We are excited to inform you that we are planning to have new releases scheduled to go live on Saturday (2019-06-08) morning!
The release is expected to take 30 minutes to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 2 pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us. Comodo Client Security Windows Connectivity Issues Regarding CCS v11.2
The engineering team investigated the issue from the first day of the incident, as some firewall-sourced connectivity issues were reported from some customers. Eventually, the issue is identified as it sourced from the complications of Firewall module refactoring during the transition from v11.1 to 11.2. Therefore, it has been decided that these refactorings should be reverted in this release. Internal tests and the tests on several customer environments were completed successfully. The team will keep working in depth to prevent recurrence of similar incidents. Due to this reversion, a few recent Firewall features will disappear. The detailed feature list can be found below. Please note that these features were not reflected to Endpoint Manager. Therefore, it will not require you to make any changes on your configuration under usual circumstances.
Features to be reverted:
Ability to specify criteria for Firewall rules.
Rating, Containment status, Age, Parent Process etc
Ability to create Firewall rules for IPv6 address ranges
The antivirus scanner will now skip files that take longer than 5 minutes to scan. This improves performance in manual and scheduled scans. Skipped files are shown in the scan results screen.
New rule to auto-contain .msi installers. The new ‘Run Virtually’ rule applies to msiexec.exe files if the parent process is in the 'Management and Productivity Applications' group. This improves security by virtualizing any unknown files launched via msiexcec.exe by legitimate applications in the group.
View logs straight from the tray icon. You can now access the ‘View Logs’ interface by simply right-clicking on the CCS tray icon.
Enable/disable HIPS from the tray icon. Quickly activate or deactivate HIPS from the right-click menu of the CCS tray icon.
Added ‘Block’ actions to the containment parent process tree. Processes blocked by the containment module are now logged in Containment Logs > Parent Process records. This improves visibility during forensic investigations.
‘Reputation’ column renamed as ‘Rating’ in the auto-containment rules screen. This change is to improve language consistency across product interfaces.
Caps-Lock Warning. You are now warned if caps-lock is on when entering the client access password.
Fixed the issue of not minimizing Virtual Desktop
Fixed the issue of Full Antivirus scan failures
Fixed the issue of reporting internal containment services to EM
Fixed the issue of BSOD after CCS installation
Fixed the issue of BSOD when a cellular modem is enabled on the endpoint
Fixed the issue of internal Comodo services crashs on Windows Server 2012 R2
Linux New Features
External device control rule for USB Devices. New rule lets you block the use of USB devices on Linux endpoints. You can create exceptions for specific devices if required.
I really wish there was a version of ccs without the firewall (and without the coresponding messages that the firewall is inactive when disabled). We’ve just pushed out ccs to some more of our endpoints but by default now we have the firewall disabled and the ccs taskbar icon hidden. (not ideal but better than the stress the comodo firewall causes). We have a short while longer to evaluate our position but I suspect we will simply use the Itarian platform for patch management and switch back to our previous AV supplier unless Comodo listen to their users requests.
What I don’t understand is why it’s not consistent. I have one user who has everything enabled and not experiencing any connectivity issue. Others have the issue but happens just every now and then. And other’s have the issue like they can’t do any work because it disconnects them like every 10-15 minutes.
The requested logs mentioned on the support ticket will provide a better answer on your query above. As of now, we can share some ideas why however it is better to have the logs reviewed by the developer to provide better insight and solution on your case.