DOCSLIB.ORG

Comodo ESM Admin Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Comodo ESM Admin Guide Comodo Endpoint Security Manager SME Edition Software Version 2.1 Administrator Guide Guide Version 2.1.010215 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Comodo Endpoint Security Manager - SME - Administrator Guide Table of Contents 1.Introduction to Endpoint Security Manager - SME 1.1.Software Components and System Requirements..............................................................................................................6 1.2.Removing Incompatible Products........................................................................................................................................ 8 1.3.Installing and Configuring the Service ..............................................................................................................................10 1.4.Key Concepts.................................................................................................................................................................... 16 1.5.Best Practices................................................................................................................................................................... 17 1.6.Quick Start Guide.............................................................................................................................................................. 18 2.The Administrative Console.................................................................................................................................................... 26 2.1.Logging-in to the Administrative Console.......................................................................................................................... 27 2.2.The Dashboard Area......................................................................................................................................................... 28 2.2.1.Adding and Re-configuring Tiles..............................................................................................................................30 2.2.1.1.Quick Actions Tiles.......................................................................................................................................... 31 2.2.1.2.Policy Status Tile............................................................................................................................................. 35 2.2.1.3.Endpoint Updates Tile..................................................................................................................................... 37 2.2.1.4.Endpoint Infections Tile................................................................................................................................... 38 2.2.1.5.Connectivity Tile.............................................................................................................................................. 40 2.2.1.6.Getting Started Tile......................................................................................................................................... 41 2.2.1.7.System Status Tile.......................................................................................................................................... 42 2.2.1.8.License Status Tile.......................................................................................................................................... 46 2.2.1.9.Software Tile................................................................................................................................................... 49 2.3.The Computers Area......................................................................................................................................................... 51 2.3.1.Adding Endpoint Computers to ESM........................................................................................................................ 52 2.3.1.1.Importing Computers by Automatic Installation of Agent.................................................................................52 2.3.1.2.Adding Computers by Manual Installation of Agent and CIS...........................................................................67 2.3.1.3.Updating Comodo Software on Managed Computers.....................................................................................72 2.3.2.Creating Endpoint Groups........................................................................................................................................ 80 2.3.3.Viewing Endpoints.................................................................................................................................................... 84 2.3.4.Updating Endpoints.................................................................................................................................................. 96 2.4.The Policies Area............................................................................................................................................................ 102 2.4.1.Viewing Policies..................................................................................................................................................... 104 2.4.2.Creating a New Policy............................................................................................................................................ 126 2.5.The Reports Area............................................................................................................................................................ 133 2.5.1.Reports Gallery...................................................................................................................................................... 134 2.5.1.1.Computer Details Report............................................................................................................................... 137 2.5.1.2.CIS Configuration Report.............................................................................................................................. 142 2.5.1.3.Computer Infections Report..........................................................................................................................146 2.5.1.4.Quarantined Items Report.............................................................................................................................148 2.5.1.5.Antivirus Updates Report..............................................................................................................................152 2.5.1.6.CIS Log Report............................................................................................................................................. 156 2.5.1.7.Policy Compliance Report............................................................................................................................. 164 2.5.1.8.Policy Delta Report....................................................................................................................................... 168 2.5.1.9.Malware Statistics Report.............................................................................................................................172 2.5.1.10.Top Ten Malware Report.............................................................................................................................179 2.5.2.Report Explorer...................................................................................................................................................... 184 2.5.3.Report Settings...................................................................................................................................................... 185 Endpoint Security Manager - SME Administrator Guide | © 2015 Comodo Security Solutions Inc. | All rights reserved 2 Comodo Endpoint Security Manager - SME - Administrator Guide 2.6.About............................................................................................................................................................................... 185 2.7.Logging out of ESM Console........................................................................................................................................... 188 3.How To... Tutorials.................................................................................................................................................................. 189 3.1.How to Connect CIS to ESM at the Local Endpoint.........................................................................................................189 3.2.How to configure CIS Policies - An Introduction..............................................................................................................191 3.3.How to Setup External Access from Internet...................................................................................................................195 3.4.How to Install CIS............................................................................................................................................................ 198 Appendix 1 The Service Configuration Tool........................................................................................................................... 202 Start and Stop the ESM Service............................................................................................................................................ 203 Main Settings.......................................................................................................................................................................
