Comodo One. Understanding Devices in ITSM

January 27, 2017 | By Comodo

Comodo One. Understanding Devices in ITSM

How to implement “Bulk to installation package” in devices?

Step 1: Click ‘Download Bulk Enrolment Package’ icon.

OR Go to ITSM > ‘Bulk Installation Package’

Step 2: Fill the form and Download the required package.

1. User – Select the user of your company to install package over the devices of the same user [devices enrolled under the user control]. Example: admin@yourcompany.com

2. Company – Select your company. Example: Your-Company Pvt Ltd

3. Device Group – Select the group. Example: production

4. Comodo Client, If you want to include the Comodo Client, Kindly use the further options

  • Choose operating system – Choose the operating system of the devices
  • Comodo Client – Communication – By default, it is checked and installed if not already
  • Comodo Client – Security – User can check this and let it be added into the package which is downloading here
  • Additional Option.
  • Include initial Antivirus signature database (will apply only if a Profile contains Antivirus section) – If the device profile contains antivirus product then the initialantivirusdatabaseisincludedforthepackage

5. Profile – the default profile is loaded at the beginning but if you want to change the profile then enter the name of the profile and choose it. Example: Windows x64 – Other options < Windows x86, Windows x86 and x64 (Hybrid) and MacOS

6. Restart Control Options – Use the option to get changes on restart control

  • Force reboot in – Select the time laps of the action restarting the machine. Example: 10 minutes
  • Suppress reboot – Select to skip the action restarting machine
  • Warn about the reboot and let users postpone it – Select for user decision that the user can postpone or perform instant action restarting machine
  • Reboot message – Message is auto generated but if wish to change the content, you can.

Step 2.1: Fill the UI Options if you would like to deploy the Comodo Agent through Active Directory from a Server.

1. Show error messages if installation failed

2. Show a deployment confirmation message upon completion of the installation

3. Confirmation Message – Enter your message to confirm if the installation is over. Example: deployment is over.. thank you

4. Download Installer button – click the button and save the package on the local computer

Optional: Fill the Proxy Settings and Download the package if you would like to Deploy the Comodo Agent through Proxy Server.

1. Proxy Host – Enter theProxyIPAddress .

2. Proxy Port – Port Number

3. Username – Administrator privileged user

4. Password – Password of the user

5. Download MST File – click the button and save the MST file to the local computer

**If you already use AD in your environment or you are comfortable with GPO or already have your device structure set on AD and etc, please follow the further steps.

Step 3: Once the .msi file is downloaded. From AD Server, Create a new directory and copy the file into the directory. Example, ITSM_Agent

Step 4: Right-click the created-folder and choose the option ‘Share…’

Step 5: From the ‘ITSM_Agent Properties’ Window, click the tab ‘Advance Sharing’.

Step 6: From the ‘Advance Sharing’ Window, check ‘Share this folder’ checkbox and click the ‘Permissions tab’.

Step 7: From the ‘Permissions ITSM_agent’ Window, ensure the only option ‘Read’ from the Allow column is selected (if not check the Read checkbox only) and click ‘OK’ button

Step 8: Click ‘Apply’ button from the ‘Advance Sharing’ window.

Step 9: Ensure whether the Network path is assigned. Example, \\WIN-CU2OX8JDY3D\ITSM_Agent and then click ‘Close’ button.

Step 10: Go to ‘Administrative Tools’ from ‘Start ‘menu.

Step 11: Double-click the ‘Group Policy Management’.

Step 12: Select the domain from ‘Domains’ folder.

Step 13: Right-click the selected Domain and click the option ‘Create a GPO in this domain and Link it here …’.

Step 14: Enter the Appropriate name and Source for the GPO and click the ‘OK’ button to save it under the selected Domain.

Step 15: Select the GPO from the ‘Domains’ folder and right-click the GPO and choose ‘Edit Option’.

