Announcement

Collapse
No announcement yet.

[June] What's New on Comodo Client Security?

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [June] What's New on Comodo Client Security?

    Hello everyone,

    We are excited to inform you that we are planning to have new releases scheduled to go live on Saturday (2019-06-08) morning!

    The release is expected to take 30 minutes to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 2 pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us.
    Comodo Client Security

    Windows

    Connectivity Issues Regarding CCS v11.2

    • The engineering team investigated the issue from the first day of the incident, as some firewall-sourced connectivity issues were reported from some customers. Eventually, the issue is identified as it sourced from the complications of Firewall module refactoring during the transition from v11.1 to 11.2. Therefore, it has been decided that these refactorings should be reverted in this release. Internal tests and the tests on several customer environments were completed successfully. The team will keep working in depth to prevent recurrence of similar incidents. Due to this reversion, a few recent Firewall features will disappear. The detailed feature list can be found below. Please note that these features were not reflected to Endpoint Manager. Therefore, it will not require you to make any changes on your configuration under usual circumstances.
      • Features to be reverted:
        • Ability to specify criteria for Firewall rules.
        • Rating, Containment status, Age, Parent Process etc
        • Ability to create Firewall rules for IPv6 address ranges
    New Features

    • The antivirus scanner will now skip files that take longer than 5 minutes to scan. This improves performance in manual and scheduled scans. Skipped files are shown in the scan results screen.
    Improvements

    • New rule to auto-contain .msi installers. The new ‘Run Virtually’ rule applies to msiexec.exe files if the parent process is in the 'Management and Productivity Applications' group. This improves security by virtualizing any unknown files launched via msiexcec.exe by legitimate applications in the group.
    • View logs straight from the tray icon. You can now access the ‘View Logs’ interface by simply right-clicking on the CCS tray icon.
    • Enable/disable HIPS from the tray icon. Quickly activate or deactivate HIPS from the right-click menu of the CCS tray icon.
    • Added ‘Block’ actions to the containment parent process tree. Processes blocked by the containment module are now logged in Containment Logs > Parent Process records. This improves visibility during forensic investigations.
    • ‘Reputation’ column renamed as ‘Rating’ in the auto-containment rules screen. This change is to improve language consistency across product interfaces.
    • Caps-Lock Warning. You are now warned if caps-lock is on when entering the client access password.
    Bug Fixes

    • Fixed the issue of not minimizing Virtual Desktop
    • Fixed the issue of Full Antivirus scan failures
    • Fixed the issue of reporting internal containment services to EM
    • Fixed the issue of BSOD after CCS installation
    • Fixed the issue of BSOD when a cellular modem is enabled on the endpoint
    • Fixed the issue of internal Comodo services crashs on Windows Server 2012 R2
    Linux

    New Features

    • External device control rule for USB Devices. New rule lets you block the use of USB devices on Linux endpoints. You can create exceptions for specific devices if required.

  • #2
    Hi Can

    With the firewall we still had issues in v11.1, not as bad as v11.2 or v11.0.

    These really is not a solution to the issue and not what anyone especially me was expecting.

    It is obvious that due to constant changes by MS and the way you use NIC drivers to implement a firewall to provide containment and other features on the traffic just does not work.

    As this does not work can you please provide a 100% working version with no firewall and no warning messages to end clients about the lack of this feature.

    Sorry to be demanding, but we have had enough with the firewall and constant killing of networks to get one month of slight improvement and then be back in the gutter again the next month.
    Robin
    Director
    Strobe Technologies Ltd
    https://www.strobe-it.co.uk/

    Comment


    • #3
      Originally posted by StrobeTech View Post
      Hi Can

      With the firewall we still had issues in v11.1, not as bad as v11.2 or v11.0.

      These really is not a solution to the issue and not what anyone especially me was expecting.

      It is obvious that due to constant changes by MS and the way you use NIC drivers to implement a firewall to provide containment and other features on the traffic just does not work.

      As this does not work can you please provide a 100% working version with no firewall and no warning messages to end clients about the lack of this feature.

      Sorry to be demanding, but we have had enough with the firewall and constant killing of networks to get one month of slight improvement and then be back in the gutter again the next month.
      Hi

      I've been using the pre-release version of CCS 11.2.2.7453 without any issues, which I understand will be released as version 11.3 this weekend.

      Comment


      • #4
        Originally posted by StrobeTech View Post
        Hi Can

        With the firewall we still had issues in v11.1, not as bad as v11.2 or v11.0.

        These really is not a solution to the issue and not what anyone especially me was expecting.

        It is obvious that due to constant changes by MS and the way you use NIC drivers to implement a firewall to provide containment and other features on the traffic just does not work.

        As this does not work can you please provide a 100% working version with no firewall and no warning messages to end clients about the lack of this feature.

        Sorry to be demanding, but we have had enough with the firewall and constant killing of networks to get one month of slight improvement and then be back in the gutter again the next month.
        I really wish there was a version of ccs without the firewall (and without the coresponding messages that the firewall is inactive when disabled). We've just pushed out ccs to some more of our endpoints but by default now we have the firewall disabled and the ccs taskbar icon hidden. (not ideal but better than the stress the comodo firewall causes). We have a short while longer to evaluate our position but I suspect we will simply use the Itarian platform for patch management and switch back to our previous AV supplier unless Comodo listen to their users requests.

        Comment


        • #5
          Originally posted by Ed_Johnson View Post

          I really wish there was a version of ccs without the firewall (and without the coresponding messages that the firewall is inactive when disabled). We've just pushed out ccs to some more of our endpoints but by default now we have the firewall disabled and the ccs taskbar icon hidden. (not ideal but better than the stress the comodo firewall causes). We have a short while longer to evaluate our position but I suspect we will simply use the Itarian platform for patch management and switch back to our previous AV supplier unless Comodo listen to their users requests.
          I have some tests to do and then possibly some good news!
          Robin
          Director
          Strobe Technologies Ltd
          https://www.strobe-it.co.uk/

          Comment


          • #6
            Originally posted by StrobeTech View Post

            I have some tests to do and then possibly some good news!
            Did a very simple test. Disabled the firewall 7th Jun, and no WiFi disconnections until this morning, 12th Jun. Only change I did was to enable the firewall yesterday.

            Comment


            • #7
              Hi DukePaul
              Check out StrobeTech's discussion here for an update about his test with the Firewall component.

              Comment


              • #8
                Originally posted by Rick C View Post
                Hi DukePaul
                Check out StrobeTech's discussion here for an update about his test with the Firewall component.
                Thanks Rick, I just deleted everything and left only the AV component.

                Comment


                • #9
                  DukePaul ,

                  Can you please confirm that the version you currently have is 11.3.0.7495 for your client security coming from the last update.

                  Comment


                  • #10
                    Hi Jimmy

                    Yes, we have 11.3.0.7495

                    Comment


                    • #11
                      Hello DukePaul

                      We have created a ticket for you in order to investigate the issue further

                      With best regards

                      Comment


                      • #12
                        Thanks DaveHD .

                        What I don't understand is why it's not consistent. I have one user who has everything enabled and not experiencing any connectivity issue. Others have the issue but happens just every now and then. And other's have the issue like they can't do any work because it disconnects them like every 10-15 minutes.

                        Comment


                        • #13
                          Originally posted by DukePaul View Post
                          Thanks DaveHD .

                          What I don't understand is why it's not consistent. I have one user who has everything enabled and not experiencing any connectivity issue. Others have the issue but happens just every now and then. And other's have the issue like they can't do any work because it disconnects them like every 10-15 minutes.
                          Hello DukePaul

                          The requested logs mentioned on the support ticket will provide a better answer on your query above. As of now, we can share some ideas why however it is better to have the logs reviewed by the developer to provide better insight and solution on your case.

                          With best regards
                          Last edited by DaveHD; 06-14-2019, 09:12 AM.

                          Comment


                          • #14
                            Windows patch levels
                            Network card manufactures
                            Network card drivers
                            Mother board etc....

                            The list is almost endless, and is the reason this has been around for so long.
                            Robin
                            Director
                            Strobe Technologies Ltd
                            https://www.strobe-it.co.uk/

                            Comment


                            • #15
                              Originally posted by StrobeTech View Post
                              Windows patch levels
                              Network card manufactures
                              Network card drivers
                              Mother board etc....

                              The list is almost endless, and is the reason this has been around for so long.
                              Hi StrobeTech

                              But the PCs were purchased all at the same time with same specs.
                              Last edited by DukePaul; 06-14-2019, 10:23 AM.

                              Comment

                              Working...
                              X