Comodo One. Understanding Windows Profiles in ITSM

January 27, 2017 | By Comodo

Comodo One. Understanding Windows Profiles in ITSM

How to hide/show security client and communication client tray icons in devices?

Step 1: Go to ‘ITSM’ > ‘Configuration Templates’> ‘Profiles’. User able to view list of available profiles.

Configuration Templates

Step 2: Click profile applied to your devices.

profile client2

Step 3: Client’s tray icons configuration options are available in ‘UI settings’. To configure ‘UI settings’ please follow below steps,

1. Click ‘Add Profile Sections’ button in profile

2. Choose ‘UI Settings’ from drop down menu

profile client3

Step 4: Under ‘UI Settings’ tab set following configuration as explained below,

1. Show security client tray icon – Selecting check box associated with this option enables Comodo One Client Security tray icon in devices.

2. Show communication client tray icon – Selecting check box associated with this option enables Comodo One Client Communication tray icon in devices.

profile client4

Step 5: Click ‘Save’ button to apply required changes. Profile will automatically update settings in associated devices.

profile client5a

How to define a list of device classes that should be blocked on endpoints?
Step 1: Go to ITSM > CONFIGURATION TEMPLATES and click ‘Profiles’ menu.

profile block1

Step 2: Click ‘Create’ icon and Select Create Windows Profile from the drop-down.

profile block2

Step 3: Fill the form ‘Create Windows Profile’ and submit.

1. Name – Enter the name of the profile you want. Example: External Device Classes to be blocked on End-Point

2. Description – Enter the description of the profile. Example: this is to block external devices accessing End-Point

3. Click ‘Create’ button

profile block3

Step 4: Click ‘Add Profile Section’ icon and select ‘External Devices Control’ from the drop-down.

profile block4

Step 5: Fill the form ‘External Device Control’.

1. Enable Device Control – This option blocks devices of a client computer from accessing, such as USB drives, Bluetooth devices, printers, and serial and parallel ports.

2. Log Detected Devices – To log detected devices then and there

3. Show notifications when devices disabled or enabled – To get notification from the ITSM for your endpoint, check the option enabled

profile block5

Step 6: If you would like to block the device classes, click ‘Add’ icon.

1. Select the ‘Device Classes’ from the list of Pop-Window and click ‘OK’ button.

2. Select the device classes. Example: Smart card readers, Ports.

3. Click ‘OK’ button.

Profile Block 6a

profile block 6b

Step 7: Check if you have the list of selected device classes are added into the blocked list table.

"profile

Step 8: *In case, you would like to delete the added classes into the blocked list, No worry we have Delete option to remove from there.

1. Select the ‘Device Classes’ and click the ‘Delete’ icon

2. Confirm the ‘Device Class Remove Window’

"profile

"profile

profile block8c
Step 9: If you would like to don’t block the device classes.

1. Click the ‘Exclusion’ tab
2. Click ‘Add’ icon

profile block 9a

profile block 9b
Step 10: Fill the form ‘Add Exclusion’.

1. Enter ‘Device Custom Name’. Example: Mobile

2. Enter the ‘Device ID’. Example: 4D36E967-E325-11CE-BFC1-08002BE10318

3. Click ‘Add’ button

profile block 10a

profile block 10b

Step 11: *In case, you would like to delete the item from the exclusion list, follow the steps below

1. Select the item from the ‘Exclusion’ table

2. Click ‘Delete’ icon

3. Confirm the ‘Alert Window Exclusion Remove’

profile block11a

Profile block 11b

"profile

Step 12: Click ‘Save’ button to apply changes.

profile block 12

**Use the defined profile with devices you want to block external device access.

How to configure baseline settings?
Baseline settings enable us to set time period during which unknown files will not be auto contained. Instead unknown files are analysed using Valkyrie for the configured period.

Step 1: Go to ITSM → Configuration Templates and select ‘Profiles’ menu.

profile baseline 1

Step 2: Select a name of a profile from the list, to which you need to enable the baseline.

profile baseline 2

Step 3: Click the “ Add Profile Section” and select the “Containment” from the drop-down. In turns an alert pop up, click “Confirm”.

profile baseline 3a

profile baseline 3b

Step 4: Go to ‘Containment’ tab, the Baseline option will be available only if the “Valkyrie” is added to your profile.

1. If Valkyrie is already added to your profile. Go to Step 5 and continue.

2. Or to add ‘Valkyrie’, click the “ Add Profile Section” and select the “Valkyrie ” from the drop-down and customize it.

Step 5: Go to ‘Containment’ tab, click the “Baseline”.

Profile baseline5

Step 6: Select the “Enable Baseline” check box.

profile baseline6

Step 7: Select any of the below three option of your choice.

1. Stop Baseline and enable Auto-Containment after countdown
Set baseline time in Days and Hours. The unknown files will be sent to Valkyrie without containment. Once after the defined baseline time expires ,the containment will be resumed.

2. Stop Baseline and enable Auto-Containment after Valkyrie submit
When the baseline period is not mentioned , this option will be applied . After the files are submitted to the Valkyrie, the Comodo Client Security holds an individual unknown file.
3. Stop Baseline and enable Auto-Containment after Valkyrie response
When the baseline period is not mentioned , this option will be applied . After the Valkyrie response, the Comodo Client Security holds an individual unknown File.

profile baseline 7a

Profile baseline 7b

Profile baseline 7c

How to restrict access to Comodo Client Security (CCS) and Comodo Client Communication (CCC) on the endpoints?
Step 1: Go to ITSM > CONFIGURATION TEMPLATES > ‘Profiles’.

profile access1

Step 2: Click ‘Create’ icon and select ‘Create Windows Profile’ menu.

profile access2

Step 3: Fill the form ‘Create Windows Profile’.

