Release Candidate of Comodo ONE & ITarian Operation Platform for July(2019-07-13)

We are excited to inform you that we are planning to have new releases scheduled to go live on Saturday (2019-07-13) morning!

The release is expected to take 30 minutes to deploy, during that time platform will be under maintenance mode. Post-deployment tests are expected to continue until 2 pm EST during which you may observe minor glitches. If you observe any issues, please feel free to share with us.

Important Notice! - The new version of Comodo Client Security for Linux will be released later. The new date will be announced.

Endpoint Manager

Endpoint Manager Core

New Features

Proxy Mechanism for Clients

You can now specify local endpoints as proxies from which other endpoints can collect installation packages and database updates. This helps save network traffic and accelerates package deployment when a large number of endpoints are involved.

You distribute the following packages with this feature:

• Comodo Communication Client
• Comodo Client Security
• Virus database updates

You can define the maximum amount of traffic to be used for package distribution, and the maximum number of proxy endpoints.

Here is the wiki of this feature.

Bug Fixes

• Fixed the issue of auto-remediation procedure triggers despite it is disabled in monitor settings on portal.
• Fixed the issue of MacOS Communication Client connection failure.
• Fixed the issue of maintenance window being shown as "OFF" while it is actually in the preset interval.
• Fixed the issue of location tracking for mobile devices.
• Fixed the issue of download servers from security profile not being applied to client immediately.
• Fixed the issue of translation inconsistencies for [Remote Control and Remote Tool settings](https://www.itarian.com/remote-desktop.php) in profiles.
• Supported Device Platforms page is updated in order not to cause disinformation.

Security

New Features

Virtualization Exclusions for Removable Media

You can now exclude removable media such as USB sticks and external drives from virtualization. Doing so allows apps in the Virtual Desktop to write and make changes to specific media attached to the endpoint. This provides another way to export data from the Virtual Desktop in addition to Shared Space.

You can configure these exceptions in the ‘Containment’ section of an Endpoint Manager profile.

Set Custom Disclaimer for Virtual Desktop

Expanding our white-label options, you can now configure a custom disclaimer message for the Virtual Desktop. Users must accept the disclaimer before starting the virtual session.

You can configure the disclaimer in the ‘Containment’ section of an Endpoint Manager profile.

See this wiki if you want help to white label/rebrand the Endpoint Manager clients.

Allow User to Override Virtual Desktop settings

When enabled, Endpoint Manager will not reverse local Virtual Desktop settings that are different to those in the endpoint’s profile. Ordinarily, Endpoint Manager checks devices to see if the local settings match those in the device profile. It will re-implement the profile settings if it detects any deviation.

The new setting gives admins greater flexibility and control over individual endpoints. For example, you can now disable the exit password on a specific endpoint, avoiding the need to create a whole new profile just to accomplish this one task.

This addition complements the existing override option in the ‘Client Access Control’ section of a profile, which allows local changes to every Comodo Client Security setting. Admins can now allow local override of just the virtual desktop settings, while preventing changes to other Comodo Client Security settings.

You can configure the override setting in the ‘Containment’ section of an Endpoint Manager profile.

Here is the wiki of this feature.

Show only Virtual Desktop settings on endpoint

New option to only show virtual desktop options when users click the Comodo Client Security tray icon on an endpoint. End-users can then access and launch the virtual desktop, but cannot change other Comodo Client Security settings.

This feature is useful when used with the override option described above.

You can configure this setting in the ‘UI Settings’ section of an Endpoint Manager profile.

Here is the wiki of this feature.

Improvements

Auto-updates disabled by default in Comodo Client Security

Automatic updates to the Comodo Client Security client are now disabled by default in predefined profiles. This change was made after valued feedback from our customers who manage complex, sometimes delicately balanced networks. To avoid potential disruptions, customers prefer to be notified when updates are available so they can review them before installation.

New default actions for unknown auto run entries

This setting determines what Comodo Client Security should do if an application tries to create/modify a service, auto-start entry, or scheduled task. You can find it at ‘Configuration Templates’ > ‘Profiles’ > open a level 2 or 3 profile > Click the ‘Miscellaneous’ tab.

The previous default was ‘Ignore’. The new defaults are:

• Security Level 2 profiles - ‘Terminate and Disable’
• Security Level 3 profiles - ‘Quarantine and Disable’

You can find background information on this setting at https://help.comodo.com/topic-399-1-904-11900-miscellaneous-settings.html#action_on_tasks

Remote Control

New Features

File Transfer: Folder Transfers

You can now send/receive folders via file transfer in the Remote Control application.

You can track folder transfer status in the file transfer queue pane.

Here is the wiki of this feature.

Role-based access control for Remote Control file transfer

You can now limit file transfer capabilities for specific devices and/or device groups.

Similarly, you can now limit file transfer capabilities by role.

Here is the wiki of this feature.

Bug Fixes

• Fixed the issue of connecting to MacOS with Remote Control.

Comodo Client Security

Windows

New Features

‘Virtual Desktop only’ mode

As mentioned in the Endpoint Manager section earlier, we have added the ability to show only virtual desktop options when users click the Comodo Client Security tray icon on an endpoint.

When enabled in a profile, Comodo Client Security will only show these two items when you click the tray icon:

• Run Virtual Desktop - Opens the Virtual Desktop
• Open Virtual Desktop Settings – Opens the Virtual Desktop settings area in Comodo Client Security

End-users cannot access any other area of Comodo Client Security.

Improved password policy for the Virtual Desktop

Admins can prevent end-users from accessing the local computer by setting an ‘exit’ password on the Virtual Desktop. Once set, users will need to enter the password if they want to switch from the virtual environment to the local environment. We added the following settings to improve the security of this password:

• 90-day validity period. The exit password will expire, and must be changed, after 90 days.
• Password complexity requirements. Passwords must now be 8-16 characters and contain a mix of upper case letters, lower case letters, numbers, and special characters.

Detection of msi installation through URL

Added a default containment rule that prevents the installation of msi packages via a URL in a command line. This feature is tightly coupled with Script Analysis as it will be detected in the list of enabled interpreters.

Virtualization exclusions for removable media.

Under default conditions, apps in the virtual desktop write to a virtual file system, and cannot save changes to the host or any peripherals. As covered earlier, you can now create exceptions to this rule for specific removable media. Creating such an exception allows users to more easily export data from the virtual desktop to USB sticks, external storage drives, or CD/DVD.

Extended Virtual Desktop Logs

Virtual desktop logs have been moved out of the ‘Containment Logs’ section and now have their own section. This improves log visibility and makes it easier to conduct investigations, analysis and forensics.

Bug Fixes

• Fixed the issue of aborted AV Full Scans
• Fixed the issue of adding timeout value in the duration of Virtual Desktop session
• Fixed the issue of internal process crashes on Windows 10 Pro, Server 2016 and Server 2012 R2
• Fixed the issue of twitching CCS icon
• Fixed the issue of incompatibility between the security agent and Google Chrome Enterprise
• Fixed the issue of mapping drives under incorrect directories
• Fixed the issue of failed Antivirus signature database updates

[Due to the post length limitation, the rest of the notes is placed as additional Forum comment in this post]

Release Notes July 2019.pdf (314 KB)

Comodo Dragon rebrand?

We have not finished the full rebrand to Itarian from C1 yet, what is going on?

The guys at Comodo love re-branding regularly. RIP Itarian.

No wonder people get confused, and the two names really did help people know what is free versus what is paid.

Hello @nct , @StrobeTech !

As you may remember we introduced Itarian platform in October release. In that release, all functionality was the same for both the ITarian and Comodo ONE platforms. The only difference was the platform skin (either ITarian or Comodo ONE branded).
However, ultimate goal was reaching to a point that we have two perfect platform. The first one, ITarian Platform, would mainly brings IT Management aspects into the forefront which is strengthened with security products. With second platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that brings security aspects into the forefront which is strengthened by IT Management features. You will find MDR, EDR, Network Security products and much more that are directly integrated in this platform.

Now it is time to do this. By introducing Comodo Dragon Platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that provides Active Breach Protection in a single platform.

This release will be first step toward this goal. Comodo One will turn into Dragon Platform step by step. We will first start with rebranding and continue with powerful dashboards, with built-in security products and much more.

Nothing will change from Itarian side. Itarian will continue to be your centralized IT management platform with much more powerful features.

Please keep an eye on us!

Thank you,

Ece ISEL

Anything for the Service Desk module?

Hello @abey ,

Service Desk is very important and core part of ITarian Platform. We started a new initiative to build PSA inside Itarian. In this initiative, we will be mainly focusing on Service Desk, all requests will be implemented and all issues will be resolved.

Thank you

Ece

Wikipedia “Comodo Dragon is a freeware web browser.It is based on Chromium and is produced by Comodo Group.Sporting a similar interface to Google Chrome, Dragon does not implement Chrome’s user tracking and some other potentially privacy-compromising features, substituting them for its own user tracking implementations, and provides additional security measures, such as indicating the …”

I am all for progression, but seriously, some of these decisions and naming choices have become quite confusing. Not that it would matter, but my personal opinion is Comodo One (C1) is a great name for a platform - ONE PLATFORM FOR ALL IT MGMT PURPOSES. ITarian, eh. Comodo Dragon, being that it is already a product name for a browser, why re-use it? and furthermore confuse the heck out of everyone…again!

I understand the desire to put everything under a single platform. Comodo has SO MANY PRODUCTS it’s unbelievable. Some work, some don’t. Some are old, some are new. Who knows? Who can keep up??? I can only imagine all the time, money, resources, effort, and man-hours required for these frequent “game-changer” decisions.

I mean no disrespect, but look at ConnectWise. Look at their business model and progression, continually building the brand and platform with acquisitions like ScreenConnect, IT Glue, and more. Not to say they are perfect, but they are definitely moving forward and its MSP customers are reaping benefits of a very powerful platform, albeit expensive.

We need a strong platform that is CONSISTENT in direction, that we can grow with and continue to build our business’ toolsets with. Not only do we need the Comodo team’s hardworking efforts to continuously improve already EXISTING products, but expand the integration opportunities with the “single” platform as well.

@uandit They even have Comodo Dragon listed on their own website…Best Internet Browser 2022 | Free Secure Web Browser

They also used to have ice dragon which is the Firefox based version

Interesting.

We’ll see what happens

I hope they will not change anything on the endpoints this time: back in November 2018, when the ‘Comodo Communication Client’ was rebranded as ‘ITarian Communication Client’, several of our users saw the new name and just uninstalled the client thinking that it was some kind of bloatware, because they were used to the Comodo brand but didn’t recognise the ITarian brand.

So, please be careful with the name changes.

– Javier Llorente

Hi Guys,

I can put all your minds at ease.
I’m not sure if I can say exactly what “Dragon” is as it is not my product to discuss.

What I can say is that ITarian is staying, Comodo is staying.
“Dragon” is an application/portal coming to ITarian for Comodo, this information has been from @melih and if he or anyone else wants to discuss “Dragon” then ace.

The text of

Comodo Dragon platform

July sees the release of our new Comodo Dragon platform. Dragon is essentially a reskin/rebrand of the familiar Comodo One/ITarian platforms. All functionality is the same as C1/Itarian for now.

is nothing like what I have discussed, so no “re-branding”.

Proxy Mechanism for Clients
Is this going to allow you to connect machines that are not allowed on the internet, but are on the network?

Good point.

Hi @pihnen ,

Yes, it will allow you to connect the machines that are not allowed on the internet but are on the network.

I think they should build on the PSA outward. The first thing MSPs need is a PSA to manage the business, clients and staff. Then you step into the rmm world and on to cyber security, backups, etc.
Connectwise is good at acquisitions but how secured are they with attacks ramping up against MSPs and their vendors? Have you ever tried getting any type of support from those guys? Ha

Itarian = IT Management platform
Comodo Dragon = Cybersecurity platform that has full blown SOC, MDR, EDR, SIEM, Endpoint Management and much much more…It will turn any MSP into an MSSP!!! No expertise required…no investment required…Just enable this for your customers and you are now an MSSP with a full SOC capabilities!

Hello @pihnen ,

This feature will allow you to distribute Communication Client update packages, Comodo Client Security update packages and Comodo Client Security antivirus database updates to your endpoints over probe device(s) that are connected to internet. Once probe device(s) get the necessary updates, they will start distributing packages to all endpoints in the network internally. This will help you lower external traffic.

About your question, unfortunately you will not be able to control your devices which are not connected to internet because it requires at least HTTP connection from desired endpoint.

Best regards,
Ilgaz Yucecengiz
Technical Product Manager,
Endpoint Manager

Support like that from all major vendors have good and bad days, but being honest as these companies grow and buy in more apps they seem to get worse at support due to over spending on re-branding and integration.