Comodo Firewall Review – Free firewall for Windows PC

The default Windows Firewall is good. You do not have to configure and mess up with it even initially. Just turn it on, and it will take care of your software, computer ports and surroundings (home, office and public places), etc. The Windows firewall has proven to be good for normal use – still there are many who want additional protection & features, and when talking about free third-party firewalls, Comodo Firewall is considered to be one of the best.

Comodo Firewall Review

comodo firewall

I have used Comodo firewall and I felt it offered better protection over the default Windows firewall. There were two main reasons for me to believe Comodo firewall was the best. First was that it gave plenty of pop-ups asking me whether or not to allow programs from accessing different ports – a feeling that I am in control of what’s happening on my machine. Second, it seemed to pass almost all the different types of firewall tests I could find on the Internet.

Comodo’s is the best among all of the software firewalls. There are hardware firewalls, and then there are software firewalls. Hardware firewalls are router or modem based and offer the best protection to anything behind that firewall – a computer or an entire network. That means if you have a router based firewall working, you do not need a software firewall. That also means there is no harm in using a software firewall in addition to the hardware firewall.


  1. User-friendly, attractive graphical interface
  2. No complex configuration Issues – perfect for amateur users
  3. Quickly learn user behaviour to deliver personalized protection
  4. DDP- based security keeps you informed and PCs safe
  5. Lots of configuration options let techies configure things just as they like.

In addition to normal firewall processes, Comodo Firewall offers you HIPS-based protection. This is visible under the name of Defense+. This Defense+ was present in previous versions too, but the one in version 6 is completely customizable. In short and simple words, HIPS means prevention based technology. If the firewall suspects any application, it will run the app in a light sandbox. This, sandboxing, is a plus point for Comodo firewall over other software firewalls. For average users of the Internet, there is no need to get into Defense+ and configure it. It learns automatically as you use your computer and as time passes – the alerts you receive – reduce significantly.

The only problem I still found with this firewall during my short duration of use was that it wouldn’t specify the IP addresses of applications trying to access your computer ports. ZoneAlarm does this well, and that is why a year or two ago, I had said ZoneAlarm is better than Comodo Firewall as it allows me to know the origin and destination of packets that my ISP sends via my computer to test the authenticity of Internet usage. However, the free version of ZoneAlarm does not appear in the green list at Matousec, so I stopped using it.

If you are asked during installation to install Geek Buddy or Dragon Browser and a free secure DNS, you may opt out of it. The Dragon Browser is good, but the interface may use some improvements. I did not find any special need for the browser as I am already using IE, Chrome, TOR, and Epic – depending upon what I intend to do. We have a review of Comodo DNS on The Windows Club.

PS: If you are using a VPN or a proxy, exit before installing Comodo DNS (firewall) as your computer might stop responding in the middle of installation. Also, it is not good per security point of view when you don’t wish to appear on the Internet. You can restart the proxy and VPN after installing Comodo firewall.

Comodo Firewall Review – Verdict

If you need a third-party firewall, Comodo is among the best free firewall software in the industry so far. You can download it from

Posted by on , in Category Security with Tags
Arun Kumar is a Microsoft MVP alumnus, obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses. Follow him on Twitter @PowercutIN


  1. Dan

    I absolutely agree with your article on Comodo Firewall (now offered as the main component of Comodo Internet Security 2013 suite). I do have to increase the Windows 7 Home Premium SP1 64 bit pagefile to at least 6027MB to avoid BSOD with CIS use; but I’m in the USA Pacific NW, and earlier this year my ISP began setting all modems/routers (regardless of owners) so that ports 25, 80, and 443 respond “closed” instead of “stealthed”…I use CF as an extra layer to insure my PC itself blocks ALL incoming connections. Thanks for a great report!

  2. Arun Kumar

    “Stealth” is best. Wonder why your ISP or for the matter, anyone would use “close”. What is the quality of routers? I have a cheaper router (Binatone, if you have ever heard of it) and it reports stealth.
    No doubt adding an additional layer of protection is best thing to do. And when it comes to security, CIS is good. My problem with it was the amount of resources it uses blocks access to other heavy use applications like Premiere and Draw etc. Also, an element of doubt goes to the life of computers I have (above five years). I think it is time to replace them as almost all software are now more complicated than their previous versions.

  3. Arun Kumar

    PS: Did you say increasing the pagefile solved your BSOD issue with CIS? Or was it a precautionary measure? Because I faced it when I opted for default (complete) install on my Win 7 Ultimate.

  4. I have used Comodo products for many years now and I have found them to be absolutely fantastic. I do agree that Comodo packs in a lot of extra features and for us in the I.T industry does get annoying. But for a general user they are fine and GeekBuddy works well to help people out with an infected PC (and how many of your friends computers have you looked at that is mightily infected because they don’t know what to do.)

    I have never had an issue with any Comodo product (except for one update in version 4 that sent my CPU maxing out, but that was fixed with another update an hour later.)

    All Comodo needs to do is offer the extras first via the installer without having to customize the installation and have a mouse over help window explain what each extra does.) I proposed this to them in the beta channel and I was surprised that a lot of other people wanted the same, so who knows what they will do for the future, but in concluding, it is the best (CIS) security solution out there at the moment.

  5. Dan

    Increasing pagefile was not precautionary; when going to reset it, I saw Windows was at default of 4025 MB, and recommending setting to 6027 MB; I then at first thought to set it at 12GB (3X installed RAM), but found scaling it back to what Windows recommended (6027MB, 1.5X installed RAM) works just as well in keeping away BSOD from CIS (though older versions of, say, GMER can BSOD but from poor handshakes while reading registry policed by CIS/other anti-malware, ala race condition).

    Per my router, it’s an ISP-provided SMC Networks router with internal “aerial”; it doesn’t even appear at SMC website last I checked, so probably old stock! However, interestingly, somehow my ISP has ONE way of accessing and setting routers/modems (and “stealth ports” is always chosen/saved at its gate installed into ANY router); here, it won’t matter how I upgrade router; at best, ISP answer if any is usually in nature of “um, a glitch, we’re working on it” (BTW, they used to have ipv4/ipv6 Teredo NAT tunnel, but since last Winter offer only ipv4, saying ipv6 will be back by next Winter. In light of PRISM, one might conjecture that until MAC addresses over ipv6 here are traceable, somebody needs to tap in and see if your MAC matches what goes out from your IP…but that’s conjecture as to cause. This “3 ports closed” at router has continued even after clean erasing/re-installing Windows, and no other partitions are active, so it’s not coming from PC malware infection.

    My last “windy” comment: you’re so right about software outpacing older units; the Acer 5736Z dual core with 4GB RAM/2.30GHz CPU, made 3 years ago and which I’m commenting from, could even load and use full Autodesk Maya components and dependencies, as well as other prof-grade art/video/photo/GFX softwares…today, it still has a few abilities while evolving VFX/GFX software requires more power, but it would cost more to convert PC to NVIDIA/Intel supercards and such than it would to buy new units already at state of the art.

  6. Arun Kumar

    Thank you for taking time out to clear up things. I will try with an increased pagefile again to see if I still get BSOD. Probably that also has to do with the problems encountered after removing the extras.

  7. Arun Kumar

    The Comodo blog said they were depending more on behavioral analysis which I guess means learning mode. But thanks for pointing it out. I will double check the information with someone at Comodo.

  8. JMCG

    Plugging the product but I have to work hard to find a link….hmm…….hmmmmm…, forget it!

Leave a Reply

Your email address will not be published. Required fields are marked *

8 + 1 =