Do you use the firewall?
We do on about 30% of the clients, but this is reducing all the time due to constant issues.
Do you have issues with the firewall?
Yes, lots of issues; here are a few…
Cannot create simple easy rules as control panel profile settings too complicated.
Basic functions like Peer-to-Peer printer and file sharing does not work.
When firewall is working; you often cannot get DOS/CLI or other applications to be allowed to access network (other components accept allow rules)
Network card driver updates can kill the firewall requiring a reboot or re-install of CCS
What would you like from the firewall?
A firewall that gives you a simple and complete configuration setup like a firewall should.
So for instance you create an inbound for a pre-defined service like FTP or a port like TCP 21.
Obviously you need to be able to create services, so for instance 3CX telephone server requires port TCP 5001 for management and many others for calls. You could create a 3CX service which has many requirements on TCP, UDP and ICMP etc.
Rules should allow you to specify local network (trusted as in Windows configured as Home or Home, not public) allowing rules to be applied across many different businesses with ease.
Would you like the firewall replaced with “Windows Application Firewall” & “IPTables” Management instead?
Being honest, yes!
I say this has Linux Community and Microsoft know their networking stacks better than antivirus companies.
Having your AV company manage and deploy rules into these firewalls would be an excellent move as you know your not going to get any conflicts taking down your business networks.
At the end of the day; I do not mind Comodo firewall if it worked 100% as it was configured and actually had the ability to be configured well/correctly.
Just disabled the firewall via the profile on all our clients until the problem with CCS 11.2 is sorted (obv not ideal)… This issue has made me consider if the firewall is worth reenabling due to concern of apparent recurring issues with it.
This pretty much echo’s the responses above but here is some feedback
Do you use the firewall?
No even in testing there were too many problems (either stability or performance)
Do you have issues with the firewall?
Anytime I have used it (one Windows 10, 7, Server 2008/2016) the biggest issue was a huge hit to performance. Honestly CCS by itself really hurts performance especially endpoints with HDD vs SDD. Often, any slight change to the NIC (and even firewall settings themselvs) would cause it to hang up/freeze the NIC. Uninstalling is also hit and miss. I always have to use the removal tool.
What would you like from the firewall?
I don't believe the firewall is a good feature of CCS just as their has been to much history of issues. Configuration intuitiveness isn't great, though I've seen worse. Even if these issues are fixed, it will take a long time to rebuild trust in it staying that way. I think development should be shifted to just the application layer security as this is were Comodo shines (aside from performance, which could be improved). I prefer to use the windows firewall as it is sufficient when combined with CCS w/firewall off. I don't think this issue is limited to Comodo though, I don't have a lot of success with application firewalls regardless of vendor. Some better than others. I think this is a case of Windows own built-in option being the most stable and effective enough, at least in my usage scenerio's.
Would you like the firewall replaced with "Windows Application Firewall" & "IPTables" Management instead?
This I believe to be a great idea. Honestly I can't think of another RMM product that does this, at least without scripts or some convoluted process. Would be a fantastic addition to remote tools and profiles. +1
I cant believe this… they are rolling back AGAIN?? I already have 20% of my endpoints with the firewall disabled… may as well just push that profile out to all endpoints.
Why dont they just release a newer version of CCS with 11.1 as the core. Would be far simpler than having to remove ccs from endpoints and then having to reinstall an older version.
For anyone interested… we have an identical profile to our default one, but with the firewall disabled and the ccs taskbar icon hidden so as not to panic our clients with the big red X… This is prob the best option as the windows security dashboard will report the security as all well and the windows firewall as active. Less chance of a client panicing over warning from ccs that it needs fixing… Of course if they manually open the ccs client it will still say it needs fixing. But much less chance this way of upsetting the clients.
Our Development Team would like to confirm that the issue will be resolved this Saturday’s release. We welcome any discussions further with the New CCS release. Please note that the CCS will not be reverted nor rolled back to an older version. As stated previously on June release notesAPPENDIX-1 . Only the firewall will be reverted back to 11.1 as explained under Connectivity Issues Regarding CCS v11.2section. We hope clarifies your queries.
Yes, it is only the firewall module…
But we have had issues on and off with the firewall since V10.
I’m hopefully going to test having no firewall tab in my profile again as discussed with Dev to see if this successfully removes the firewall and warnings.
If this does I’ll let everyone know as I know we will be then looking to do this by default until a new firewall system is introduced.
I cloned my profile so I could test it on some machines.
I then edited the profile and done the following :-
Select firewall tab from profile
Click on delete button
Once I did that I assigned it to a few computers which was successful and saw networking and VPN traffic speed up dramatically as well as all the bits listed above.
We are now changing the profile slowly across our clients. We are doing it this way so we still have a configured firewall version just in case.
I can confirm this works perfectly so far. The same procedure works for that pesky Containment. Although I really do not want to disable containment we have some clients where trusting applications simply does not work and I cant get them to work any other way than disabling containment.
Specifically… Farmplan. Gatekeeper. Articad. Easyquote… and anything with sentinal dongle.
So I now have three clones of my standard Windows profile… one with Firewall disabled… one with Containment disabled and one with both disabled… all report CCS running perfectly with no red warnings.
We have quite a few clients with farmplan, fortunatelly only a couple of them on the Itarian platform and running ccs. But no… still dont have any of those programs working with ccs properly… It has been necesary to have Containment and Firewall tabs removed in all those endpoints. I will be visiting a client Monday to run the Unknown file utility to try and get farmplan working as this client owns a number of farms in the area and is expecting me to sort it or replace ccs.
Had the dreaded firewall problem rear its head again today… fortunately on one of our own endpoints… running the latest EM(19060) with latest CCS(7495). A simple reboot on the machine resulted in no internet. Disabled the firewall driver in adapter settings and all sprung back to life. enabled and rebooted… same again. No idea what triggered it but we have recently upgraded this endpoint to W10 1903. All our other endpoints are running the exact same setup with no issue so far.
We have decided the only option is to take Robins suggestion of deleting the firewall tab as standard in all new endpoints via a new default profile. We already have this profile running on prob 20% of our clients endpoints successfully. I just hope that Comodo dont now do something crazy resulting in the removed tab causing some other problem. Hope you’re taking note Comodo.
We have indeed raised your issue with engineering and we are awaiting their investigation on your report the soones time possible. Please give us some time to an answer to you on this. We will be in touch shortly.