Now that you have fully installed COMODO Antivirus Free, you will begin to see a number of COMODO Firewall Alerts appear above your task bar. These alerts are triggered when unrecognized connections to and from your computer to an outside network (such as the internet) are detected by COMODO Firewall. More than simply alerting you to a potential threat, these Firewall Alerts also give you a variety of options with which to deal with the unrecognized connections, giving you full control of what programs are allowed to connect to outside networks. To better understand these alerts and their uses, here is a breakdown of the options available within the COMODO Firewall Alert System:
(Note: For those who have installed COMODO’s Defense+ system, these alerts will look familiar at first glance. However, there are a number of options and informational dialogs which are unique to the COMODO Firewall Alert system, and as such should be analyzed just as carefully, if not more so, as a new Defense+ Alert.)
1. Alert Types – Informs you of which program is generating the on screen Alert (e.g. “COMODO Firewall Alert,” “COMODO Defense+ Alert,” etc.)
2. Alert Severity / Trigger Information – Most alerts initiated by COMODO Firewall will be considered to be a “Medium Severity” risk to your computer, signified by the yellow orange Alert Severity bar colors. Lower and higher risk alerts are signified by green and red colored bars respectively.
Within the Alert Severity bar you will also find a quick explanation of why the firewall alert has been triggered (i.e. program!.exe is trying to connect to 255.255.255.255)
3. Offending Application Information – Displays the following information about the application which has triggered the firewall alert:
“Application” – The program name, as it is installed on your computer / detected by COMODO: i.e. The Firefox web browser is known to your computer as “firefox.exe.” Many programs are installed with easy to references names (e.g. Word.exe, Acrobat.exe, iTunes.exe, etc.) however, you may occasionally come across a program with an unrecognized name. For further hints on what this program may be, click on the underlined program name (“frefox.exe”) to pop open a dialog containing expanded file information.
“Remote:” and “Port:” – Identifies the IP address and port number involved in the suspect network communication. These settings are typically used for more advanced technical troubleshooting.
4. “Security Considerations” – Displays an expanded explanation of what has caused the firewall alert, why the activity is suspect, and/or recommendations as to how to handle the suspect activity.
5. Standard Alert Resolution Options – COMODO Firewall Alerts will provide you with two options to handle the suspect network communication:
“Allow” – Allows the program in question (found in #3 above) to continue with the suspect network communications.
“Block” – Blocks the program in question from performing the suspect network communications.
Pressing either button will allow or block network communication for one time only. If, after taking all of the above information into consideration, you wish to permanently allow or block the programs’ network communication in question, check the “Remember my answer” checkbox to have any future network communication matching the criteria in the alert allowed or blocked as needed.
6. Advanced Alert Resolution Options
While the Standard Alert Resolution Options will resolve most common firewall alerts (such as connections initiated by Internet Explorer or Windows Update,) some alerts would be better resolved by using the advanced option found after clicking “More Options.”
Once clicked, “More Options” will replace the “Allow” and “Block” buttons with radial button selections, and add a third option:
“Treat this application as” – This option allows you to select from a pre-defined list of common program types and associated behaviors:
“Web Browser” – If the program in question requires near constant network communication over the internet (e.g. Internet Explorer or Firefox,) select this option.
“Email Client” – If the program in question is needs access to email specific network communications (e.g. Outlook or Thunderbird,) select this option.
“Ftp Client” – If the program in question is used to help create websites (e.g. Dreamweaver or Filezilla,) select this option.
“Trusted Application” – Select this option only if you fully trust the program in question to always communicate with only trusted outside networks.
“Blocked Application” – Select this option if you do not trust the program in question and/or the network communications it may initiate.
“Outgoing Only” – If you trust the program in question to send data from your computer to outside networks, but not to receive data in return, select this option.
Once you have selected your Advanced Alert Resolution Options, click the “OK” button to apply your settings.
Coming Soon in Part 3: Basic-Intermediate Firewall Settings!