Load more

Recommended publications
  • The Downadup Codex a Comprehensive Guide to the Threat’S Mechanics
    Security Response The Downadup Codex A comprehensive guide to the threat’s mechanics. Edition 2.0 Introduction Contents Introduction.............................................................1 Since its appearance in late-2008, the Downadup worm has become Editor’s Note............................................................5 one of the most wide-spread threats to hit the Internet for a number of Increase in exploit attempts against MS08-067.....6 years. A complex piece of malicious code, this threat was able to jump W32.Downadup infection statistics.........................8 certain network hurdles, hide in the shadows of network traffic, and New variants of W32.Downadup.B find new ways to propagate.........................................10 defend itself against attack with a deftness not often seen in today’s W32.Downadup and W32.Downadup.B threat landscape. Yet it contained few previously unseen features. What statistics................................................................12 set it apart was the sheer number of tricks it held up its sleeve. Peer-to-peer payload distribution...........................15 Geo-location, fingerprinting, and piracy...............17 It all started in late-October of 2008, we began to receive reports of A lock with no key..................................................19 Small improvements yield big returns..................21 targeted attacks taking advantage of an as-yet unknown vulnerability Attempts at smart network scanning...................23 in Window’s remote procedure call (RPC) service. Microsoft quickly Playing with Universal Plug and Play...................24 released an out-of-band security patch (MS08-067), going so far as to Locking itself out.................................................27 classify the update as “critical” for some operating systems—the high- A new Downadup variant?......................................29 Advanced crypto protection.................................30 est designation for a Microsoft Security Bulletin.
    [Show full text]
  • Mcafee Epolicy Orchestrator DATA SHEET
    DATA SHEET McAfee ePolicy Orchestrator Centrally get, visualize, share, and act on security insights Security management requires cumbersome juggling between tools and data. This puts the adversary at an advantage by offering more time to exploit the gap not seen between the tools and do damage. In addition, the cybersecurity workforce is limited and needs to be empowered to manage cybersecurity complexity. The McAfee® ePolicy Orchestrator® (McAfee ePO™) management platform removes the time-consuming and potential human error effort and inspires those responsible to manage security quicker and with higher efficacy. Fundamental Security Proven Advanced Security Management Start with the fundamentals. Core to any security More than 30,000 businesses and organizations trust architecture is the ability to monitor and control the the McAfee ePO console to manage security, streamline health of endpoints and systems. Industry standards and automate compliance processes, and increase such as Center for Internet Security (CIS) Controls and overall visibility across endpoint, network, and security National Institute of Standards Technology (NIST) SP operations. Big companies rely on the McAfee ePO 800 153 security and privacy controls call this out as console’s highly scalable architecture, allowing large a must. The McAfee ePO console allows you to gain enterprises to manage hundreds and thousands of critical visibility and set and automatically enforce nodes from a single console. The McAfee ePO console policies to ensure a healthy security posture across provides an enterprise security administrator with the your enterprise. Policy management and enforcement opportunity to simplify policy maintenance, pull in third- across security products for your entire enterprise party threat intelligence leveraging Data Exchange Layer is accomplished from a single console, removing the (DXL), and integrate policies bi-directionally with an array complexity of managing multiple products.
