Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Comodo One. Understanding Devices in ITSM
How to implement “Bulk to installation package” in devices?
Step 1: Click ‘Download Bulk Enrolment Package’ icon.
OR Go to ITSM > ‘Bulk Installation Package’
Step 2: Fill the form and Download the required package.
1. User – Select the user of your company to install package over the devices of the same user [devices enrolled under the user control]. Example: admin@yourcompany.com
2. Company – Select your company. Example: Your-Company Pvt Ltd
3. Device Group – Select the group. Example: production
4. Comodo Client, If you want to include the Comodo Client, Kindly use the further options
5. Profile – the default profile is loaded at the beginning but if you want to change the profile then enter the name of the profile and choose it. Example: Windows x64 – Other options < Windows x86, Windows x86 and x64 (Hybrid) and MacOS
6. Restart Control Options – Use the option to get changes on restart control
Step 2.1: Fill the UI Options if you would like to deploy the Comodo Agent through Active Directory from a Server.
1. Show error messages if installation failed
2. Show a deployment confirmation message upon completion of the installation
3. Confirmation Message – Enter your message to confirm if the installation is over. Example: deployment is over.. thank you
4. Download Installer button – click the button and save the package on the local computer
Optional: Fill the Proxy Settings and Download the package if you would like to Deploy the Comodo Agent through Proxy Server.
1. Proxy Host – Enter theProxyIPAddress .
2. Proxy Port – Port Number
3. Username – Administrator privileged user
4. Password – Password of the user
5. Download MST File – click the button and save the MST file to the local computer
**If you already use AD in your environment or you are comfortable with GPO or already have your device structure set on AD and etc, please follow the further steps.
Step 3: Once the .msi file is downloaded. From AD Server, Create a new directory and copy the file into the directory. Example, ITSM_Agent
Step 4: Right-click the created-folder and choose the option ‘Share…’
Step 5: From the ‘ITSM_Agent Properties’ Window, click the tab ‘Advance Sharing’.
Step 6: From the ‘Advance Sharing’ Window, check ‘Share this folder’ checkbox and click the ‘Permissions tab’.
Step 7: From the ‘Permissions ITSM_agent’ Window, ensure the only option ‘Read’ from the Allow column is selected (if not check the Read checkbox only) and click ‘OK’ button
Step 8: Click ‘Apply’ button from the ‘Advance Sharing’ window.
Step 9: Ensure whether the Network path is assigned. Example, \\WIN-CU2OX8JDY3D\ITSM_Agent and then click ‘Close’ button.
Step 10: Go to ‘Administrative Tools’ from ‘Start ‘menu.
Step 11: Double-click the ‘Group Policy Management’.
Step 12: Select the domain from ‘Domains’ folder.
Step 13: Right-click the selected Domain and click the option ‘Create a GPO in this domain and Link it here …’.
Step 14: Enter the Appropriate name and Source for the GPO and click the ‘OK’ button to save it under the selected Domain.
Step 15: Select the GPO from the ‘Domains’ folder and right-click the GPO and choose ‘Edit Option’.
Step 16: Expand the folder ‘Computer Configuration as Computer Configuration’ > Policies > Software Settings and right-click the ‘Software Settings’ menu and choose New > Package…
Step 17: Copy and paste the path we have already created. Example, \\WIN-CU2OX8JDY3D\ITSM_Agent and click the ‘Open’ button.
Step 18: Select the file and click ‘Open’ button again and click ‘OK’ button from the window ‘Deploy Software’.
Step 19: Open Command Prompt as Administrator and run the command ‘gpupdate’. Once your command finished as in the image below, your endpoints will start the installation of the ITSM agent once the user logs on the computer.
How to install custom MSI packages?
Step 1: Go to DEVICES > ‘Device List’ and select the specific device to install the desired MSI package.
Step 2: Click ‘Install MSI/Packages’ icon and select the ‘Custom MSI/Packages’ menu.
Step 3: Fill the form and click the ‘Install’ button.
1. MSI/Package URL – Enter the URL where the package is being downloaded. Example: https://notepad-plus-plus.org/reposi….Installer.exe
2. Command-Line Options – Enter the associated commands to install the package successfully. Example: /S
3. Reboot options – Set the options for reboot the machine after installation of the package
4. Click ‘Install’ button.
Step 4: Click the ‘MSI Installation State’ tab to know the installation status in detail.Table contains the columns to check the details of MSI Installation State
1. Option: Delete MSI Installation State – Select the records from the table and click the icon suppose you would like to delete them.
2. NAME – Name of the MSI Installation State
3. STATE – To check the state of the command started for execution
4. CREATED – Date of execution created
How to check all malicious files from a device?
Step 1 : Go to ITSM ? ‘Devices’ and click the ‘Device List’ menu.
Step 2: Choose a device from the list, for which you should see the malicious list.
Step 3: Click the ‘File list’ tab and go to the ‘Malicious’ tab.
Step 4: The malicious files that are available in a device are listed here.
Step 5: Click on the name of the file to view the detailed information of the file.
Step 6: The files can also be moved to other categories like Unrecognized and Trusted
1. Select the malicious files by marking checkbox of the table
2. Click ‘Move To Unrecognized’ icon to move the file to ‘Unrecognized’ category
3. Click ‘Move to Trusted’ icon to move the file to ‘Trusted’ category
How to check all unrecognized files from a device?
Step 1: Go to ITSM ? Devices and click ‘Device List’ menu.
Step 2: Choose a device from the list , for which you should see the unrecognized files list.
Step 3: Click the File list . Go to unrecognized tab.
Step4: The unrecognized files that are available in a device are listed here.
Step 5: Select the file name to view the detailed information of the file.
Step 6: The files can even be moved to other categories like ‘Malicious’ and ‘Trusted’.
1. Select the Unrecognized files by marking checkbox of the table
2. Click ‘Move To Malicious’ icon to move the file to ‘Unrecognized’ category
How to manage associated profiles with a device?
Step 1: Go to ITSM> ‘Devices’> ‘Device List’ . You can see all enrolled devices in ITSM.
Step 2: Click ‘Device’ for which associated profiles needs to be checked.
Step 3: Click ‘Manage Profiles’ button in the top. All associated profiles with the device will be listed here.
Step 4: To remove profile from the device follow below steps,
1. Select profile check box.
2. Click ‘Remove Profile’ button.
Step 5: To associate profile with device follow below steps,
1. Click ‘Add Profiles’ button in the top.
2. Select ‘Profile’
3. Click ‘Save’
How to install additional COMODO packages?
Step 1: Go to ITSM> ‘Devices’> ‘Device List’. You would be able to see all enrolled devices in ITSM.
Step 2: Click ‘Device’ for which additional packages going to be installed.
Step 3: To open install dialog box follow below steps,
1. Click ‘Install MSI/Packages’
2. Choose ‘Additional Comodo Packages’ from drop down menu.
Step 4: Select options as described below,
1. Install Comodo Client – Security – Select check box associated with this option to install ‘Comodo Client – Security’ in the device.
2. Install RMM Plugin Agent – Select check box associated with this option to install ‘RMM Plugin Agen’ in the device.
3. Force the reboot in – If you want to reboot the device after comodo package installation follow below steps,
4. Select check box associated with ‘Force the reboot in ‘
5. Choose any of the time period among “‘5 minutes’, ’10 minutes’, ’15 minutes’, ’30 minutes'” after which device will be automatically restart.
6. Suppress the reboot – Select check box associate with this option to cancel rebooting after software installed in the device.
7. Warn about the reboot and let users postpone it – Enable this option to allow users to postpone reboot upon warning.
8. Reboot message – Enter text to be displayed before reboot otherwise default message settings will be applied.
Step 5: Click ‘Install’ to complete the Comodo package installation process.
How to check active components of a device?
Step 1: Go to ITSM > ‘Devices ‘ > ‘Device list’.
Step 2: Check ‘Active components’ column for the device.
Following active components are available for ITSM devices:
1. Agent only (AG)
2. Antivirus (AV)
3. Firewall (FW)
4. Containment (CO)
Step 3: Installed components in the device have highlighted icons.
Step 4: Please Install and configure Comodo Client Security software a in the device for Antivirus, Firewall and Containment components.
