Comodo ONE - IT Operating Platform July Release (07/15/2017)

Products
1

Hi everyone,

We would like to inform you that we are going to have new releases over Comodo ONE on Saturday (07/15/2017) morning. Platform will be on maintenance mode for 4 hours early Saturday. We expect to have no service outage in general. If you observe any brief connectivity issues, please retry later in the day.

IT and Security Manager
New Features

● Comodo Remote Control UI is renewed with modern look and better icons. Now you can manage your endpoints with greater control over screen setting and multiple monitors support.
● “Refresh Device Inventory” button has been placed on Comodo Remote Control application to let you quickly work on new devices that are enrolled to ITSM portalwithout need to logoff and logon to application again.
● We have added “Best Fit” option to Comodo Remote Control that will check the screen resolution of the target and admin monitors and automatically set for the best visual experience.

Improvements

● Admins can use “Enable local user to override profile configuration” option on Configuration Templates>Profiles>Client Access Control section for enabling local settings on the endpoints. For instance, ifyou need to modify security settings on a specific endpoint, you don’t have to create a separate profile for that device. You can easily enable this option and keep the custom settings on the endpoint by typing theadministrator password.
● Third party application patching process is improved and new applications are added to supported applications list. Now we support 131 popular applications! We work really hard to keep your environment always protected against vulnerabilities that can occur due to unpatched third party software.
● Auto-Containment rule specification pages under Configuration Templates->Profiles> Containment section is redesigned and new criteria “Created by User” is added for more granular control over containment. You can easily configure and manage the automatic rules to tailor the containment technology to your most complex needs. Available options are
o File Origin
o Created by User
o Created by Process
o Reputation
o File Age

Bug Fixes:

● Some macOS endpoints had issues with CCC and CCS agents; now macOS Sierra (version 10.12) is fully tested again and it is officially supported.

Comodo Client Security (CCS)

New Features

● Comodo Client Security is completely rebuilt with new functionality and design as CCS10! Now your environments have even better protection with less system resources.
● We have completely redesigned the user interface of CCS to show most details at the first glance and provide more intuitive configurations to save your valuable time.
● We know that rebooting the endpoint after every update is annoying and your customers complain about it. We have implemented new architecture of the CCS10 for supporting agent updates without requiring a reboot. Starting with the CCS10 the agent will not require reboot after every update, only the major updates will be requiring reboots after installation.

Improvements:

● The logging infrastructure of CCS is improved to be aligned with standard log format. We have used common fields as much as we can and reduced the number of custom fields. Now you can adjust your device profile to collect CCS logs to your existing platforms to have a better overview on your environment.

Service Desk

New Features

● Now searching Users, SD Tickets and Organization is much more easy for you! Searching ability with Custom Fields has been implemented on Users, SD Tickets and Organizations. So you can search them with custom fields also; in addition to existing fields you can search by status, device name etc.

Improvements:

• Loader Messages on Service Desk has been improved for hiding the “Do you want lo leave this site?” messages that appeared occasionally
• Datatable Column Customization has been improved, admins can enable/disable more columns as they wish
• UI of ticket list views have been improved with new columns and buttons. Department, Assigned to and Closed By columns are added to the ticket list views

Bug Fixes:

• Page update problem because of timer pop-up has been fixed.
• Field problems have been fixed.
• Autoresponder problem for tickets logged via email fetching has been fixed.
• Role assigning problem has been fixed.
• Searching problems have been fixed.
• Existing user upload problem has been fixed.
• Pop-up problems have been fixed.

Valkyrie

New Features

● Valkyrie File Upload size is now 150 MB! This receiving capacity is an assertive number among Valkyrie’s competitors.
● Valkyrie has a new dashboard look with newly added widgets! A new “Overview” section which providessignificant statistics is added to Valkyrie dashboard; with this new section, users will display just main page to see important Valkyrie analysis statistics. This section includes:
o Total file statistics are added to dashboard overview starting from file upload to file processing complete. Users will be able to track their file funnel for different periods.
o Device based detection rates are added to dashboard overview so that users will be able to view their devices’ tendency to be contaminated bymalware files.
o Latest Malware files are added to dashboard overview so that users will have a shortcut to recently detected file details and examine results by just one click without any search or file information.
o Detailed Malware Statistics are added to dashboard overview. With this widget, users will be able to see the distribution of malware files according to malware families. This data will provide an insight about their top most malware files detected on their devices.
o Top 10 Devices with Malware and PUA Detected statistics are added to dashboard overview. This new widget will help users to see which of their devices have tendency to have malware files so that they can take precautions for that.
o Unparalleled Protection Statistics are added to dashboard overview that statistics show zero-day malware detections. This widget gives users to chance of viewing the malware and PUA files that are not detected via any industry company before. So that users can see the importance of detection and take some precautions for that.
o Top 10 Queried File and Product Vendor Statistics are added to dashboard overview that provides information about frequently encountered files and file venders in users’ devices. With this widget, users will be able to see most common files and product vendors on their distinct endpoints. This information will help users on deciding about file rules.
o Top 10 Contacted Domain Statistics are added dashboard overview. This widget provides a very valuable data about behavior of malware files that are detected on their device. Using this data, users will be able to extract a pattern about their malicious files and take precautions.

Improvements:

● Valkyrie File Upload services are refactored and optimized. Users will have faster uploads so that their analysis results will be provided sooner.

Bug Fixes:

● 502 bad gateway error during some conditions bug is resolved.
● Objection button is not displayed on some cases bug is resolved.
● Kill Chain report web and pdf version inconsistency bug is resolved.

Best Regards
İlker

Wiki Topics for the July 2017 release

Third-Party Applications that can be updated through Patch Management

2

Hi, could you advise what apps are now supported by ITSM patch management.

3

Hi @Joners
I’ve edited the original post to include a link to the list of third-party applications supported in Patch Management.

4

Anyone experienced any problems following the update yet?

5

Yes - Comodo Security 10 popping up every 10 seconds!

6

Hi @rgb , @nct ,

We’re sorry for the inconvenience. Have you rebooted the problematic devices after agent update? We’re still investigating the issue but it looks like rebooting is solving the issue.

7

After a PC reboot the odd client of ours who reported this was fine.

8

@rgb it would seem @comodo has reverted to V8 or CCS now from V10. @Ilker, please could you elaborate?

9

Hi @nct

Not sure what you meant. We released the new version of Comodo Client - Security (CCS V10). Pop up is observed on some of the machines (we are looking for the root cause) and we know that the reboot resolves the issue permanently so far.

Ilker

10

Hi Ilker

I had to uninstall CCS from a PC and reinstall it last night, which resulted in V8 being installed. A call with support provided vague confirmation you had reverted to V8.

11

Hi @Joners ,

Thank you for letting us know on the other hand we are aware of the situation and we are working very hard to resolve this as quickly as possible.

12

Thats great sayin that your working hard to resolve, im sure you are. Ive been told on at least four different instances by Comodo support that the issue has been resolved in the next release. The next release comes along and the issues are still there.

@melih I dont know if Comodo support have paid attention to the comments in the forums over the past few days/weeks but it looks like a good number of people are very unhappy with C1 as a platform and C1 support. The usual response of we’ll email you with a ticket isnt good enough the aim of which is to kill off the thread and stop discussion. I personally have spent hours and hours of my time trying to get some value out of C1 with nothing to show for it. Ive spent 5+ hours on the phone to support over the past two months. No resolution to anything. Ive seen the comments saying that you have hundreds of devs working on this, well it might be time to hire some testers as well.

Does anyone have anything else to add?

@jtlogic @nct @BOSS

13

I am sorry for the wrong information / intention. We didn’t reverted to V8. We have upgraded to V10.

Ilker

14

Hi @Joners

I am sorry about the unsatisfactory experience you have expressed. My few cents with regards to this issue:

  • Yes, we have been working to fix the issue for a few cycles. We have created a manual way of fixing this issue when a foreign language patch detected on previous cycle. However, this was requiring someone to manually check or report that there is a patch record to be fixed.
  • Now, we have developed the automated way of detecting and fixing this. However, I do understand it is not working from your comment and I will ask my team to check this as soon as possible. Once we figure out the issue, we can fix it immediately if it is a configuration problem, or we can fix this on next cycle / code deployment if it requires code changes.
  • I also want to object on your definition of broken... showing the label on another language is not tasty which I agree but as long as it is getting patched and you get the proper visibility (missing devices, severity, etc..) I wouldn't define this as broken.
So overall, I would like to apologize again for this inconvenience and want to let you know we are learning from our mistakes and improving ourselves and product on each release. We would love to provide you guys the best solution in the world which I am sure we would have soon with your ongoing support and patience... Thank you!

Ilker

15

Thanks for the reply, ill expand on what i meant by broken.

  1. Patch management doesnt detect the correct patches that need to be applied to a system, ie 7-zip.
  2. Patch management is missing application updates, ie Chrome 59 was missing for a month until i advised support.
  3. Patch management procedures to patch systems do not work. The log data shows the same information for successes and fails. Ive no idea if anything is getting patched.
  4. Patch management shows duplicate values, as shown to support several times. ie Klite code pack standard appearing twice and having incorrect data displayed.
  5. Patch management doesnt detect installed applications correctly. When compared to PDQ Inventory, LAN Sweeper or Spiceworks they all pull a correct application inventory. C1 doesnt so applications are missing.
  6. Patch management is not available… yup, this is what i see about 75% of the time. Ive sat on a support call with one of the techs for over an hour and he watched it doing the same thing.

Re the foreign language label is nothing that im worried about, what concerns me is that for the last 3 months ive been told by support that the issue is resolved and its not.

These are only some of the issues that we are experiencing with the patch management module on C1, not to mention the issues with widgets not updating, the service desk going offline, the ITSM agent failing to start with a system and going randomly offline. This doesn’t cover any of the limited functionality i appreciate that this will come at a later date or the poor overall communication regarding the platform. All being said i will stand by my original comment, C1 is broken.

16

It’s sad to say but if the basic functionality like Joners has pointed out are not corrected we will have to move on to another RMM. We cannot promise customers something and not deliver it

17

Sorry, I just came across this, since I am unable to get my messages, I did not realize I was tagged in this post. I have also spent many hours on the phone with support, and had to talk to a middle man, while they talked to an engineer, and then the engineer seemed to of jumped off the phone before the issue was resolved, and I was not satisfied, but they say they got the info needed. On the last release, I will say that patch management seems to be working faster for me. I can not comment on the remote side, as I do not like the new remote agents, old RMM module is still way superior in my opinion, and I only use the remote tool when the old RMM module fails for some reason. I will add that I have to kill the unit.exe process several times a day, as the module fails to load the remote side if you do not exit out of it before a reboot, or connection loss while the remote desktop tab is open. I am still feeling out the software.