Comodo ONE September Release - What's New on IT and Security Manager(22/09/2018)?

Hello everyone!

We would like to inform you that we are going to have new releases for the Comodo ONE platform this Saturday (22/09/2018) morning.

Notes about the platform update:
Once it starts, the platform will be on maintenance mode for 4 hours (early hours of the day, US Eastern time). We expect to have no service outage in general. If you observe any brief connectivity issues, please retry later in the day.


New Feature

  • Crash dump collection for the security client. New profile option lets you create a dump file and submit telemetry data if the security agent crashes. This allows admins and the Comodo team to better detect and fix problems.
  • ‘Device summary' improvement. 'Local time zone' added to device details for macOS devices, allowing admins to remotely view the local time on the endpoint.
  • Improvements to export functionality:
    • ‘Logged in user’ column added to .csv exports of the device list.
    • 'Free disk space' and 'Used disk space' columns added to .csv exports of the device list.
    Here is the wiki for this feature.
  • Added ability to export the following list views:
    • Quarantined Files (‘Security Sub-Systems’ > ‘Antivirus’ – ‘Quarantined Files’)
    • User List (‘Users’ > ‘User List’)
  • Architectural changes to fulfill PCI-DSS compliance requirements.
  • Unrecognized file scans. Default scan frequency set to every 4 hours, so the discovery of unknown files is broken down into manageable batches and unknowns that get verdict from Valkyrie are rated more quickly.
Bug Fixes
  • Fixed the issue of being unable to select company while creating bulk installation package.
  • Fixed the issue of uninstalling agent on Android 8 without asking password while it is set to ask before the operation.
  • Fixed the issue of notifications with original device names for Android even though device is renamed.
  • Fixed the issue of status information conflict for Android devices.
ITSM Security

New Features

  • New Security Dashboards. New section added to ‘Security Sub-Systems’ which consolidates events from the containment, antivirus and application control modules. The dashboards also let you change file ratings, restore files from quarantine on the endpoint, and delete files. There are two views:
    • Event View. A list of events from the containment, antivirus and application control components. Each row contains vital information about the event time, severity, action, target device, and the component which generated the event.
    • File View. A list of all files upon which actions were taken by the three components mentioned above. Records are aggregated if a file exists on multiple endpoints. You can expand or collapse the record to examine each endpoint.
  • File rating improvements. Added the ability to rate a file as trusted in the ‘Current Malware List’ (‘Security Sub-systems’ > ‘Antivirus’ > ‘Current Malware List’).
  • Status of actions added to ‘Quarantined Files’ section. Now users can see the outcome of commands sent by the action buttons on this page. Possible statuses are:
    • “Command added to the queue”
    • “Failed (an error code)”
    • “Successfully processed”
  • New security profile for Linux endpoints:
    • ‘Linux - Security level 1 Profile‘ is now available for deployment to Linux devices running Comodo Client Security.
    • As a ‘default’ profile, it will be automatically deployed to newly enrolled devices.
    • You can clone the profile to implement custom settings which suit your requirements.
  • Added ability to install CCS Linux from the device list. Click ‘Devices’ > ‘Device List’ > select a Linux device > Click ‘Install or update packages’ > Click ‘Install Linux packages’.Here is the wiki for this feature.
  • Added Linux antivirus management. The ‘Security Subsystem’ area now lets you manage Linux endpoints as well.
Remote Tools

New Features

  • Process Inventory. You can now view, filter and search processes running on an endpoint and end processes remotely. No need to interrupt endpoint user or take control of their device.
  • Here is the wiki for this feature.
  • Audit Logs for File Explorer. View detailed activity reports from remote tools sessions. Specifically, which staff members initiated a session, which files they uploaded to their devices, and for how long were they logged on.
  • Customer Notification with admin logs. The new notification dialog box gives end-users greater visibility over remote actions on their device. This includes which files are copied from their device and which processes were ended by the admin. In future releases admins will be able to configure customer notifications in a device profile.

We look forward to your feedback! Please leave any comments and suggestions below.

Best Regards,
Comodo ONE Product Management Team

Looks a good list for sure.
Will go through and look in detail soon, but what about firewall logs to ITSM as this causes us lots of issues?

‘Free disk space’ and ‘Used disk space’ columns added to .csv exports of the device list.

Does not work for virtual desktops.
The fields are empty.