How to set specific applications to be malicious and check the admin rating
In ITSM, Setting a file as a Malicious can be done in two ways.
1. Application Control:
Step 1: Go to ITSM -> ‘Security Sub-Systems’ and then click “Application Control” menu.
Step 2: The ITSM has grouped the files into three main categories, and the categories are:
1. Unrecognized
2. Trusted
3. Malicious
Step 3: If you find a file from ‘Unrecognized’ tab or trusted tab as harmful, then you can move the file to ‘Malicious’.
Step 4: To Move the files to ‘Malicious’ tab please follow the below steps.
a. Navigate to ‘Unrecognized’ tab or ‘Trusted’ tab.
b. Select the check boxes of the appropriate files.
c. Click the “Move to Malicious” in the top.
Step 5: Go to ‘Malicious’ tab and view the saved files.
Step 6: Admin Rating, Indicates whether the file was manually moved by the Administrator from one category to another and the Categories are Unrecognized, Trusted and Malicious.
1. If Admin Rating is “yes”, Indicates that the file was moved by Administrator.Example: Since the files were moved, the admin rating is set as “yes”. (Please Refer the screenshot)
2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.Example: Since the files were not moved, the admin rating is set as “not set”. (Please Refer the screenshot).
2. Device List:Step 1: Go to ITSM -> ‘Devices’ and then click “Device List ” menu.
Step 2: Select a device from the list.
Example: WIN-EV5S84NSROI (Please Refer the image)
Step 3: Go to ‘File List’ tab.
Step 4: If you find a file from ‘Unrecognized’ tab or ‘Trusted’ tab as harmful, then you can move the file to Malicious.
Step 5: To Move the file(s) to malicious tab,
a. Go to ‘Unrecognized’ tab or ‘Trusted’ Tab.
c. Click the “Move to Malicious” option in the top.
Step 6: Click on the ‘Malicious’ tab. The malicious files that are in a device will be listed here.
How to set specific applications to be trusted and check the admin rating?
In ITSM, setting a file as trusted can be done in two ways,
1. Application Control:Step 1: Go to ITSM -> ‘Security Subsystems’ and then click “Application Control” menu.
Step 3: Go to ‘Trusted’ tab.
Step 4: The Trusted files from all the enrolled endpoints will be listed here.
Step 5: If you find a file from the ‘Unrecognized’ tab or ‘Malicious’ tab as ‘Trusted, then you can move the file to Trusted.
Step 6: To Move the file(s) to Trusted tab,
a. Go to Unrecognized tab or Malicious Tab.
b. select the check boxes of the appropriate files.
c. Click the “Move to Trusted ” option at the top.
Step 7: The Admin Rating, Indicates whether the file was manually moved by the Administrator from one category to another and the Categories are Unrecognized, Trusted and Malicious.
2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.Example: Since the files were not moved, the admin rating is set as “not set”. (Please Refer the screenshot)
2. Device List:
Step 1: Go to ITSM -> ‘Devices ‘and click “Device List” menu.
Step 4: If you find a file from the ‘Unrecognized’ tab or ‘Malicious’ tab as ‘Trusted’, then you can move the file to Trusted.
Step 5: To Move the file(s) to Trusted tab,
a. Go to ‘Unrecognized’ tab or ‘Malicious’ tab.
Step 6: Click on the ‘Trusted’ tab. The trusted files that are in a device will be listed here.
How to set specific applications to be unrecognized and check the admin rating
In ITSM, setting a file as trusted can be done in two ways:
Step 2: The ITSM has grouped the files into three main categories, and the categories are
Step 3: If you find a file from the malicious tab or trusted tab as unrecognizable, then you can move the file to the unrecognized tab.
Step 4: To Move the files to unrecognized tab please follow the below steps,
a. Navigate to the ‘Malicious’ tab or trusted tab.
c. Click the “Move to Unrecognized” at the top.
Step 5: Go to the ‘Unrecognized’ tab. The Unrecognized files from all the enrolled endpoints will be listed here.
1. If Admin Rating is “yes”, Indicates that the file was moved by Administrator.Example: Since the files were moved, the admin rating is set as “yes”.
2. If Admin Rating is “Not Set”, Indicates that the file was not moved by Administrator.Example: Since the files were not moved, the admin rating is set as “not set”.
Step 1: Go to ITSM -> ‘Devices’ and then click “Device List ”menu.
Step 4: If you find a file from the ‘Trusted’ tab or ‘Malicious’ tab as unrecognizable, then you can move the file to unrecognized.
Step 5: To Move the file(s) to ‘Unrecognized’ tab,
a. Go to ‘Trusted’ tab or ‘Malicious’ tab.
c. Click the “Move to unrecognized ” option at the top.
Step 6: Click on the ‘Unrecognized’ tab. The unrecognized files that are in a device will be listed here.
How to update Comodo clients to latest version
This new feature in ITSM provides user interface option to update Comodo clients.Note: “Comodo Client -communication” or “Comodo Client -Security” can be updated from ITSM only if installed versions are higher than 6.2.
Step 2: Select checkbox associated with ‘Devices’ for which Comodo clients needs to be updated with latest version. You can select multiple devices and update clients simultaneously.
Step 3: To open client update dialog box follow below steps,
Step 5: Finally, click ‘Install’ to apply your commands to clients.
How to uninstall Comodo Clients while removing devices from ITSM
This new feature in ITSM provide user interface option to uninstall Comodo clients while removing devices from ITSM.Step 1: Go to ITSM> ‘Devices’> ‘Device List’. You would be able to see all enrolled devices in ITSM.
Step 2: Select checkbox associated with ‘Devices’ that needs to be removed from ITSM enrollment. You can select multiple devices to remove simultaneously.
Step 3: Click ‘More…’ button at the top.Step 4: Choose ‘Delete Device’ option from drop down menu . You can see confirmation pop-up window now.
Step 5: Ensure below options are checked to uninstall clients in confirmation windows viz,
Step 6: Click ‘Confirm’ button in the bottom of confirmation window to remove devices from ITSM as well as uninstall clients from devices.
How to enroll device for a user
Step 1: Go to ITSM -> Users’ and click ‘User List’ menu.
Step 2: Click the name of the user from the list for which you want to enroll the device and click “Enroll Device” button.
Step 3: In ‘Enroll Devices’ dialog box,
3. The “Email enrollment instructions” Button – Click on this button to send the instructions through mail.
Step 4: Based on the operating system, the user can download the software from the appropriate link.For example: For Windows, you can download from the link below the caption “For Windows devices “.
Step 5: Open and install the downloaded software. The machine will be enrolled.
How to see all devices associated with a user
Please refer below steps to check devices associated with particular ITSM user.
Step 1: Launch ITSM.
Step 2: Go to ‘USERS’ ->’ User List’.
Step 3: Click on the specific user’s link: select the user to check associated devices for the same user.
Step 4: Select the ‘Associated Devices’ tab
Check the list of Devices which are associated with the user account.
How to view the logs in the ITSM device” in devices
When a procedure or an event applied to a device, a log will be created for those events. In ITSM, a log records the audit trail of the following events “ Alerts”, “Monitoring”, ”Script Procedures ”, “Patch Procedures”.
The logs are used to keep track of the events executed and also they can also be used to diagnose a problem. The logs are categorized and maintained separately for every device.
1. Alert logs – The alerts are created and associated with the events or procedures such as Monitoring, Script procedure and Patch procedure .When an event or procedure fails, the alert will be triggered, if the alert trigger option in the respective procedure or event is enabled. When an alert triggers, the log will be created under the category ‘Logs’ → “Alert Logs” in a device.
2. Monitoring logs – Whenever the monitoring event’s condition associated with a device exceeds its limit, the alert will be triggered and the log will be created for that monitoring under the ‘Logs’ → ‘Monitoring Logs’.
3. Script logs – When you execute a script procedure in your device, a log will be created under the Script Logs.
4. Patch logs – When you execute a patch procedure in your device, a log will be created under the Patch Logs.
View Alert Logs:
Step 1: Go to ITSM → ‘Devices’ → ‘Device List’ menu and click “Device Management” tab. Select a device to which you want to see the log files from the list.
