We are excited to inform you that we are planning to have new releases over Comodo ONE and ITarian on Saturday (2019-02-16) morning! The release is expected to take 4 hours to deploy, during which time Comodo ONE and ITarian will be in maintenance mode.
Important Notice! - The release for the new version of Comodo Client Security for Linux will be made on February 21.
Endpoint Manager Core
- TLS 1.2 Upgrade To comply with the best industry security practices, we are upgrading the protocol used in our communication client (CC) to Transport Layer Security (TLS) 1.2.
Here is the wiki of this feature.
- Logged in User Added the ability to see the user logged into a device in the ‘Device List’. You can search, sort and filter according to this new field.
- Fixed the issue of upgrade button under license options section.
- Fixed the issue of phone numbers under support section for ITarian and Comodo ONE
- Fixed the issue of delayed application of profile settings to devices.
- Fixed the issue of role management for editing device name.
- Fixed the issue of high CPU usage for communication client.
- Fixed the issue of communication client proxy settings with symbol '\'.
- Fixed the issue of notifications which cannot be removed for Android devices.
- Fixed the issue of grey screen in Kiosk mode for Android devices.
- Improved heuristic analysis and embedded code detection settings. With this feature, interpreter interactions with suspicious autoruns items can be configured separately for each interpreter type. This means even better protection against malicious code triggered by Windows start-up and auto-run items. You can configure the feature in the new ‘Script Analysis’ section in Profiles.
- New ‘Script Analysis’ section. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ have been moved to the new script analysis section in a profile. This provides more granular management of security components.
- General Settings. You can enable or disable the ‘Runtime Detection’ feature from this tab, and also limit the size of scripts which should be analyzed.
- Runtime Detection. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ settings have been moved to this section.
- Autoruns Scan. Interpreter configuration for scanning/monitoring autorun items can be done from this section.
- Valkyrie details about a file can now be viewed in the ‘Security Dashboards’ area. Simply select a file in the security dashboards screens and click ‘Valkyrie details’.
- Download Valkyrie reports from the security dashboard. Simply select a file in the security dashboard and click ‘Valkyrie Report’ to view granular information about the file.
- Added a ‘Show ignored containment events’ filter in to the security dashboard. In ‘Event View’, you can now show all ignored containment events. We think you’ll find this addition useful, but please note that we disabled the new filter by default. This is a practical move to highlight more important activities and lessen the potential noise created by multiple ignore events.
New additions to file explorer functionality. We know you’ve been looking for these and we’re excited to deliver!
- Upload files of any format to remote endpoints from your admin device (50MB file size) Here is the wiki for this feature
- New remote folder operations:
- Create folders
- Rename folders & files
- Delete folders & files Here is the wiki for this feature
- More informative error messages in the file explorer interface allow you to troubleshoot and react to issues faster.
- Moved the info box that appears on an endpoint during remote connections to the bottom left corner of the screen. We expect this repositioning will improve user experience by freeing up desktop space.
- On some MAC endpoints, crashes observed and this caused connection initiation. The issue was identified and is fixed.
- Network Management
- Discover devices from the probe device you select
- Add new IP ranges for discovery
- Add exclusions for IP ranges
- Set SNMP v1.2 to discover network devices
- Get alerts and logs when items are discovered
- Easily view discovered devices in ‘Device List’ > ‘Discovered Devices’. Here is the wiki of this feature.
- Custom scripts failures for monitoring With this release, custom scripts monitors could be setup by ability to select the trigger for script failures
- Fixed the issue of high CPU consumption of monitors.
- Fixed the issue of repeating service crash of monitors for some customers.
- Software inventory was not showing the list of softwares and third party applications of patch management. This is fixed.
- Prevent registry keys from being read by contained applications. You can now stop the virtualization of specific registry keys by the containment module. This will prevent unknown applications from reading potentially sensitive data held in those keys (write access is already disabled by default). You can access the setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Protected Objects’
- Option to disable real time scans on network items. Real time virus scans are now optional for items on shared network directories. This will improve system performance because, if an endpoint does not have the rights to delete or quarantine items in shared folders anyway, there is less reason to run real time scans on them. Network files that are copied to the endpoint will, of course, still be scanned and handled locally.
- Antimalware Scan Interface (AMSI) Integration. CCS now provides even better malware protection via our integration with Microsoft AMSI. This means deeper software scans and stronger protection for your endpoints. The option is disabled by default, but can be enabled in ‘Advanced Settings’ > ‘AV Settings’ > ‘Real time scan’.
- Virtual Desktop. With this brand new component, you can virtualize your entire desktop and perform all tasks within a fully virtual environment. Everything!! Applications running in the virtual desktop are isolated from the rest of the endpoint, write to a virtual file system, and cannot access personal data. This makes it ideal for surfing the net without risk and even for testing out beta/unstable software. You can save any data you wish to keep to a special folder called ‘Shared Space’, which the host system can also access. You can launch the virtual desktop from CCS at Containment Tasks > Run Virtual Desktop. Go ahead and try it!
- Password Protection. If enabled, password protection locks end-users in the virtual environment to stop them switching back to the host.
- Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.
- ‘Protected Objects’ are now under containment settings. ‘Protected Data’ and ‘Protected Keys’ have been moved to ‘Advanced Settings’ > ‘Containment’. This improves UI consistency by grouping these two items with related features and settings.
- The issue with firewall driver that causes connection problems is fixed.
- The issue with CCS Task Logs which was caused by spontaneous reboots during AV scans is fixed.
- The issue with applying profiles to CCS is fixed.
- The functionality issue with “jump folder” in scan window is fixed
- The issues that caused performance problems are fixed.
- TLS 1.2 Upgrade To comply with the best industry security practices, we are upgrading the protocol used in our security client to Transport Layer Security (TLS) 1.2 .
- The issue with restoring quarantined items is fixed.
- The performance issue regarding to the compatibility with some specific browsers is fixed.
- You can now login to your Comodo One or ITarian account from any login page in the US or EU. We will redirect you to the correct region based on your account.
- It is now easier to remove plainPassword from the single sign-on (SSO) authentication process.
- Grammar issue has been fixed on the report.
Release Notes February 2019 (3).pdf (523 KB)