It'd be good beforehand to read (or skim) through this in order not to get 'lost' especially if you're new to CIS: Introduction to Comodo Internet Security Principles behind this setup/approach: This configuration assumes that you have made sure that your PC is clean and malware-free. And that you'll be trading in a portion of "maximum possible security" for "convenience" and "less pop-ups". Basic motivation behind this decision is that more pop-ups doesn't necessarily mean more security in day-to-day usage as it tends to lead users to a habit of allowing each prompts - thereby defeating the purpose of using a HIPS and leads to a false sense of security. It's also recommended to use this approach with other security layers such as LUA, SRP, anti-executable, behavior blocker, sandboxie, etc....especially if you are going to disable certain components and replace it with something else that's favorable to you. Installation: 1. During installation, you can select either to install the entire Comodo Internet Security suite (includes antivirus, firewall, Defense+, sandbox, etc) or without the antivirus component. You've got to decide for yourself on this matter. 2. After installation, make sure that you disable Windows built-in Firewall as it's NOT automatically turned off by default. Or you can do so prior to installation of CIS itself but make sure that you disconnect from the internet. 3. Check that Comodo individual components are set as such: Antivirus Security Level - "Stateful" Firewall Security Level - "Safe Mode" Defense+ Security Level - "Safe Mode" Sandbox - "Enabled" Or in other words, change the default configuration to "Proactive Security". (Right-click on the icon in the taskbar, go to "Configuration", then select "Proactive Security") General Configuration: I'd be skipping the AV component for now since I find the default setting fine. Anyone who needs further information can refer to this: Comodo Help: Antivirus Tasks - Introduction 1. Configuring Firewall Open the main GUI and go to the Firewall tab. a) Select "Stealth Ports Wizard". Choose the middle option, which reads "Alert me to incoming connections and make my ports stealth on a per-case basis" and click finish. You can choose among the other 2 options too but this option makes it easier for you allow an incoming connection request when needed without having to set up rules beforehand. b) Select "Firewall Behavior Settings". i) Under General Settings, change the 'Keep an alert on the screen for (seconds)' from 120 to something longer. e.g 180. This gives you more time to evaluate, do a search online, etc before you approve/deny an access. ii) Under Alert Settings, depending on whether you are using your PC for Internet Connection Sharing (ICS) - you've got to check/uncheck the box that states "This computer is an internet connection gateway (i.e. an ICS Server)". 2. Configuring Defense+ Open the main GUI and go to the Defense+ tab. a) Select "Defense+ Settings" i) Under General Settings, change the 'Keep an alert on the screen for (seconds)' from 120 to something longer. e.g 180. This gives you more time to evaluate, do a search online, etc before you approve/deny an access. ii) Under Monitoring Settings, you can either max out on the available options by checking all of them (and thereby increasing the number of pop-ups) or un-checking a few which you may not need (and thereby trading 'security' for convenience and less pop-ups)... See this to help you make the right choices: Comodo Help - Monitoring Settings If you're still unsure, then let the default settings be the way it is and see how you'd be coping with the alerts/prompts you get from Defense+. If you see *too many alerts* from a particular type of activity/object and if's something that you don't consider as a matter which you'd want to be alerted upon, then you can choose to disable that particular option. Or you can also make your own custom pre-defined policies which would ask/block/allow for each access rights. (Defense+ tab in the main GUI>Computer Security Policy>Predefined Policies) 3. Configuring Sandbox Open the main GUI and go to the Defense+ tab. a) Select "Defense+ Settings" i) Under Sandbox settings Customize Sandbox settings as you deem fit. See this: Comodo Help - Sandbox Settings White-list trusted programs to minimize pop-ups/alerts/prompts There are various ways to approach this: 1) Set your Defense+ Security Level - "Training Mode" and run all your applications. This is the *least secure* way to do it as you would not receive any popups because every action is learned and assumed 'safe'/'trusted'. Only recommended when are 100% sure you have a clean computer and you're not doing anything risky on your PC during the training period. And remember to set it back to another *more secure* level when you're done with your training. 2) Set your Defense+ Security Level - "Clean PC Mode" and run all your applications that you know are safe but take note that "All executable files in the fixed drives are assumed safe". You won't receive any annoying popups but all files that are not assumed safe would go to "Unrecognized Files" (under the Defense+ tab in the main GUI) Select all the safe and trusted files, and click "Move to: My Own Safe Files". Click on "Purge" to remove useless entries. 3) Set your Defense+ Security Level - "Safe Mode" and run all your applications that you know are safe. You would receive pop-ups which would then require you to "Treat this application as: Trusted Application". 4) Manually adding known safe/trusted files to "My Trusted Files" (under the Defense+ tab in the main GUI) 5) Manually adding known safe/trusted software vendors to "My Trusted Software Vendors" (Defense+ tab in the main GUI>Computer Security Policy>Trusted Software Vendor) Reduce alerts during future installation of setup files When running a trusted setup file/installer, check the option to "Treat this application as: Installer or Updater" or "Treat this application as: Trusted Application" on the pop-up/alert. Take note though that by doing so, you would be allowing the installer unrestricted access to your system. As stated earlier on, you can also make your own custom pre-defined policies for running executable/installers which would ask/block/allow for each access rights. (Defense+ tab in the main GUI>Computer Security Policy>Predefined Policies) I'll be editing this post as I find out more on CIS settings and if I can make it 'quieter' without sacrificing much 'maximum security possible' out of Defense+. And credits to other tutorials/guides that's available on the web - I took some ideas/words from there. Pictures are courtesy of Comodo's servers.