    [Show full text]
  • Hostscan 4.8.01064 Antimalware and Firewall Support Charts
    HostScan 4.8.01064 Antimalware and Firewall Support Charts 10/1/19 © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco public. Page 1 of 76 Contents HostScan Version 4.8.01064 Antimalware and Firewall Support Charts ............................................................................... 3 Antimalware and Firewall Attributes Supported by HostScan .................................................................................................. 3 OPSWAT Version Information ................................................................................................................................................. 5 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.890.0 for Windows .................................................. 5 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.890.0 for Windows ........................................................ 44 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.824.0 for macos .................................................... 65 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.824.0 for macOS ........................................................... 71 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.730.0 for Linux ...................................................... 73 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.730.0 for Linux .............................................................. 76 ©201 9 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
    [Show full text]
  • Clustered Data ONTAP 8.3 CIFS File Access Reference Guide
    Clustered Data ONTAP® 8.3 CIFS File Access Reference Guide February 2016 | 215-10876_A0 [email protected] Updated for 8.3.2 Table of Contents | 3 Contents Deciding whether to use this guide ........................................................... 12 Understanding SMB file access with Data ONTAP ................................. 14 How namespaces and volume junctions affect SMB access on SVMs with FlexVol volumes .................................................................................................. 14 What namespaces in SVMs with FlexVol volumes are ................................. 14 Volume junction usage rules ......................................................................... 14 How volume junctions are used in SMB and NFS namespaces .................... 15 What the typical NAS namespace architectures are ...................................... 15 LIF configuration requirements for file access management .................................... 18 How security styles affect data access ....................................................................... 19 What the security styles and their effects are ................................................ 19 Where and when to set security styles .......................................................... 20 How to decide on what security style to use on SVMs with FlexVol volumes .................................................................................................... 20 How security style inheritance works ..........................................................
    [Show full text]
  • Secureworks Corp. (Exact Name of Registrant As Specified in Its Charter)
    UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549 FORM 10-K (Mark One) ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES þ EXCHANGE ACT OF 1934 For the fiscal year ended February 3, 2017 or TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES o EXCHANGE ACT OF 1934 For the transition period from to Commission file number: 001-37748 SecureWorks Corp. (Exact name of registrant as specified in its charter) Delaware 56-2015395 (State or other jurisdiction of (I.R.S. Employer incorporation or organization) Identification No.) One Concourse Parkway NE Suite 500, Atlanta, Georgia 30328 (Address of principal executive offices) (Zip Code) Registrant’s telephone number, including area code: (404)327-6339 Securities registered pursuant to Section 12(b) of the Act: Title of each class Name of each exchange on which registered Class A Common Stock, par value $0.01 per share The NASDAQ Stock Market LLC (NASDAQ Global Select Market) Securities registered pursuant to Section 12(g) of the Act: None Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes o No R Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes o No R Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
    [Show full text]
  • Virusscan Enterprise 7.1.0 Installation Guide
    Installation Guide Revision 1.0 VirusScan® Enterprise version 7.1.0 COPYRIGHT © 2003 Networks Associates Technology, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Networks Associates Technology, Inc., or its suppliers or affiliate companies. To obtain this permission, write to the attention of the Network Associates legal department at: 5000 Headquarters Drive, Plano, Texas 75024, or call +1-972-963-8000. TRADEMARK ATTRIBUTIONS Active Firewall, Active Security, Active Security (in Katakana), ActiveHelp, ActiveShield, AntiVirus Anyware and design, Appera, AVERT, Bomb Shelter, Certified Network Expert, Clean-Up, CleanUp Wizard, ClickNet, CNX, CNX Certification Certified Network Expert and design, Covert, Design (stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (in Katakana), Dr Solomon’s, Dr Solomon’s label, E and Design, Entercept, Enterprise SecureCast, Enterprise SecureCast (in Katakana), ePolicy Orchestrator, Event Orchestrator (in Katakana), EZ SetUp, First Aid, ForceField, GMT, GroupShield, GroupShield (in Katakana), Guard Dog, HelpDesk, HelpDesk IQ, HomeGuard, Hunter, Impermia, InfiniStream, Intrusion Prevention Through Innovation, IntruShield, IntruVert Networks, LANGuru, LANGuru (in Katakana), M and design, Magic Solutions, Magic Solutions (in Katakana), Magic University, MagicSpy, MagicTree, McAfee, McAfee (in Katakana),
