbox; game mode; highly configurable; VPN service; secure DNS blocks known malware sites; fabulous Live support
We Don't Like:
Can initially display many complex alerts; average malware detection; resource use occasionally high; no automatic game mode detection; no "scan when PC is idle" option
Softwarecrew Rating:
 

8 Comments »

  • Dwight says:

    Hello,

    Have been using free version of this software for some time now (having briefly used their earlier version) and have the following observations-

    PROS-
    1. Zippy & responsive GUI. Saving new settings takes up few seconds.
    2. Secure DNS auto blocks certain suspicious visited websites
    3. Effective firewall & notifications (improved over earlier version 3& 4)

    CONS-
    1. The application crashed couple of times when I opted to “Always Sandbox” few programs
    2. Consumes a huge CPU resource (20-25% at an instance and average CPU of 12-15%)when you surf on the net. This is huge resource hog on the system considering an i5 430 Intel CPU.
    3. Fails to sometimes log Defense+ events (sporadic)
    4. Anti virus shows enormous amounts of false positives and lists it in the log so the program had to be switched off. Had to use Avast AV Free version.
    5. Complicated set up process
    6. Still auto sandboxes many legitimate softwares (has a pop up notification with option not to sandbox the next time)
    7. Does not auto update anti virus defenitions OR Defense+/Firewall. Antivirus defenition Auto update only works when you opt to manually scan the system
    8. Sandboxed IE/Opera/Mozilla browsers run relatively slow than the regular mode under “Normal” priority. Speed improves if the software priority is set to “Real time” or “High”

    Trust that is it for now. May opt out of this one for Norton Internet Security 2011 which I consider one of the top performing softwares for now.

  • Collins says:

    “Trust that is it for now. May opt out of this one for Norton Internet Security 2011 which I consider one of the top performing softwares for now.”

    You were kidding, right? Please tell me you were.

  • Chris Wiles says:

    Don’t underestimate Norton Internet Security 2011. It’s superb. I use it myself. Norton lost their way for a while (2008, 2009), their 2010 product was back on form, 2011 built on that.

    Chris.

  • RAMY says:

    Comodo Internet Security Pro 2011

  • RAMY says:

    Trust that is it for now. May opt out of this one for Norton Internet Security 2011 which I consider one of the top performing softwares for now.”

    You were kidding, right? Please tell me you were.

  • Chris Wiles says:

    Take a look at this roundup of all A/V tests through 2010:

    http://www.wilderssecurity.com/showthread.php?t=291821

    Norton, F-Secure, Avira and G-Data are up at the top, whilst Trend, AVG, PC Tools and McAfee are down the bottom.

  • truthmonger says:

    Commodo’s A/V is weak and annoying. Their firewall is OK but its NOT for beginners..in fact it will tax the patience of even serious control freaks. I’m amazed to find myself agreeing, but..Norton Internet Security 2011 is pretty darn good. They’ve really redeemed themselves on the consumer side, and its very competitive on price. Simple, requires almost no configuring for 99% of users and actually has very good detection. My biggest complaints are with scheduling: for scans its buried under “scan now”, which seems fairly illogical. Then there’s the total inability to schedule updates at custom intervals. I’ve noticed that most A/Vs are doing away with this for some unknown reason, and its annoying. Other than these gripes its a very solid choice. As for Symantec’s enterprise anti-malware, well…that’s a different story. Its a nightmare for sysadmins. Another fantastic product is Malwarebytes Anti-Malware. The free version is limited like AVG and similar offerings, but the difference is..it finds just about everything. Seriously, its a great second (or first!) line of defense in addition to another product. I learned long ago to never rely on a single security program, though you sometimes have to do a little extra configuring to make them get along.

  • mark1vm says:

    I also have to agree with above statement.I also think comodo is going in the right direction.But have to work out some glitches.
    1. It Is a big program to install 135mg
    2.thier sand box is okay but when you put a program doen as safe or trusted it only come back to sandbox,even when safe.
    3.thier firewall log events will not show events if you clear logs.
    but if they fix thier sandbox and make it samller install I think I will try again in the future.