1. Enter Name, Example: Profile to restrict the client access CCS and CCC

2. Enter Description, Example: Profile to restrict client access CCS and CCC for the target Endpoints

3. Click ‘Create’ button

Profile access3

Step 4: Click ‘Add Profile Section’ icon and select ‘Client Access Control’ menu.

Profile access4

Step 5: Fill the form that loads from the tab ‘Client Access Control’ and click ‘Save’ button to submit the form details.

1. Check ‘Apply password protection settings for enabling or disabling access for the listed clients’

  • Comodo Client – Security, If enabled then the client is password protected
  • Comodo Client – Communication, If enabled then the client is password protected

2. Check the field Require Password and use the below options as per your requirement

  • Computer administrator, If the field is enabled then the above client will use the Administrator as credentials
  • Custom password, If the field is enabled then the above client will use the given Password as credentials
    • Password
    • Confirm Password

3. Click Save button to submit the settings


Usage: ** Use the profile with the specified device to experience the benefits.

How to define exclusions for files and folders?
Step 1: Go to ITSM > CONFIGURATION TEMPLATES and click ‘Profiles’ menu.

Step 2: Click Create icon and Select Create Windows Profile from the drop-down.

Step 3: Fill the form Create Windows Profile and submit.

1. Name – Enter the name of the profile you want. Example: To Exclude A PATH OR Group of Files or Folders from Scanning by AV
2. Description – Enter the description of the profile. Example: this is to exclude the specific files or folders from scanning by the COMODO Antivirus Scan tool
3. Click ‘Create’ button

Step 4: Click ‘Add Profile Section’ icon and select ‘Antivirus ‘from the drop-down.

Step 5: Click ‘Confirm’ button to add the ‘Comodo Antivirus’ to your End-Point.

Step 6: Select the ‘Exclusions’ tab from the screen presence after your confirmation.

Step 7: If you would like to exclude any path to be prevented from scanning on your End-Point, click ‘Add’ button to add a path.

Profile Enclusion1

Step 8: Fill the form ‘Add Excluded Path’

1. Enter the path in the text box. Example: %systemroot%\*.* – you may also use exact path or any other pattern

2. Click ‘OK’ button

Profile Enclusion2

Step 9: If you would like to exclude any application to be prevented from scanning on your End-Point, Select ‘Excluded Applications’ tab and click the ‘Add’ button.

Profile Enclusion3

Step 10: Fill the form ‘Add Excluded Application’.

1. Enter the Application’s complete path into Path text box. Example: %systemroot%\explorer.exe

2. Click ‘OK’ button

Profile Enclusion4

Step 11: If you would like to exclude any group to be prevented from scanning on your End-Point, select ‘Excluded Groups’ tab and click the ‘Add’ button.

Profile Enclusion5

Step 12: Fill the form ‘Add Excluded Group’.

1. Click the ‘Group’ drop-down list
2. Choose the appropriate group from the drop-down. Example: Windows System Applications
3. Click ‘OK’ button

Profile Enclusion6

Profile Enclusion6b

Step 13: Click ‘Save’ button to save excluded list.

Profile Enclusion7

**Use the profile with the device and perform the scan over the device.

How to configure and manage file ratings from windows profiles?

Step 1: Go to ITSM > CONFIGURATION TEMPLATES > ‘Profiles’ menu and select the ‘Create Windows Profile’ menu from the drop-down presents after the ‘Create’ icon is clicked.

file_rating1

Step 2: Fill the form ‘Create Windows Profile’ presents there.

1. Enter the name of the profile you would prefer for into ‘Name’ field. Example, Setting File Rating

2. Enter the purpose or summary or any text to explain about the profile into ‘Description’ field

3. Click the ‘Create’ button

file_rating2

Check whether you have properly created with the given information. If not, please click the ‘Edit’ icon and modify the required content.

file_rating2b

Step 3: Click the ‘Add Profile Section’ icon and select the ‘File Rating’ menu from the drop-down menu.

file_rating3

 

Step 4: Fill the form ‘File Rating’ presents from under the ‘File Rating’ tab.

1. Enable Cloud Lookup (recommended) – It is recommended to the ‘Cloud Lookup’ analyze the unknown files from the endpoint.

2. Analyze unknown files in the cloud by uploading them for instant analysis – Allows you to analyze the files instantly

3. Enable upload metadata of unknown files to the cloud.

4. Show cloud alert – If disabled, automatically applies “Block and Terminate” action to the malware detected by cloud scanning.

5. Detect potentially unwanted applications – Allows you to analyze unwanted Softwares and files which are potentially not recommended.

6. Auto purge is enabled – Only the files whose absolute path is specified and which no longer exist will be purged. That is, only the local unrecognized files will be affected.

7. Custom FLS access ports – If you would like FLS to communicate through given UDP port or TCP port, please enable this option and provide the configuration details.

8. Enable report for non-executable files – CCS sends reports to ITSM for non-executable files, If the option is enabled.

9. Show non-executable files – ITSM shows non-executable files from the endpoints once the option is enabled.

10. Click the ‘Save’ button.

file_rating4a

Check the field information after saving the form. If not properly given, you may click the ‘Edit’ button and modify them.

file_rating4b

** The configuration is effective when you run the profile over devices only.

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>