    [Show full text]
  • Q3 Consumer Endpoint Protection Jul-Sep 2020
    HOME ANTI- MALWARE PROTECTION JUL - SEP 2020 selabs.uk [email protected] @SELabsUK www.facebook.com/selabsuk blog.selabs.uk SE Labs tested a variety of anti-malware (aka ‘anti-virus’; aka ‘endpoint security’) products from a range of well-known vendors in an effort to judge which were the most effective. Each product was exposed to the same threats, which were a mixture of targeted attacks using well-established techniques and public email and web-based threats that were found to be live on the internet at the time of the test. The results indicate how effectively the products were at detecting and/or protecting against those threats in real time. 2 Home Anti-Malware Protection July - September 2020 MANAGEMENT Chief Executive Officer Simon Edwards CONTENTS Chief Operations Officer Marc Briggs Chief Human Resources Officer Magdalena Jurenko Chief Technical Officer Stefan Dumitrascu Introduction 04 TEstING TEAM Executive Summary 05 Nikki Albesa Zaynab Bawa 1. Total Accuracy Ratings 06 Thomas Bean Solandra Brewster Home Anti-Malware Protection Awards 07 Liam Fisher Gia Gorbold Joseph Pike 2. Threat Responses 08 Dave Togneri Jake Warren 3. Protection Ratings 10 Stephen Withey 4. Protection Scores 12 IT SUPPORT Danny King-Smith 5. Protection Details 13 Chris Short 6. Legitimate Software Ratings 14 PUBLICatION Sara Claridge 6.1 Interaction Ratings 15 Colin Mackleworth 6.2 Prevalence Ratings 16 Website selabs.uk Twitter @SELabsUK 6.3 Accuracy Ratings 16 Email [email protected] Facebook www.facebook.com/selabsuk 6.4 Distribution of Impact Categories 17 Blog blog.selabs.uk Phone +44 (0)203 875 5000 7.
    [Show full text]
  • Consumer Security Products Performance Benchmarks (Edition 2) Antivirus & Internet Security Windows 10
    Consumer Security Products Performance Benchmarks (Edition 2) Antivirus & Internet Security Windows 10 January 2020 Document: Consumer Security Products Performance Benchmarks (Edition 2) Authors: J. Han, D. Wren Company: PassMark Software Date: 13 January 2020 Edition: 2 File: Consumer_Security_Products_Performance_Benchmarks_2020_Ed_2.docx Consumer Security Performance Benchmarks 2019 PassMark Software Table of Contents TABLE OF CONTENTS ......................................................................................................................................... 2 REVISION HISTORY ............................................................................................................................................ 3 REFERENCES ...................................................................................................................................................... 3 EXECUTIVE SUMMARY ...................................................................................................................................... 4 OVERALL SCORE ................................................................................................................................................ 5 PRODUCTS AND VERSIONS ............................................................................................................................... 6 PERFORMANCE METRICS SUMMARY ................................................................................................................ 7 TEST RESULTS ................................................................................................................................................
    [Show full text]
  • TANDBERG VIKING SERIES NAS APPLIANCE Storage Server Administration Manual
    TANDBERG VIKING SERIES NAS APPLIANCE Storage Server Administration Manual TANDBERG DATA ASIA 20 Bendemeer Road, #04-05 Cyberhub, Singapore 339914 Phone + 65 6396 0786 Part No. 65 82 X2 - 01 Telefax + 65 6396 0787 January 2008 © Tandberg Data Asia Related publications available from Tandberg Data Asia: Part No. Title 6582B7 Tandberg Viking FS-1600 NAS Hardware User Manual 6582A7 Tandberg Viking FS-1500 NAS Hardware User Manual 658297 Tandberg Viking FS-412 NAS Hardware User Manual This publication may describe designs for which patents are granted or pen- ding. By publishing this information, Tandberg Data Asia conveys no license under any patent or any other rights. Every effort has been made to avoid errors in text and diagrams. However, Tandberg Data Asia assumes no responsibility for any errors which may ap- pear in this publication. It is the policy of Tandberg Data Asia to improve products as new techniques and components become available. Tandberg Data Asia therefore reserves the right to change specifications at any time. We would appreciate any comments on this publication. __________________________________________________________________________________________________ Table of Contents Table of Contents i 1. System Overview 1-1 1.1. Product Information 1-1 1.1.1. Product Manageability 1-2 1.2. Redundancy 1-2 1.2.1. Configuring RAID using 4 HDD (1U) 1-3 1.2.2. Configuring RAID using 16 HDD (3U) 1-4 1.2.3. System Volume (SV) 1-5 1.2.4. Data Volume (DV) 1-5 1.4. Deployment 1-5 1.4.1. File Server Consolidation 1-5 1.4.2. Multi-protocol Environments 1-5 1.4.3.
