The customer would be able to push Dome shield agent from ITSM without scripts. But requires few manual works before pushing it though.
- Add device network as specified here https://help.comodo.com/topic-434-1-840-11351-Adding-Networks-to-Dome-Shield.html
- Download Dome shield agent. Please refer details here https://help.comodo.com/topic-434-1-840-11352-adding-roaming-endpoints-to-dome-shield.html
- Push Dome shield agent through ITSM. Please refer details here https://help.comodo.com/topic-399-1-786-10139-Remotely-Install-and-Update-Packages-on-Windows-Devices.html
As of now enrollment procedures for Dome shield are not same as Comodo Client security.
In order to add roaming devices to the Dome shield using script procedure, Customer has to following instructions and same has been updated in the script link.
Roaming devices will not connect to Comodo Dome shield without proper network configuration in the Cdome shield interface.
Please refer https://help.comodo.com/topic-434-1-840-11351-Adding-Networks-to-Dome-Shield.html to configure device network before running the device.
A roaming device cannot connect to internal hosts when inside the office network hence ‘Host File Configuration’ need to be configured additionally in the network interface.
Refer below script to enroll Comodo Dome shield roaming agent using ITSM script procedure,
The script will do following functions one by one in order viz
- Download cDomeAgent (Roaming agent) from provided URL(Get the download link from Download agent > “ITSM Agent Download link”)
- install it in the Windows devices
- reboot the device
Note - no security rules will be applied to the roaming device(s) by default. You can create and apply the device specific policies according to your requirements.
Please refer https://help.comodo.com/topic-434-1-840-10766-apply-policies-to-networks,-roaming-and-mobile-devices.html
For advising on how to configure and deploy security policies to roaming devices.
If Roaming device that is subject to provisioning have a network that is already added to shield,
In this case, all you have to do is to run the script and you’re done.
After the network enrollment process, please also make sure all endpoints in protected networks are configured to use Shield DNS:
Preferred DNS server – 18.104.22.168
Alternate DNS server – 22.214.171.124