Key Concepts
Endpoint - Endpoint refers to any desktop, laptop or any other computing device that is connected to a corporate network. ESM allows network and system administrators to install, manage and monitor the security software Comodo Internet Security (CIS) at each endpoint, remotely, from a central location.
Managed Endpoint - Refers to any desktop, laptop or any other computing device that is running the Agent and CIS, managed by the ESM central service.
Agent - A ESM agent is a client program to be installed on each and every managed endpoint for connection and communication to the ESM server. The agent is responsible for receiving tasks like applying security policy to CIS at the managed computer, running AV scans etc. from the central Service and executing them on the managed computer. The agent is also responsible for gathering reports as requested by the central service and to pass them to the central service. The endpoints imported into a ESM service by installing the agent can be managed only by the same ESM service - meaning the agent cannot be reconfigured to connect to any other ESM service, increasing the security.
Groups - ESM allows computer groups to be created as required by the structure of the corporate organization. Once groups have been created sorting the computers in the network, admins can run tasks (such as applying security policy, running AV scans and deploying agents) as required for specific groups.
Policy - A policy is the security configuration of Comodo Internet Security (CIS) deployed on an endpoint or a group of endpoints. Each policy determines the antivirus settings, Internet access rights, firewall traffic filtering rules, sandbox configuration and Defense+ application control settings for an endpoint. For creating new policies, the administrator has to configure CIS at an endpoint in local mode and then import it as a policy into ESM. The imported policy can be applied to computer groups or individual endpoints as required. Although ESM cannot apply policy or run tasks like AV scans on an endpoint that is in 'local administration' mode, it can still fetch data from such machines for generating real time reports.
Local Mode - When an endpoint is in ‘Local Mode’, CIS settings are considered as being locally administered and ESM will not enforce (although it will continue to report on) policy compliance (the endpoint will continue to use the security configuration already in effect on that machine). Administrators should enable ‘Local Mode’ (or apply the ‘Locally Configured’ policy) and leave it in this mode while editing policy on the local machine using the endpoint's CIS interface. If returned to 'Remote Mode', ESM will automatically re-apply assigned policy overwriting administrator's change. While in ‘Local Mode’, the endpoint will continue to report connectivity and virus outbreak details.
Remote Mode - ESM can apply a security policy and can run tasks like AV scans and database updates only if CIS in an endpoint is maintained in Remote Management Mode (i.e., it is being remotely administered through ESM).
Unassigned Group - The 'Unassigned' group is the default computer group in ESM. Any target computer, imported into ESM by installing the agent automatically through the ESM admin console or manually, will be first placed in the 'Unassigned' group and will be assigned the 'Locally Configured' Policy. The administrator can create new groups as required and import computers into those groups from the 'Unassigned' group.
'Locally Configured' Policy - 'Locally Configured' is a security policy that allows CIS settings to be changed by the local user without being monitored for compliance with settings policy.
Reports - ESM allows the administrators to generate highly informative, realtime and active graphical summaries of the security and status of managed endpoints. Each type of report is fully customizable and can be ordered for anything from a single machine right up to the entire managed environment.
Next: