Attempting to prevent or detect 100% of malware coming into your network is mathematically impossible. Comodo has acknowledged this fact and has focused on rendering malware useless by creating Intelligent Automatic Containment technology to protect users from Zero Day and malware exploits. Comodo AEP is in the latest Gartner quadrant and is currently protecting over 100 million endpoints around the world. No Comodo user has ever reported an infection from any form of malware! Infodat currently offers Comodo products through DIR-TSO-4393 or through TIPS 181102 .
The Comodo Difference
Traditional endpoint security vendors have a Default Allow architecture. This Default Allow architecture has a critical flaw. It allows unknown files to pass into your computers or networks. Attempts to cover this critical flaw with things like AI, machine learning, sandboxing, etc., are not 100% effective. Comodo AEP with Automatic Containment prevents 100% of unknown files from reaching your computers and network.
- If the verdict is ‘Known Bad ’then Block
- If the verdict is ‘Known Good’ then Allow
- If verdict is ‘Unknown’ then run in Automatic Containment
- NO unknown files ever reach your computer or network
- Automated local and global analysis to determine verdict
- Files allowed or blocked after verdict
- NO impact to usability
Comodo AEP Features:
- Containment – Authenticates every executable and process running on your computer and prevents them from taking actions that could harm your computer. Unrecognized processes and applications will be auto contained and run under a set of restrictions, so they cannot harm your computer. This gives untrusted (but harmless) applications the freedom to operate whilst untrusted and potentially malicious applications are prevented from damaging your PC or data.
- Antivirus – Proactive antivirus engine that automatically detects and eliminates viruses, worms and other malware. Apart from the powerful on-demand, on-access and scheduled scan capabilities, CCS users can now simply drag-and-drop items onto the home screen to run an instant virus scan.
- Host Intrusion Protection (HIPS) – A rules-based intrusion prevention system that monitors the activities of all applications and processes on your computer. HIPS blocks the activities of malicious programs by halting any action that could cause damage to your operating system, system-memory, registry keys or personal data.
- Firewall – Highly configurable packet filtering firewall that constantly defends your system from inbound and outbound Internet attacks.
- Mobile Device Management – A mobile device is any Android or iOS smart phone or tablet that can connect to the enterprise network through a wireless connection. Comodo IT and Security Manager allows network administrators to remotely configure device access rights, security settings, general preferences and to monitor and manage the device. Mobile devices may be employee or company owned.
- Remote Monitoring and Management -The Remote Monitoring and Management (RMM) Module is an efficient endpoint monitoring application that allows administrators to monitor and manage multiple endpoints from one centralized console. RMM is available as an ITSM extension to Comodo One customers and can be accessed from the ITSM interface.
- Viruscope – Monitors the activities of processes running on your computer and alerts you if they take actions that could potentially threaten your privacy and/or security. Using a system of behavior ‘recognizers’, Viruscope not only detects unauthorized actions but also allows you to completely undo them. Apart from representing another hi-tech layer of protection against malware, this also provides you with the granular power to reverse unwanted actions taken by legitimate software without blocking the software entirely.
- Windows or Mac Endpoints – A Windows or Mac Endpoint is any Windows or Mac laptop, desktop or Server computer that can connect to the enterprise network through a wireless or wired connection. Comodo IT and Security Manager allows administrators to install Comodo Endpoint Security, manage security settings on them, view and manage installed applications, run antivirus scans manage OS update/security path installation and more. Windows or Mac Endpoints may be employee or company owned.
- Windows or Mac Endpoints – A Windows or Mac Endpoint is any Windows or Mac laptop, desktop or Server computer that can connect to the enterprise network through a wireless or wired connection. Comodo IT and Security Manager allows administrators to install Comodo Endpoint Security, manage security settings on them, view and manage installed applications, run antivirus scans manage OS update/security path installation and more. Windows or Mac Endpoints may be employee or company owned.
- User Management – An employee, contractor or guest of the enterprise whose device(s) are managed by the ITSM console. Users must be created before their devices can be added. Users can be added manually or by importing user groups from an AD server.
