Deploying on a Windows Server 2012 R2 DC

Hello all we are int he process of deploying to our first site. Has any has issues running the communicator and AV client on a Windows server 2012 R2 Domain Controller. What profile setup did you use and what exclusions did you make in for the AV portion.

Thank you

Hi @Rjanics
Thank you for providing your queries and insights.We would like to know your experiences running communicator and AV in 2012 Server R2 DC do you encounter any issues?

I have not deployed on the server as of now. I am waiting on feedback.

Ive got the communications client running on all my servers. Up until the past 6weeks the client had been somewhat stable (albeit procedures wouldnt run). If the AV is similar stability to the communications client then i would avoid installing it and would look at an alternative product. Again your experience might be different, just ensure that you put in the necessary exceptions for a Domain Controller.

What exceptions did you make for your DC? I have not installed it on my DC or Exchange server yet. I have had to many issues on other devices.

I’ve deployed the communications client and haven’t seen any issues on the deployed machines. I’ve experienced some outages with the C1 portal and sometimes communication between endpoints especially with the remote control. I haven’t tried much by way of patch management with the system especially the enterprise version seems to have less features than the MSP where it is a separate module. Primarily using the remote control as an alternative way to remote in to different machines as necessary it is fairly reliable. I have experienced issues with the security being too secure but I think that is one of the drawbacks of the default deny approach. The security will lock up everything so you should have a good idea of what you need to create exceptions for in advance. Support will help you in creating whitelists to allow files and apps to escape autocontainment. On server software the installer seems to install a version specifically for servers with no firewall enabled or even available. You will have to test the endpoint security in your environment to roll it back as necessary. Presently I have it on a new windows server 2016 vm I migrated one of our apps to and so far so good. Baby steps. And when in doubt uniinstall it. It can interfere with both the installation and the operation of programs. You can observe what it’s interacting with and how via the interface logs though. Learning to read this is critical for a successful deployment.

i have deployed the FULL suit less the firewall on a 2016 HV, DC and SQL. Just make sure you have all the path’s excluded from scannng before you push out, i havent had any problems.

@Rjanics you’d be best speaking to the L2 support on the helpdesk to discuss your set up before installing. It’s important to understand how the containment works and to correctly monitor and set up exclusions, otherwise you’ll encounter problems due to lack of understanding how the product operates. I think I’m right in suggesting that you should run File Hunter before rolling out Comodo Client Security.

Im not running the AV but this is what you should use.

Hi @Rjanics

I agree with @nct . Rather than trying to get insights from other users and on how it worked for them, it’s better to reach through our technicians for assistance or a remote session with our senior techs so that you can be guided accordingly.