Step 2: Click the “Logs” tab. Click “Alert logs” tab, the triggered alerts will be listed here with the following details alert name, Trigger name, Trigger Type, Hits Count (24H Period).
Step 3: Click the name of the alert to view the detailed information of the alert.
Note: While configuring the alert setting the following options should been abled, to create ticket and to notify the alert in the portal and also the time difference for notification.
1. Create notifications on the portal – If enabled, the notification will be created on your portal2. Create alert tickets on the service desk – If enabled, creates ticket through service desk automatically3. Don’t create additional alerts (about the same issue) for – If enabled ,Based on the time period mentioned additional alerts will not be created on the same issue. Example: 5 minutes.
View Monitoring Logs:
Step 2: Click the “Logs” tab > “Monitoring logs”. The list of monitoring added to the device will be listed here.Click “Details” link to view the log details of the monitoring.
1. Status – The log of monitoring messages will be displayed here.2. Tickets – The tickets will be created when the monitoring condition exceeds the limit.Note: Tickets are raised only if the option is enabled.
View Script Logs
Step 2: Click the “Logs” tab. Click “Script Logs”, the list of scripts executed by the device will be listed here. Click “Details” link to view the result of the executed script.
1.Status – The output of the script will be displayed here.2.Tickets – The tickets will be created when the scripts are exceeded the limit.Note: Tickets will be raised if the procedure fails and those tickets will be listed here.
View Patch Logs:
Step 1: Go to ITSM → ‘Devices’ → ‘Device List’ menu and click “Device Management” tab.
Step 2: Click the “Logs” tab. Click “Patch Logs”, the list of patch procedures executed on the device will be listed here. Click the “Details” link to view the result of the executed patch procedure.
1.Status – The output of the patch procedure will be displayed here.2.Tickets – The service desk tickets will be created when the patch procedures fail.Note: If an alert configured and added to the patch procedure appropriately.
How to update file ratings in order to reflect the same ratings in all devices
Admins can manage file rating also under the ‘Device Detail’ > ‘File List’ view. This will allow admins to take action more quickly on the files collected from the endpoints. Admin ratings provided in this view will be also reflected global view under ‘Security Sub-Systems’ → ‘Application Control’ view so that the admin would not need to take the same action for each device.
Note: If the ‘File List’ tab is not found on the device details page then you need to install Comodo Client Security – Please refer the link for more details https://forum.mspconsortium.com/forum/products/other-comodo-products/comodo-device-management/wiki-faq-how-to/7528-wiki-how-to-install-additional-comodo-packages
Step 1: Go to ‘Device Details’ > ‘File List’ and select the files collected by the CCS
Step 2: Click ‘Change Rating’ icon and select the option you would rate the file – you can check the rating at the column ADMIN RATING of the same table, this will be immediately updated.
Options:
How to add exclusions to external devices control like USB devices
The “External devices control” profile section, allows the user to block the access of the external devices at the endpoints. The devices like “bluetooth devices”, “USB storage devices” can be blocked. Thus it blocks every USB storage devices that are added to the devices. Add exclusions to certain devices using wild characters in the device id.
For example : Device ID = “USBSTOR\DiskHUAWEI__*”
Note : A Device ID can be obtained from from the ” Device Manager ” in the windows device.
Example : Open the Device Manager , select Hardware devices(Universal serial Bus collectors ) and select appropriate hardware like USB Root Hub and then right click and go to ‘Properties’ → ‘Details’ and choose hardware id from the property. The value listed are the Device ID.
Step 1: Go to “Configuration Templates” -> “Profiles”. Select a profile from the list, to which you add the exclusions to the external devices.
Step 2: Go to “External Devices control” tab. There are two available tabs:
Step 3: Click “Edit” button in the “External Devices Control” and go to “Exclusion” tab, click “Add” button.
The “Add Exclusion” dialog box appears. Provide the “Device custom name” and “Device Id” then click ‘Add’ button. The exclusion will be added.
Step 4: To delete the exclusion, select the checkbox of the exclusion and click “Delete” button.
The exclusion will be removed from the device. Note: This setting will be applied to the endpoints only when the profile is added to that particular endpoint.
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP