We are excited to inform you that we are planning to have new releases scheduled to go live on Saturday (2019-06-08) morning!
The release is expected to take 30 minutes to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 2 pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us.
Endpoint Manager - Core
Bulk installation packages for Linux
Customers can now create bulk installation packages of the Linux communication and security clients, simplifying the mass-enrollment of Linux devices. A much requested feature, MSPs can now use the same fast setup process they currently use for Windows and MAC devices.
Improved Maintenance Windows
A maintenance window is a designated time-slot for your Endpoint Manager procedures to run. You can assign multiple procedures to a single window so they all run at the same, convenient time. Since introducing the feature in the last release, we’ve made several improvements to make maintenance windows even more useful:
Individual maintenance window settings
The previous version allowed you to add multiple maintenance windows to a profile, and to set whether you want to randomize task start times and/or stop monitors during the window. However, you had to use these same randomize and monitor settings for all maintenance windows on the profile. The June release lets you create different settings for each window, and we’ve also added some totally new settings:
- Stop or allow monitors on a per-window basis
- Set task randomization options on a per-window basis
- Set procedure options for non-responsive devices:
- Run as soon as the device comes online
- Run in the next maintenance window after the device comes online
- Define times when maintenance windows should not run. For example, during holidays or vacations.
- Block the following tasks if someone tries to run them outside of the maintenance time-slot:
- Remote Control session
- Remote Tool session
- On-demand patch installation
- MSI package installation
- On-demand script procedures
- On-demand patch procedures
- Reboot system
You also have the option to receive notifications instead of blocking the task.
- Individual maintenance window settings
- Fixed the issue of being unable to update to default security client version from device list.
- Fixed the issue of adding Google Play application to application store.
- Fixed the issue of uninstalling applications from all endpoints even though only a few is selected.
- Fixed the issue of translation for language change through portal.
Comodo EDR agent deployment
You can now deploy the Comodo Endpoint Detection and Response (EDR) agent to your devices direct from the Endpoint Manager interface. Comodo EDR is a powerful event analysis tool which provides real-time monitoring and detection of malicious events on Windows endpoints. EDR lets you clearly visualize threats in a detailed timeline while instant alerts keep you informed if there is an attack on your network. The panoramic threat intelligence provided by EDR makes it a invaluable complement to the uncompromising security of Comodo Client Security. Customers can find EDR in the ITarian store, and at ‘Applications’ > ‘cWatch EDR’. The EDR agent can be distributed to your devices from the Endpoint Manager ‘Device List’.
Automatic reappraisal of quarantined items
This new scan type lets you re-check all quarantined items on your endpoints to identify and restore false-positives. The new scan will be added to predefined profiles by default. You can find the related settings in under Scan Profiles under Antivirus settings.
Additional Virtual Desktop Settings
The virtual desktop is a sandbox environment in which users can run programs and browse the internet without fear those activities will damage the endpoint. Applications in the virtual desktop are isolated from other processes, write to a virtual file system, and cannot access user data. Admins can even set up their endpoints so users and guests log straight into the virtual desktop, denying them access to the host. We added the following new features and settings to the virtual desktop:
- Pause and lock a virtual desktop session with a randomly generated PIN number.
- Set an expiry time for a paused virtual desktop. Paused sessions are terminated when the time expires. This prevents the virtual desktop from being locked indefinitely by the previous user.
- Auto-launch the virtual desktop at logon for specific users. This allows admins to set up a fully-virtualized experience for their users.
Linux and Mac antivirus logs now available in ‘Security Dashboards’
CCS antivirus events on Linux and Mac endpoints are now recorded as logs in the security dashboard. This is part of our commitment to create a truly centralized event management system for endpoints of all stripes.
Full Parent Process Tree for Contained Applications in ‘Containment’
Virtualized application with process name and id are recorded including all process tree starting from the first contained one. With the help of this feature, investigation of the containment can be done with more details. You can display the logs by clicking the file name in Parent Process column in File Details under Containment. A pop-up will be prompted with the tree which will show the exact recorded chain for the contained application in corresponding device.
- Fixed the issue of filtering on Security Dashboards
- Fixed the issue of “Something went wrong” in Application Control.