Level 5
Apr 26, 2011
I read something the other day that stated that HIDS was different than HIPS in that it utilizes signatures as well as behavioral analysis. Based on that you could say that Comodo Internet Security, ESET, and Emsisoft are HIDS?


Comodo and ESET are HIPS.
Emsisoft Antimalware uses BB, while Online Armor HIPS

HIPS is based on monitoring events of the system activity.

Behavior blockers are based on Behaviors activity.

HIDS is based on monitoring events of the network activity mainly.

That in a nutshell. I am sure HeffeD can comment more on Comodo's while Umbra on Emsisoft.

ESET is the standard HIPS based on Policy/Rules

Deleted member 178

There an article:

as Biozfear said, Comodo is mainly an HIPS but v6 auto-sandbox will become a Mamutu-style BB (in v6.1 theorically)

EAM has a potent BB (Mamutu) linked to its cloud where Online Armor is an HIPS linked to EAM rules/cloud with additional daily signatures


Level 1
Apr 9, 2011
CIS have only HIPS??? : NO!! :D:p:mad::huh::idea:

* Network-based intrusion prevention system (NIPS), Network behavior analysis (NBA)
CIS Firewall settings - Protect the ARP Cache, Block Fragmented IP datagrams, Do protocol analysis, Monitor NDIS protocols other than TCP/IP

* Wireless intrusion prevention systems (WIPS)
CIS Firewall settings - Show Trustconnect alerts for public networks


Level 1
Jun 23, 2011
The border between them is too close. It is now to see will Comodo dilute HIPS and go in for an automated BB so that new users or noobs can use it or it retains its classic HIPS system.
Maybe a Hybrid would do good. Maybe kaspersky's system watcher can be called an HIDS as it also monitors network traffic by applications.
  • Like
Reactions: Sunshine-boy


OP was asking HIPS/HIDS for Comodo, not the other components of IDS available in the firewall.