Step 16: Expand the folder ‘Computer Configuration as Computer Configuration’ > Policies > Software Settings and right-click the ‘Software Settings’ menu and choose New > Package…

Step 17: Copy and paste the path we have already created. Example, \\WIN-CU2OX8JDY3D\ITSM_Agent and click the ‘Open’ button.

Step 18: Select the file and click ‘Open’ button again and click ‘OK’ button from the window ‘Deploy Software’.

Step 19: Open Command Prompt as Administrator and run the command ‘gpupdate’. Once your command finished as in the image below, your endpoints will start the installation of the ITSM agent once the user logs on the computer.

How to install custom MSI packages?

Step 1: Go to DEVICES > ‘Device List’ and select the specific device to install the desired MSI package.

Step 2: Click ‘Install MSI/Packages’ icon and select the ‘Custom MSI/Packages’ menu.

Step 3: Fill the form and click the ‘Install’ button.

1. MSI/Package URL – Enter the URL where the package is being downloaded. Example: https://notepad-plus-plus.org/reposi….Installer.exe

2. Command-Line Options – Enter the associated commands to install the package successfully. Example: /S

3. Reboot options – Set the options for reboot the machine after installation of the package

  • Force the reboot in – Select the minutes you want to delay
  • Suppress the reboot – Skip the reboot if you want to do so
  • Warn about the reboot and let users postpone it – Hand over the decision to Users who is logging in
  • Reboot message – Automatically generated.

4. Click ‘Install’ button.

Step 4: Click the ‘MSI Installation State’ tab to know the installation status in detail.
Table contains the columns to check the details of MSI Installation State

1. Option: Delete MSI Installation State – Select the records from the table and click the icon suppose you would like to delete them.

2. NAME – Name of the MSI Installation State

3. STATE – To check the state of the command started for execution

  • Command In The Queue – Waiting for execution
  • Success – Completed
  • Fail – Failures in the execution

4. CREATED – Date of execution created

How to check all malicious files from a device?

Step 1 : Go to ITSM → ‘Devices’ and click the ‘Device List’ menu.

Step 2: Choose a device from the list, for which you should see the malicious list.

Step 3: Click the ‘File list’ tab and go to the ‘Malicious’ tab.

Step 4: The malicious files that are available in a device are listed here.

Step 5: Click on the name of the file to view the detailed information of the file.

Step 6: The files can also be moved to other categories like Unrecognized and Trusted

1. Select the malicious files by marking checkbox of the table

2. Click ‘Move To Unrecognized’ icon to move the file to ‘Unrecognized’ category

3. Click ‘Move to Trusted’ icon to move the file to ‘Trusted’ category

How to check all unrecognized files from a device?

Step 1: Go to ITSM → Devices and click ‘Device List’ menu.

Step 2: Choose a device from the list , for which you should see the unrecognized files list.

Step 3: Click the File list . Go to unrecognized tab.

Step4: The unrecognized files that are available in a device are listed here.

Step 5: Select the file name to view the detailed information of the file.

Step 6: The files can even be moved to other categories like ‘Malicious’ and ‘Trusted’.

1. Select the Unrecognized files by marking checkbox of the table

2. Click ‘Move To Malicious’ icon to move the file to ‘Unrecognized’ category

3. Click ‘Move to Trusted’ icon to move the file to ‘Trusted’ category

How to manage associated profiles with a device?

Step 1: Go to ITSM> ‘Devices’> ‘Device List’ . You can see all enrolled devices in ITSM.

Step 2: Click ‘Device’ for which associated profiles needs to be checked.

Step 3: Click ‘Manage Profiles’ button in the top. All associated profiles with the device will be listed here.

Step 4: To remove profile from the device follow below steps,

1. Select profile check box.

2. Click ‘Remove Profile’ button.

Step 5: To associate profile with device follow below steps,

1. Click ‘Add Profiles’ button in the top.

2. Select ‘Profile’

3. Click ‘Save’

How to install additional COMODO packages?

