Security for Everyone - Reviewing Comodo Internet Security Pro 2012

By Ciprian Adrian Rusen on 01/17/2012

Comodo is a company famous for its free security products and especially for their firewall technology. They also provide commercial versions of their products, which have more built-in security features than the free ones. One of their top products is Comodo Internet Security Pro 2012, which we chose to cover in today’s review. If you want to know how each protection module fares, don’t hesitate to read this review.

First Impressions

I downloaded the trial version of Comodo Internet Security Pro 2012 without much fuss. No information was collected prior to the download and only my e-mail was requested as an optional personal information input, during the installation. The installer is downloaded directly from the official website and its size is of 81.8MB.

When you start the installer, you are asked to make a very important decision: to change (or not) the DNS servers used by your computer with the COMODO SecureDNS servers. This decision is critical to the way Comodo protects you when browsing the Internet. Therefore read more about it in the Integration with Windows section.

Comodo Internet Security Pro 2012

I allowed the DNS change to be made and continued with the installation. If you don’t click Customize Installer, you get two additional applications, with the security suite:

Comodo Geekbuddy - this application provides direct tech support services via a chat window which is easily accessible. However, this application is not included in your license of Comodo Internet Security Pro 2012. It is a separate application, with additional cost which provides no value to you unless you purchase a license for it and activate it.
Comodo Dragon - it is a free web browser, created by Comodo based on the Chromium project. This browser removes the user tracking present in Google Chrome and adds a few security features you might be interested in. For a complete description of what it adds and removes versus Google Chrome, read this article: Comodo Dragon (web browser).

Considering the additional cost, most users won’t want to get Comodo Geekbuddy installed. Therefore, it is best to go for a custom installation instead of the default one.

Once the product is installed, users are immediately asked to select the type of network they are connected to. The available choices are similar to the network locations from Windows 7. Make sure you select the appropriate location, as it changes the way the Comodo Firewall is configured. Another reason is that changing the network location later on, can be a difficult task. More details about this in the Ease of Use & Configuration section.

Comodo Internet Security Pro 2012

Comodo Internet Security Pro 2012 updates itself immediately and makes a complete scan of your computer. This behavior is good as it means your system is secured as soon as possible. However, the first update is big (96.8MB) and slow to download, especially if you are not based in the US. You need to arm yourself with a bit of patience. It is a pity that Comodo did not refresh the installers found on their download page with newer versions, so that you don’t need to download such a big update as soon as you install the suite. Also, the complete scan takes quite a long time to finish. Therefore, you need be patient once again. Luckily, the scan can be stopped if you find it takes too long and make a manual quick scan instead (called Smart Scan).

Even though Comodo Internet Security Pro 2012 does not aggressively recommend a restart after its installation and it can function without one, it is best that you reboot your computer so that all its files are updated correctly.

Comodo Internet Security Pro 2012

After the reboot, you get a prompt to purchase the full version. I appreciated very much the fact that you can set that prompt to never be displayed again, until you trial expires. It is good to see a security vendor providing such a friendly option.

All-in-all, the first impression was positive. I was not annoyed by lots of prompts and the installation went smoothly, without any personal information being collected. The only downside was the long time it took for Comodo to update itself and scan my computer.

Integration with Windows

I am happy to report that Comodo Internet Security Pro 2012 is well integrated with Windows 7 and all its important security and networking features. It disables the Windows Firewall and Windows Defender so that there are no conflicts, nor any performance impact as a result of running more security products at the same time.

Networking features in Windows 7 work well if you select select the appropriate network zone, when asked. The impact on boot timings was 13 seconds on my computer, which makes it average compared to other security suites. If you make a default installation of Comodo Internet Security Pro 2012, all its running processes use up to 54MB RAM, which is pretty light. The sad part is that almost half of it is consumed by Comodo Geekbuddy, a product you might want to use. If you make a custom install and choose not to install Comodo Geekbuddy, you can further reduce the amount of consumed memory, making Comodo Internet Security Pro 2012 an incredibly light suite with very low memory use.