- Device Group Management – An administrator-defined grouping of devices that allows administrators to apply configuration profile(s) to multiple devices at once.
- Quarantine – If the antivirus scanner detects a malicious application on an Android device then it may either be deleted immediately or isolated in a secure environment known as ‘quarantine’. Any infected files moved into quarantine are encrypted so they cannot run or be executed.
- Configuration Profile – A configuration profile is a collection of settings applied to enrolled device(s) which determine network access rights, overall security policy, antivirus scan schedule and other preferences. Profiles are split into iOS profiles, Android profiles and Windows profiles. Profiles can be applied to an individual device, to a group of devices, selected users’ devices or designated as a ‘default’ profile.
- Comodo Client Security – Comodo Client Security (CCS) is the remotely managed endpoint security software installed on managed Windows devices. It offers complete protection against internal and external threats by combining a powerful antivirus, an enterprise class packet filtering firewall, an advanced host intrusion prevention system (HIPS) and patented containment feature that runs unknown and unrecognized applications in an isolated environment at the endpoints. Each component of CCS can be configured to offer the desired security level by applying configuration profiles.
- Notifications – Notifications are sent to devices by ITSM after events like the installation or removal of an app or because a threat has been identified on the device. For identification of threats during on-access, scheduled or on-demand scanning on Android and Windows devices, the notifications are generated at the web interface for the administrator.
- Patch Management – The Patch Management module monitors Windows OS updates and patches for 3rd party Windows software. It identifies patches appropriate for the OS version of each managed Windows device and. If required, automatically installs them.
- Valkyrie – Valkyrie is a cloud-based file verdict service that tests unknown files with a range of static and behavioral checks to identify those that are malicious. CCS on managed Windows computers can automatically submit unknown files to Valkyrie for analysis. The results of these tests produce a trust verdict on the file which can be viewed from the ITSM interface.
- ITSM Agent – The agent is an Android app which needs to be installed on all devices to facilitate communication with the ITSM server. The agent app is responsible for receiving and executing tasks such as implementing configuration profiles, fetching device details, running antivirus scans, adding or removing apps and to lock or wipe the device.
Comodo ITSM Features:
Comodo’s cloud-based Management Console, IT & Security Management (ITSM) provides one centralized console with distributed management capabilities for independent areas. Standalone consoles can be deployed based on location with designated personnel to manage specific locations or functions.
Comodo ITSM allows for the configuration of security policies and visibility into the security posture and health of enterprise endpoints, while the ITSM Mobile Device Manager allows for the remote provisioning, configuration and control of Android, iOS and Windows devices. Comodo provides login for administrators and support staff. End Users have no interaction with software unless provided by an administrator.
ITSM Management Console Features and Functionality Include:
- App Store for iOS and Android Devices
- Audio Siren when phone is lost
- Bulk or Selective Patch Management
- Centralized Client Deployment
- Compliance Reports
- Devices Rooted and Jailbroken
- Full or Corporate Device Wipe
- Hardware and Software Inventory
- Integration with Active Directory
- iOS APN Certificate Management
- Lock / Unlock Device Feature
- Mobile Application Management
- Mobile Device Management
- Mobile Security Management
- Over-The-Air enrollment
- Policy Management by List or Group
- Recommended Default Profiles
- Role-based Administration
- Set and Reset Device Passcode
- Send Administrative Messages to Devices
Security Management Features Include:
- Ability to assign Profiles by Device Type
- Ability to Configure Trusted Applications
- Application Whitelist Store for iOS and Android
- Centrally Updated Antivirus Database
- Configurable
- Antivirus (blacklisting)
- Intelligent Automatic Containment
- Certificate-based File Rating (whitelisting)
- Host Firewall Settings
- VirusScope Behavioral and Action-based Protection
- Configuration of Unknown Applications
- Customizable Verdict by Software Publisher
- Current Malware Listing
- Deletion or Quarantine of Files from Devices
- Detailed File Analysis Reporting
- Global View of Threat History
- Integrated Static and Dynamic accelerated verdict detection
- Patch Management
- Scheduled Security Updates by Date and Time
- Viewing and Assignment of Applications to Whitelist/Blacklist