Step 1: Go to ITSM> ‘Devices’> ‘Device List’. You would be able to see all enrolled devices in ITSM.

Step 2: Click ‘Device’ for which additional packages going to be installed.

Step 3: To open install dialog box follow below steps,

1. Click ‘Install MSI/Packages’

2. Choose ‘Additional Comodo Packages’ from drop down menu.

Step 4: Select options as described below,

1. Install Comodo Client – Security – Select check box associated with this option to install ‘Comodo Client – Security’ in the device.

2. Install RMM Plugin Agent – Select check box associated with this option to install ‘RMM Plugin Agen’ in the device.

3. Force the reboot in – If you want to reboot the device after comodo package installation follow below steps,

4. Select check box associated with ‘Force the reboot in ‘

5. Choose any of the time period among “‘5 minutes’, ’10 minutes’, ’15 minutes’, ’30 minutes'” after which device will be automatically restart.

6. Suppress the reboot – Select check box associate with this option to cancel rebooting after software installed in the device.

7. Warn about the reboot and let users postpone it – Enable this option to allow users to postpone reboot upon warning.

8. Reboot message – Enter text to be displayed before reboot otherwise default message settings will be applied.

Step 5: Click ‘Install’ to complete the Comodo package installation process.

How to check active components of a device?

Step 1: Go to ITSM > ‘Devices ‘ > ‘Device list’.

Step 2: Check ‘Active components’ column for the device.

Following active components are available for ITSM devices:

1. Agent only (AG)

2. Antivirus (AV)

3. Firewall (FW)

4. Containment (CO)

Step 3: Installed components in the device have highlighted icons.

Step 4: Please Install and configure Comodo Client Security software a in the device for Antivirus, Firewall and Containment components.

How to set specific applications to be malicious and check the admin rating

In ITSM, Setting a file as a Malicious can be done in two ways.

  • Application Control
  • Device List

1. Application Control:

Step 1: Go to ITSM -> ‘Security Sub-Systems’ and then click “Application Control” menu.

Step 2: The ITSM has grouped the files into three main categories, and the categories are:

1. Unrecognized

2. Trusted

3. Malicious

Step 3: If you find a file from ‘Unrecognized’ tab or trusted tab as harmful, then you can move the file to ‘Malicious’.

Step 4: To Move the files to ‘Malicious’ tab please follow the below steps.

a. Navigate to ‘Unrecognized’ tab or ‘Trusted’ tab.

b. Select the check boxes of the appropriate files.

c. Click the “Move to Malicious” in the top.

Step 5: Go to ‘Malicious’ tab and view the saved files.

Step 6: Admin Rating, Indicates whether the file was manually moved by the Administrator from one category to another and the Categories are Unrecognized, Trusted and Malicious.

1. If Admin Rating is “yes”, Indicates that the file was moved by Administrator.
Example: Since the files were moved, the admin rating is set as “yes”. (Please Refer the screenshot)

2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.
Example: Since the files were not moved, the admin rating is set as “not set”. (Please Refer the screenshot).

2. Device List:
Step 1: Go to ITSM -> ‘Devices’ and then click “Device List ” menu.

Step 2: Select a device from the list.

Example: WIN-EV5S84NSROI (Please Refer the image)

Step 3: Go to ‘File List’ tab.


Step 4: If you find a file from ‘Unrecognized’ tab or ‘Trusted’ tab as harmful, then you can move the file to Malicious.

Step 5: To Move the file(s) to malicious tab,

a. Go to ‘Unrecognized’ tab or ‘Trusted’ Tab.

b. Select the check boxes of the appropriate files.

c. Click the “Move to Malicious” option in the top.

Step 6: Click on the ‘Malicious’ tab. The malicious files that are in a device will be listed here.

How to set specific applications to be trusted and check the admin rating?

