Comodo Endpoint Security Manager

• Introduction To Comodo Internet Security Configuration Editor
• Prerequisites To Deploying A CIS Configuration
• Deploy Preset Configuration
• The Custom Configuration Editor
  • Firewall Overview
    • Common Tasks
      • My Port Sets
      • My Network Zones
      • My Blocked Network Zones
    • Advanced Tasks
      • Network Security Policy
      • Predefined Firewall Policies
      • Attack Detection Settings
      • Firewall Behavior Settings
  • Defense+ Overview
    • Common Tasks
      • My Protected Files
      • My Blocked Files
      • My Protected Registry Keys
      • My Protected COM Interfaces
      • My Safe Files List
      • My Trusted Software Vendors
    • The Sandbox
      • The Sandboxing Process
      • Sandbox Settings
      • Applications Running Inside Sandbox
    • Advanced Tasks
      • Computer Security Policy
      • Predefined Security Policies
      • Image Execution And Control Settings
      • Defense+ Settings
  • Antivirus Overview
    • Virus Scanner
    • Exclusions
  • Common
    • File Groups
    • Registry Keys
    • COM Groups
  • Miscellaneous Overview
    • Settings
• About Comodo

My Safe Files List

---

 

Defense+ allows the administrator to define a local safe list of files for individual CIS installations in the endpoints to complement the default Comodo safe list.

 

Files added to the safe list are automatically given Defense+ trusted status. If an executable is unknown to the Defense+ safe list then, ordinarily, it and all its active components generate Defense+ requests/alerts when they run. Of course, the administrator could choose the 'Treat this as a Trusted Application' option at the alert but it is often more convenient to classify entire directories of files as 'My Safe Files List'.

 

Important Note: The safe files list is specific for each computer and can be generated and applied for a single endpoint at a time. It cannot be created as a global safe list to apply for all or selected endpoints in a network.   In order to set a global safe list, the administrator needs to create a Task containing a Sequence with an action CIS – Set Safe Files List and execute it on selected computers. Refer to 'The Sequence Manager Window > Table of Actions – Definitions and Usage > CIS - Set Safe Files List' section of CESM Administrators Guide for more details   The 'My Safe Files List' is available only on right clicking a computer from the Computers Window and selecting internet Security > Configuration > Custom from the context sensitive options and is not available in the configuration interface that appears when creating a sequence with the action CIS – Config.

 

By adding executables to this list (including sub folders containing many components) the administrator can reduce the amount of requests/alerts that Defense+ generates whilst maintaining a higher level of Defense+ security. This is particularly useful for developers that are creating new applications that, by their nature, are as yet unknown to the Comodo safe list.

• Click on My Safe Files List in Defense+ > Common Tasks to open the 'My Safe Files List' interface.

To add programs/files/executables to the My Safe Files List

1. Click the Add...  icon . The Safe File Path dialog will open.

2. Type the full path of the executable in the 'Safe File Path' text box or click 'Browse'.

3. Select the computer from the left hand side pane. The file system in the selected computer will be displayed in the right hand side pane. Navigate to the executable and click 'OK'. The file name with the full path will now appear in the 'Safe File Path' dialog.
   

4. Click OK. The selected file will be added to the local safe list in the endpoint.

To edit an item in the My Safe Files List

• Double click on the entry or select the entry and click the Edit icon . The Edit dialog will appear.

• Follow the process explained above to edit the entry.

To remove an item in the My Safe Files List

• Select the entry and click the Delete icon  and click 'Yes' in the confirmation dialog.

 

 

 

---

Comodo Endpoint Security Manager | © 2010 Comodo Security Solutions Inc. | All Rights Reserved.