    [Show full text]
  • Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense
    Bleed rule--remove from file Bleed rule--remove from file MITRE’s accumulated Ten Strategies of a World-Class Cybersecurity Operations Center conveys MITRE’s expertise on accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities enterprise- grade of leading Cybersecurity Operations Centers (CSOCs), ranging from their structure and organization, computer MITRE network to processes that best enable effective and efficient operations, to approaches that extract maximum defense Ten Strategies of a World-Class value from CSOC technology investments. This book offers perspective and context for key decision Cybersecurity Operations Center points in structuring a CSOC and shows how to: • Find the right size and structure for the CSOC team Cybersecurity Operations Center a World-Class of Strategies Ten The MITRE Corporation is • Achieve effective placement within a larger organization that a not-for-profit organization enables CSOC operations that operates federally funded • Attract, retain, and grow the right staff and skills research and development • Prepare the CSOC team, technologies, and processes for agile, centers (FFRDCs). FFRDCs threat-based response are unique organizations that • Architect for large-scale data collection and analysis with a assist the U.S. government with limited budget scientific research and analysis, • Prioritize sensor placement and data feed choices across development and acquisition, enteprise systems, enclaves, networks, and perimeters and systems engineering and integration. We’re proud to have If you manage, work in, or are standing up a CSOC, this book is for you. served the public interest for It is also available on MITRE’s website, www.mitre.org. more than 50 years.
    [Show full text]
  • Fortios 6.2 Data Sheet
    DATA SHEET FortiOS™ 6.2 Fortinet’s Security Operating System FortiOS enables the Fortinet Security Fabric, allowing organizations to readily achieve a security-driven network with one intuitive operating system. FortiOS 6.2, the latest version of Fortinet’s security operating system, powers the entire Security Fabric, helping customers reduce and manage the attack surface, prevent advanced threats, and reduce complexity from Internet of Things (IoT) devices to the cloud. Broad Visibility Highlights — What’s New Achieve full visibility across multi-cloud and branch § Spilt-task VDOM environments with SD-WAN, native cloud and virtual connectors, and intent-based segmentation. § Expanding product Integration with Security Fabric § New SDN and Threat Feed Connectors Integrated AI-driven Breach Prevention § SD-WAN Rule Definition and VPN Stop threats quickly and detect active intrusions and Setup Enhancements bad actors across the entire Security Fabric with § Extending Public Cloud Support integrated AI-driven intelligence capabilities combined § Additional Triggers and Actions with advanced, leading-edge technologies. § Flow-based security profile Improvements § MAC Address Objects § Consolidated risk View on Automated Operations, Orchestration, Topology Map and Response § FortiSandbox Cloud Region Reduce complexity and costs with rapid orchestrated Selection threat response, automated workflows, and § Policy Setup and Visibility automated auditing and compliance. Upgrades DATA SHEET | FortiOS™ 6.2 Overview Introducing FortiOS 6.2 increasing digital connectedness of organizations is driving the requirement for a security transformation, where security is integrated into applications, devices, and cloud networks to protect business data spread across these complex environments. FortiOS™ 6.2 delivers hundreds of new features and capabilities that were designed to provide the broad visibility, integrated threat intelligence, and automated response required for digital business.
    [Show full text]
  • Sécurité Et Antivirus Sur Mac
    Sécurité et antivirus sur Mac Sécurité et antivirus sur Mac ............................................................................................................. 1 Sécurité : le discours officiel et les faits ......................................................................................... 3 Sécurité : les types de menace en activité ..................................................................................... 4 Les failles de sécurité ......................................................................................................................................... 4 Trojans ................................................................................................................................................................. 4 Phishing, vol d'identité ..................................................................................................................................... 5 Les mécanismes de défense standard ............................................................................................ 6 Quelles défenses contre des logiciels malveillants ? ................................................................. 7 Le chiffrement de données sous Mac OS X .................................................................................... 8 Antivirus sur Mac : est-ce bien nécessaire ? ................................................................................. 9 Les suites de sécurité sur Mac .......................................................................................................
    [Show full text]