Another aspect I appreciated is the fact that Comodo Internet Security Pro 2012 protects its services well. I was able to kill only the process used by Comodo Geekbuddy, which is not important to securing your system. All other processes were well protected from termination.

When it comes to integration with all major web browers (Internet Explorer, Firefox and Google Chrome), things get blurry. Comodo Internet Security Pro 2012 as a security suite does not offer any special web browsing protection. It only scans the files you download. You don’t get phishing protection and the website you visit are not actively scanned or checked for malware. However, at the very first installation step, if you chose to change your DNS servers to COMODO SecureDNS servers, then you get some protection from the Comodo DNS servers. They have an updated blacklist with some of the web’s malicious websites. When accessing malicious websites found in their list, your access is blocked and you are informed about the threat they pose.

Comodo Internet Security Pro 2012

However, this blacklist is not very extensive and I was able to visit quite a few malicious websites. On the positive side though, Comodo Internet Security Pro 2012 did detect and remove all the malicious files that were downloaded to my computer.

I hoped that the Comodo Dragon browser included with the security suite would provide a lot more added security. However, this is not the case.

Comodo Internet Security Pro 2012

This browser only checks the relative strength of a website's SSL certificate (when browsing sites which use encryption and the https protocol) and provides a button for scanning the website loaded in the active tab. This is useful but doesn’t compare with the additional security features provided by other vendors.

One last integration aspect I would like to cover is the uninstall functionality being provided. The default installation installs three products. Unfortunately there is no “one uninstall" for all three. When uninstalling Comodo Internet Security Pro 2012, make sure to remove the other two applications: Comodo Dragon and Comodo Geekbuddy, unless you plan on using them.

Ease of Use & Configuration

The main interface of Comodo Internet Security Pro 2012 is nicely structured and understandable. The different configuration options available are placed where you would expect them to be.

If you want to run a scan for malware, you can choose between My Computer and Smart Scan. Unfortunately it is hard to tell the difference between them, as these scans’ profiles cannot be viewed or edited.

Comodo Internet Security Pro 2012

However, there is a pretty big difference in scanning speed between them. Most probably, the Smart Scan scans only your computer’s memory and critical places where malware tends to attack your system and store data and files. You can also create your own custom scanning profiles and use them.

Adding exclusions for places you don’t want scanned for malware is easy. However, by default, Comodo Internet Security Pro 2012 is configured not to scan the Recycle Bin. I think this choice is debatable as you want to make sure any infected files stored there are deleted. The files stored in the Recycle Bin still exist on your computer and are not really deleted until you empty the Recycle Bin. While this can be debatable, I feel much safer to eliminate this location from the list of exclusions.

Comodo Internet Security Pro 2012

When it comes to scheduled scans, there are two full computer scans scheduled per week. Considering how much time it takes for a scan to complete (more details in the Antivirus section), I found this to be too much. I preferred to change one of the scans and make it a Smart Scan. If you want to, you have plenty of options for scheduling your own scans. That’s great for all the geeks who want a security suite to run their way and not just the default way.

However, I did find a troubling aspect regarding the way both scheduled and manual scans are configured. As you can see in the screenshot below, these scans are not set to automatically clean threats found during scanning. However, threats can be removed once the scan is finished. What’s bad though is that cloud scanning and rootkit scanning are not enabled. This poses big problems as it means your computer is not properly secured. Rootkits are a real threat in modern day computing. Also, cloud scanning takes applications that are unrecognized by the local safe list installed with Comodo Internet Security Pro 2012 and checks them against the cloud. If found safe, they will no longer be added to the sandbox, allowing the user to run them without any warnings and issues.

Comodo Internet Security Pro 2012

Most probably Comodo chose to disable these security features due to their impact on the scanning speed. However, I find this trade-off dangerous and not in the best interest of users. I recommend all Comodo users enable these features, both for Scheduled Scanning and Manual Scanning (which has these options disabled as well).

When it comes to configuration, Comodo Internet Security Pro 2012 offers all the advanced configuration you dream of having. You have granular settings for all its protection modules and especially for the firewall.

Unfortunately, I had a hard time understanding the options found in Computer Security Policy (for the Defence+ module) and the Network Security Policy (for the Firewall module). I found myself needing to read the help documentation in detail in order to understand everything. Novices will surely be intimidated by these settings and choose not to fiddle with them.

Another problem I discovered is the fact that you cannot easily change the zone assigned to a network. If you made the wrong choice when asked by Comodo about the network you are connected to, it is hard to change the zone later. The only way I could do it, was to disconnect from the network, remove it from the Home zone, defined in the Firewall -> Network Security Policy -> Network Zones window and then connect again to the network. Comodo Internet Security Pro 2012 asked me again about the zone I want applied to the network and only then I was able to change it. This is complicated even for more technical users.

Regarding help and support, unless you choose to pay for Comodo Geekbuddy, your only options are the Help website and the Support Forums. Luckily, they can be accessed with ease, from the main interface of Comodo Internet Security Pro 2012.

Comodo Internet Security Pro 2012

Reporting is done by Comodo Internet Security Pro 2012 through the use of very detailed logs for each protection module. These logs have information about every important activity taking place on your computer and will be enjoyed by users who prefer detailed information about what’s going on with their systems.

Comodo Internet Security Pro 2012

When it comes to alerts, Comodo Internet Security Pro 2012 displays few of them. The Antivirus alerts you only when threats are detected, the Defender+ module informs you when an unknown application is being run, while the Firewall is sitting quiet, not showing alerts even when it blocks computers from accessing your system.

Comodo Internet Security Pro 2012

Even though I tried, I was not able to make it show any messages. However, everything was recorded in detail in the log files.

All the alerts where generally easy to understand and contained links to get more information, when needed.

Firewall

The protection offered by the Comodo Firewall depends a lot on the zone assigned to a network. Therefore I would like to reinforce the fact that you should make an informed choice when being asked what zone to assign.

Also, when connecting to public Internet spots, Comodo Internet Security Pro 2012 asks if you want to secure communication via their TrustConnect technology, which encrypts communication so that it cannot be scanned or spied.

Comodo Internet Security Pro 2012

Unfortunately this technology is included only with the more expensive Comodo Internet Security Complete 2012. Users of other products have to pay an additional fee to get this technology. In the end, this prompt is only an attempt to sell more software to the user. If you are not into paying more money, your only choice is to check the box which says "Do not show me this alert again" and select "Continue Unsecured".

To test the effectiveness of a firewall, I also make scans with Nmap and Nessus. When using the Home zone for a network, they revealed that my computer had 13 open ports (all with a low impact on security) and that the MAC address of my computer and the exact version of the operating system was identified. This is a pretty average result, even when compared to the Windows Firewall, which had better results.

When switching to the Public zone though, Comodo Internet Security Pro 2012 closed all the ports on my computer and only the MAC address was identifiable. This is a great improvement.

Antivirus and Antispyware Features

Other reviews of Comodo mention the fact that its antivirus is not that great at protecting your computer. I think this is, in part, a direct results of its poor default configuration which doesn’t enable important protection features (rootkit and cloud scanning). I made all my tests with all these missing features enabled and I was mostly pleased with its detection rate.

When inserting an infected USB memory stick, Comodo Internet Security Pro 2012 scanned it as soon as I opened it and quickly identified and removed (or quarantined) all the infected files. Also, the infected files I downloaded from the Internet were removed as soon as their download was finished.

Comodo Internet Security Pro 2012

While testing the antivirus module, I found strange, the way Comodo names viruses. Many have weird names such as "#2a15p98zknt91". This is very geeky and it might not be appreciated by casual users.

Another big weak spot of the Comodo Antivirus is its very slow scanning speed. I use the same system for my tests and scanning a Windows 7 operating system installed on a 30 GB partition took up to 23 minutes. This makes it the slowest antivirus scanner I have used in the last year.

Regarding what others have to say about Comodo Internet Security Pro 2012, unfortunately there’s little information. AV Comparatives did not test Comodo products, while AV-TEST tested an older version and awarded a very average score of 4 out 6 for the protection it provides. Also, Virus Bulletin awarded a 80%+ score for its reactive detection and 60%+ for its proactive detection. This places Comodo in the lower half of the list with top security suites.

Verdict

Despite the popularity of Comodo security products (especially the free ones provided by this company), I cannot give them our ultimate badge of "Buy for Everyone!". Comodo Internet Security Pro 2012 is an average product which is penalized by the poor default configuration of the antivirus module, long scanning speed and lack of protection features designed for web browsing. The firewall module, even though praised by some people, provides average protection. Also, some of its features can be complicated to configure by the casual user.
Comodo Internet Security Pro 2012 works well only for more technical users who can improve its default configuration, compensate for some of its protection shortcomings and which enjoy its detailed advanced configuration options.

Purchasing Options

Comodo Internet Security Pro 2012 is not found on Amazon. You can purchase it only from its official webpage.

The Best Internet Security Suites of 2011-2012
Security for Everyone - How We Review Products

Discover more:

Reviews

Security for Everyone

Comments

by SRaul on 01/20/2012 - 21:32

"When it comes to integration with all major web browers (Internet Explorer, Firefox and Google Chrome), things get blurry. Comodo Internet Security Pro 2012 as a security suite does not offer any special web browsing protection."
-- No I beg to disagree there. CIS has a D+ sandbox that can be configured to be used with browsers. Though not a virtualization app/tool like Sandboxie/GesWall etc, it does offer protection for the browser. See here:

http://forums.comodo.com/defense-sandbox-faq-cis/what-sort-of-protection...

CIS is not an "install and leave app" but it can be configured to be more than it seems. As with all applications user-input is needed to effectively use the full potential of it. User interaction with the proper support is also vital. Firewall is much better than KIS 2012 firewall. Always had full stealth/TruStealth GRC/PCFlank with CIS with a dial-up and router. Never an open port but that's just me. Just my two cents.

by Ciprian Adrian Rusen on 01/21/2012 - 13:41

Having a sandbox that works with browsers doesn't mean it offers a good level of integration and live scanning of the websites you are visiting.
The whole process you posted the link for is cumbersome and not designed for casual users. I think our verdict is very appropriate for this security suite. Comodo Internet Security is not for everyone. Especially not for casual users with little technical & security knowledge.

by SRaul on 01/21/2012 - 22:38

"Having a sandbox that works".....Malware or any danger/vulnerability stays inside the sandbox until you delete the contents. It will not go beyond the system if properly configured. Seems you have sights on things like the Webrep of Avast and KIS's URL advisor, Safe Search, TrafficLight etc..as well as Ad-blocking etc. The CIS sandbox is a browser protection. Also that particular CIS sandbox is more likened to in performance between a cross of Avast's Auto-Sandbox and Emsisoft's Online Armor Run Safer. As mentioned it is not like Sandboxie or GesWall etc. It's a cross between a "light virtualization" and "a limited-user-rights app" much like the Run Safer of Online Armor and KIS 2012 Safe Run.

The term "sandbox" differs from every product design. There is a long/full section there at Wilderssecurity about it. All sorts of explanations about virtualization/sanboxing etc.

http://www.wilderssecurity.com/forumdisplay.php?f=98

All developers love to use that term but it differs. Again take the case of Emsisoft, KIS 2012, Sandboxie and Avast IS/Pro, DefenseWall, AppGuard, Bufferzone, SandboxRX.

To me Sandboxie is still the preferred application for sandboxing.

Even you will not want to have just browser integration which leaves dangerous traces in your system even when you exit the browser. Sometimes integration in browsers causes slowness in browsing as well(--depends on the setup)so others prefers limited integration with light-virtualization which is much more secure than an open-browser with full security suite integration. There is no-one-singular-security suite that can do it all especioally in default settings.

While (as mentioned) it is not an "install and leave" application(so I am akin to your side and agree that CIS is not for newbies)it is also the same as of other suites around meaning "user-input" is needed to get the app to perform at full potential. No-one-singular-security suite will do it all especioally in default settings. The only security apps I've tried that comes close to "install and leave"(maybe wrong here) is AvastFree/Pro and BitDefender 2012/FSecure though you still have to do some tweaking.

In my opinion(my own only), it is the responsibility of the user to learn more about his/her application of choice and not be swayed by popular belief as this will not make him/her learn how to use the application effectively AND tend to judge an application without knowing how to use it properly. That casual user/newbie should learn and not blindly rely on his casualness because malware writers are getting better every minute.

As for the "slowing down" issue, it will differ per pc spec and the applications in the system. But version 5 until 5.9 is by far the lightest (and tamer in pop-ups)of the CIS pack(in comparison to Outpost Pro/Emsisoft's --but that's just me on my systems :)XP SP3/Win7/Vista x32 and x64 all with DDR3 4gb --P4 3Ghz,AMD K8 model, AMD Phenom, Corei5 ram systems)Exclusions for the relevant applications may help and so as going to the Comodo forums for help/assistance.

I rest my case ;) Nice review though ;) Next time try to define what you expect from a suite like the reviews at MaximumPC and PCWorld just me again :)

Cheers ;)

by Ciprian Adrian Rusen on 01/22/2012 - 00:19

I am not (nor was) trying to debate the usefulness of a sandbox. I was just saying Comodo doesn't offer security features as other suites do, like a toolbar (or addon or something else) which checks the websites you visit and warns about sites used to distribute malware, or about phishing-schemes, etc.

Regarding how we test and what we look at, we have this pretty well defined in this article: Security for Everyone - How We Review Products.

by stefan on 01/21/2012 - 04:49

I had used there free version. I must say although they have good detection rate, it slow down the computer badly.

by Yiddish on 01/27/2012 - 07:40

hi Ciprian Adrian Rusen
i tried the above said its really helpful and useful to me

cheers
yiddish

by Ross on 04/18/2012 - 10:23

I have not had the chance to try out comodo internet security pro 2012 and include it in my internet security reviews. However, from what I can tell from your review, the SecureDNS can already be considered as their web protection component, although a faulty one you may say as one can easily disable the option of changing their DNS during setup. That having said, it's not easy to maintain a blacklist of malicious website as new ones spring up everyday. I would agree that in terms of web protection, they are lacking. Although I'm not a fan of browser toolbars, having the protection feature to scan through websites when I google is a plus. Still not a fan of comodo yet and Kaspersky and ESET will still remain in the top of my list.

by Jason on 04/20/2012 - 20:13

I agree with Kaspersky. It should be defintely be at the top of anyone's list. I can't say about the version 2013 of KIS as they have drastically change some key features like the SafeRun and the HIPS feature are to be junked. On Eset, I have used Ese Smart Security for a week and did not like it. It had too many issues that even Eset support did not answer or tend to look the other way. See here:

http://malwaretips.com/Thread-Block-a-browser-launch-from-a-shell-link-i...

http://malwaretips.com/Thread-Eset-firewall-Ping-Reply-RECEIVED-FAILED-a...

by Eym on 06/04/2012 - 23:34

I just have 2 complains about CIS.

1. Boot time is longer.
2. PC becomes very slow while scan process goes on, specially "manual scan". Even opening single website also takes much time when it does.