[January] What's New on Comodo Client Security?

Products ITarian Endpoint Manager
1

We are excited to inform you that we are planning to have new releases over Comodo ONE and ITarian on Saturday (2019-01-19) morning! The release is expected to take 4 hours to deploy, during which time Comodo ONE and ITarian will be in maintenance mode.

Comodo Client Security

Windows

New Features

  • Admin rating lookups from Local Verdict Server are handled in the background when a file is executed. File rating flow is enhanced with a refactoring of Local Verdict Lookups. Now, file launches are not be affected by rating checks, which improves the performance of endpoint.
  • Parent process tree in Containment Logs. Now, starting from the first initiator of a contained application, all process tree is available in Containment Logs in CCS. You can display the very first application of a contained process and detect which application is the first one contained.
  • Restore disabled and quarantined Autoruns items. As the extension of Windows Boot Area Scan and Monitoring features, now you can manage the items which are blocked and quarantined by these abilities. Following actions are available in CCS General Tasks>Unblock Autoruns section:
    • Unblock: Enable selected scheduled task/Windows Service/Autostart entry which was disabled previously. When you unblock an item, related executable file will be restored from quarantine. Unless an exclusion rule is created for that file or its rating is changed to Trusted, it will be quarantined while the same autoruns item is disabled.
    • Delete: You can delete an autoruns item from its original location. If you delete a scheduled task item from this list, it will be removed from Windows Scheduled Tasks as well.
  • Blocking specific external device. Now, it is possible to block only specific external devices. By selecting a currently plugged-in device or entering a device ID, you can create rule to block it in Device Control section. By doing so, you have the option to allow a whole device class with some exceptions.
  • Detection of firewall driver status in Windows network adapter settings. From now on, status of Comodo Firewall adapter, which is installed to Windows Network & Internet settings, is monitored. When it is disabled by any reason, it will be detected and logged by CCS automatically. When such event occurs, Security Status Information section is switched to “At Risk” status by stating “Firewall driver is disabled in network adapter settings” message. In addition, you can set CCS to re-enable it from Firewall Settings section. By default, the functionality is enabled in “Log Only” mode.
  • Defining size limits for archive files scanned by Real-time AV. With this functionality, you can manage file size limits for archive file types to be decompressed and scanned during real-time AV scan. By configuring limits for specific files extensions, you can optimize your endpoint performance.
Improvements
  • Program Updates options removed from CCS Updates Settings
    • Program updates options removed in Updates tab in order to solve management and security issues.
    • Automatically Download Program updates and Automatically Install Program Updates in Critical Situations options are removed from endpoint UI .
  • Hiding Website filtering section in CCS UI
    • CCS UI upgraded to solve management and authorization issues by hiding Website Filtering section. Also we provide more clear view and a better user experience by hiding Website Database Update Filtering by default.
  • Periodic updates of Local Verdict Server is refactored in order to be handled at a separate schedule. Now, Antivirus Database updates and Local Verdict Server updates will be performed as different tasks in different schedules. By default, LVS updates is checked at every 1 hour.
  • Skipping online resource look-ups in case of no internet connection. In order to improve performance of the endpoints, CCS checks the status of Internet connection before performing online look-ups such as Antivirus DB updates, file submission to Valkyrie. In case of no available internet connection, these lookups will be skipped to prevent resource consumption. This setting is disabled by default.
  • Updated CCS installation package according to Microsoft requirements. CCS Installation package is refactored so that registration of our product to Windows Security Center could be completed smoothly. Thus, CCS installation routine is compatible with latest requirements of Microsoft.
Bug Fixes
  • Fixed the issue of obtaining file verdict using software vendor.
  • Fixed the issue of launching CCS window during each logon.
  • Fixed some performance issues due to interaction of some internal processes with 3rd party softwares.
  • Fixed the connections and mapping issues with network drives
  • Fixed the issue of crashes on Windows 10 preview builds.
  • Fixed the issue of Virusscope incompatibilities with Media Player Classic and LibreOffice.