In ITSM, setting a file as trusted can be done in two ways,

  • Application Control
  • Device List

1. Application Control:
Step 1: Go to ITSM -> ‘Security Subsystems’ and then click “Application Control” menu.

Step 2: The ITSM has grouped the files into three main categories, and the categories are:

1. Unrecognized

2. Trusted

3. Malicious

Step 3: Go to ‘Trusted’ tab.

Step 4: The Trusted files from all the enrolled endpoints will be listed here.


Step 5: If you find a file from the ‘Unrecognized’ tab or ‘Malicious’ tab as ‘Trusted, then you can move the file to Trusted.

Step 6: To Move the file(s) to Trusted tab,

a. Go to Unrecognized tab or Malicious Tab.

b. select the check boxes of the appropriate files.

c. Click the “Move to Trusted ” option at the top.

Step 7: The Admin Rating, Indicates whether the file was manually moved by the Administrator from one category to another and the Categories are Unrecognized, Trusted and Malicious.

1. If Admin Rating is “yes”, Indicates that the file was moved by Administrator.
Example: Since the files were moved, the admin rating is set as “yes”. (Please Refer the screenshot)

2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.
Example: Since the files were not moved, the admin rating is set as “not set”. (Please Refer the screenshot)

2. Device List:

Step 1: Go to ITSM -> ‘Devices ‘and click “Device List” menu.

Step 2: Select a device from the list.

Step 3: Go to ‘File List’ tab.


Step 4: If you find a file from the ‘Unrecognized’ tab or ‘Malicious’ tab as ‘Trusted’, then you can move the file to Trusted.

Step 5: To Move the file(s) to Trusted tab,

a. Go to ‘Unrecognized’ tab or ‘Malicious’ tab.

b. Select the check boxes of the appropriate files.

c. Click the “Move to Trusted ” option at the top.

Step 6: Click on the ‘Trusted’ tab. The trusted files that are in a device will be listed here.

How to set specific applications to be unrecognized and check the admin rating

In ITSM, setting a file as trusted can be done in two ways:

  • Application Control
  • Device List

1. Application Control:
Step 1: Go to ITSM -> ‘Security Subsystems’ and then click “Application Control” menu.

Step 2: The ITSM has grouped the files into three main categories, and the categories are

1. Unrecognized

2. Trusted

3. Malicious

set_unrecognize2

Step 3: If you find a file from the malicious tab or trusted tab as unrecognizable, then you can move the file to the unrecognized tab.

Step 4: To Move the files to unrecognized tab please follow the below steps,

a. Navigate to the ‘Malicious’ tab or trusted tab.

b. Select the check boxes of the appropriate files.

c. Click the “Move to Unrecognized” at the top.

Step 5: Go to the ‘Unrecognized’ tab. The Unrecognized files from all the enrolled endpoints will be listed here.

Step 6: Admin Rating, Indicates whether the file was manually moved by the Administrator from one category to another and the Categories are Unrecognized, Trusted and Malicious.

1. If Admin Rating is “yes”, Indicates that the file was moved by Administrator.
Example: Since the files were moved, the admin rating is set as “yes”.

2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.
Example: Since the files were not moved, the admin rating is set as “not set”.

2. Device List:

Step 1: Go to ITSM -> ‘Devices’ and then click “Device List ”menu.

Step 2: Select a device from the list.

Step 3: Go to ‘File List’ tab.

Step 4: If you find a file from the ‘Trusted’ tab or ‘Malicious’ tab as unrecognizable, then you can move the file to unrecognized.

Step 5: To Move the file(s) to ‘Unrecognized’ tab,

a. Go to ‘Trusted’ tab or ‘Malicious’ tab.

b. Select the check boxes of the appropriate files.

c. Click the “Move to unrecognized ” option at the top.

Step 6: Click on the ‘Unrecognized’ tab. The unrecognized files that are in a device will be listed here.

 

 

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>