Advice Request VoodooShield Free version or Comodo Free Firewall 10

[shmu26]

It's the battle of the big: MT's most popular and most talked-about default/deny solutions.
Both are free.
Let's talk pros and cons.
1 Effectiveness
2 Learning curve, user-friendly
3 Bugs
4 Compatibility issues
5 System performance issues
5 Other

 

[HarborFront]

Are you comparing features like whitelisting, firewall, sandbox, HIPS etc?

Do they serve the same, different or overlapping purposes?

Correct me if I'm wrong. VS is meant to block/allow applications. Can it block/allow Windows processes (eg. Skype, One Drive, exe, dll etc) as well?

 

[shmu26]

Are you comparing features?

Do they serve the same, different or overlapping purposes?

1 After people respond, we will be in a better position to compare features.
2 I would say that they serve the same purposes, more or less. (although VS does not include firewall)

 

[HarborFront]

1 After people respond, we will be in a better position to compare features.
2 I would say that they serve the same purposes, more or less. (although VS does not include firewall)

Sorry but I modified my post to make things clearer. Can you be more specific now?

 

[shmu26]

Are you comparing features like whitelisting, firewall, sandbox, HIPS etc?

Do they serve the same, different or overlapping purposes?

Correct me if I'm wrong. VS is meant to block/allow applications. Can it block/allow Windows processes as well?

1 Neither have HIPS (remember, we are talking about CFW at CS settings)
2 VS does not have firewall, but that is not the focus of a default/deny discussion
3 CFW has whitelisting, trusted vendors list, and sandbox. VS has whitelisting, Ai and blocking
4 Both have anti-exploit features

VS free version cannot block Windows processes, in the majority of cases. CFW at CS settings can, if tweaked.

 

[Deleted member 178]

@shmu26 remember that Comodo HIPS is never disabled, if the file can't be assessed the HIPS may kicks-in.

 

[HarborFront]

1 Neither have HIPS (remember, we are talking about CFW at CS settings)
2 VS does not have firewall, but that is not the focus of a default/deny discussion
3 CFW has whitelisting, trusted vendors list, and sandbox. VS has whitelisting, Ai and blocking
4 Both have anti-exploit features

VS free version cannot block Windows processes, in the majority of cases. CFW at CS settings can, if tweaked.

Let's put it this way. VS is strictly an anti-exe with sandbox feature whereas CFW with its firewall, HIPS, manual/auto-sandbox has anti-exe as a feature

I used both free version before. This is my verdict.

Features-wise this round goes to CFW
Learning curve/ease of use will go to VS
Default/deny will go to CFW since VS cannot block Windows processes for its free version. Not sure about its paid version though
Compatibility/system performance issues - I'll give this round to VS although I have no issues with VS or CFW. However, the tendency for issues to appear with many installed software will go up with CFW

Overall I'll take CFW for its many features despite its steeper learning curve......but.......I have both running together the last time before removing them

 

[Deleted member 178]

Anyway, you can't really compare them; not same style of products.

 

[Windows Defender Shill]

I voted neither, because Windows basically now offers lock down settings.

But between CFW and VS........VS

VS blocks before .exe so no resetting sandbox after you've already been scared to death.

And VS only uses like 30mb of Ram

+ No complex settings requirements

 

[askmark]

VS free version cannot block Windows processes, in the majority of cases. CFW at CS settings can, if tweaked.

Can you please expand on this statement?

 

[shmu26]

@shmu26 remember that Comodo HIPS is never disabled, if the file can't be assessed the HIPS may kicks-in.

Okay, but that's a rare case.
99.9% of the time, the file will get the rating of trusted or unrecognized or dangerous, so HIPS will not be active.

 

[HarborFront]

I voted neither, because Windows basically now offers lock down settings.

But between CFW and VS........VS

VS blocks before .exe so no resetting sandbox after you've already been scared to death.

And VS only uses like 30mb of Ram

+ No complex settings requirements

You have to know one thing about CFW.

It has virtual desktop and virtual kb for you to run applications, browsers and to allow you to securely enter user-names, credit card numbers and passwords without fear of key-logging software recording your physical keystrokes

VS does not have this feature

 

[mekelek]

it comes down to the question: Do you prefer something being stopped before it can even run, or you want to take your chances and run it in a Sandboxed environment if Comodo deems it unsafe?

 

[shmu26]

Can you please expand on this statement?

In VS free version, you cannot change the fact that the Windows folder is whitelisted.
However, certain vulnerable processes, such as powershell and windows script host, will be blocked when a web app is open.
Generally speaking, Windows processes will be carefully monitored, and if an unrecognized command line string presents itself, there will be a prompt.

With CFW at CS settings, you can make custom block rules for whatever processes you choose.

 

[HarborFront]

it comes down to the question: Do you prefer something being stopped before it can even run, or you want to take your chances and run it in a Sandboxed environment if Comodo deems it unsafe?

In VS case if the file is not in its cloud or if its Ai cannot be conclusive then user has to make the decision either to run or not to run.

In CFW you can be sure you are safe(almost) if you run inside its sandbox. Don't need the user to crack his head to make that decision to allow/deny.

 

[shmu26]

You have to know one thing about CFW.

It has virtual desktop and virtual kb for you to run applications, browsers and to allow you to securely enter user-names, credit card numbers and passwords without fear of key-logging software recording your physical keystrokes

VS does not have this feature

CFW is more feature-rich, that is clear. It is also more customizable.
But VS has the advantage that it is not prone to major security failures, like when Comodo cloud lookup occasionally whitelists known malware.

 

[askmark]

You have to know one thing about CFW.

It has virtual desktop and virtual kb for you to run applications, browsers and to allow you to securely enter user-names, credit card numbers and passwords without fear of key-logging software recording your physical keystrokes

VS does not have this feature

Which is why comparing these two products on their features is mostly pointless.
CFW is effectively a complete security suite, whereas VS is simply an anti-executable with a remote sandbox feature - which incidentally CFW doesn't have!
Both are excellent products in their own right and complement each other well if configured correctly.

 

[HarborFront]

Which is why comparing these two products on their features is mostly pointless.
CFW is effectively a complete security suite, whereas VS is simply an anti-executable with a remote sandbox feature - which incidentally CFW doesn't have!
Both are excellent products in their own right and complement each other well if configured correctly.

But CFW has manual/auto-sandbox which VS doesn't have.

Also, you can't based on CFW's default/deny vs VS's default/deny and then to select CFW, no? VS is an anti-exe whereas CFW has an-exe as a feature only

 

[HarborFront]

In VS free version, you cannot change the fact that the Windows folder is whitelisted.
However, certain vulnerable processes, such as powershell and windows script host, will be blocked when a web app is open.
Generally speaking, Windows processes will be carefully monitored, and if an unrecognized command line string presents itself, there will be a prompt.

With CFW at CS settings, you can make custom block rules for whatever processes you choose.

Maybe I missed that when I was using VS.

Can VS block Skype, One Drive, OneNote etc if I'm not using them?

 

[jerzy601]

I fully agree with Umbra can not compare these two products are two different products each has different tasks and different roles.
-CFW is a HIPS firewall
-VS is not anti-virus or firewall is an add-on to antivirus and its task is to block files that can get into the system and without the user's consent you will not install anything.
It's so thicker to say.