Comodo Help
Find the desired product help
Comodo Endpoint Security Manager

Comodo Endpoint Security Manager

Administrator Guide v 2.1

English

Print Help Download Help
How To... Tutorials > How To Configure CIS Policies - An Introduction
  • Introduction To Endpoint Security Manager – SME
    • Software Components And System Requirements
    • Removing Incompatible Products
    • Installing And Configuring The Service
    • Key Concepts
    • Best Practices
    • Quick Start Guide
  • The Administrative Console
    • Logging-in To The Administrative Console
    • The Dashboard Area
      • Adding And Re-configuring Tiles
      • Quick Actions Tiles
      • Policy Status Tile
      • Endpoint Updates Tile
      • Endpoint Infections Tile
      • Connectivity Tile
      • Getting Started Tile
      • System Status Tile
      • License Status Tile
      • Software Tile
    • The Computers Area
      • Adding Endpoint Computers To ESM
        • Importing Computers By Automatic Installation Of Agent
        • Adding Computers By Manual Installation Of Agent And CIS
        • Updating Comodo Software On Managed Computers
      • Creating Endpoint Groups
      • Viewing Endpoints
      • Updating Endpoints
    • The Policies Area
      • Viewing Policies
      • Creating A New Policy
    • The Reports Area
      • Reports Gallery
        • Computer Details Report
        • CIS Configuration Report
        • Computer Infections Report
        • Quarantined Items Report
        • Antivirus Updates Report
        • CIS Log Report
        • Policy Compliance Report
        • Policy Delta Report
        • Malware Statistics Report
        • Top Ten Malware Report
      • Report Explorer
      • Report Settings
    • About
    • Logging Out Of ESM Console
  • How To... Tutorials
    • How To Connect CIS To CESM At The Local Endpoint
    • How To Configure CIS Policies - An Introduction
    • How To Set Up External Access From The Internet
    • How To Install CIS
  • Appendix 1 - The Service Configuration Tool
    • Start And Stop The ESM Service
    • Main Settings
    • Server Certificate
    • Internet And Mail Settings
    • Caching Proxy Settings
    • Viewing Database Event Log
  • About Comodo

 

How to Configure CIS Policies - An Introduction

 

A ESM policy is the security configuration of Comodo Internet Security (CIS) deployed on an endpoint or a group of endpoints. Each policy determines the antivirus settings, Internet access rights, firewall traffic filtering rules, sandbox configuration and Defense+ application control settings for an endpoint. 

 

In order to configure Antivirus, Firewall and Defense+ settings in CIS on an endpoint computer, the administrator has to ensure that the endpoint computer is either 'Locally Configured' (it has no policy) or it is in local mode (or ESM will remotely re-apply the endpoint's security policy and override any changes made by the administrator).


Click 'Manage Locally' at the lower left of the CIS interface to enable local administration mode:


Once the machine is in 'Local Mode', the link will be 'Manage Remotely'.


Once the administrator has created the policy on the new machine, it can be imported in ESM from this machine then applied to target computers as required (including the one from which the settings are imported). Note - remember to keep the machine in 'Local Mode' until import and deployment is complete. After policy has been deployed, it can be switched back to 'Remote Mode'. See 'Creating a New Policy' for more details.


The remainder of this page is a quick primer to key areas within CIS for modifying Antivirus, Firewall and Defense+ settings along with links to the appropriate section in the dedicated CIS user-guide should further help be required.


Antivirus Settings 

 

Comodo Antivirus leverages multiple technologies, including Real-time/On-Access Scanning, On Demand Scanning and a fully featured Scan Scheduler to immediately start cleaning or quarantining suspicious files from your hard drives, shared disks, emails, downloads and system memory.

 

To configure Antivirus Behavior Settings


  • Click 'Antivirus' from the top navigation of the CIS interface and click 'Scanner Settings' from the Antivirus tasks interface. The Antivirus Behavior Settings interface will open.

 



 

Firewall Settings

 

The firewall component of Comodo Internet Security offers the highest levels of security against inbound and outbound threats, can stealth endpoint ports against hackers and can prevent malicious software from transmitting confidential data over the Internet.

 

To configure Firewall Behavior Settings


  • Click 'Firewall' from the top navigation of the CIS interface and click 'Firewall Behavior Settings' from the Firewall tasks interface. The Firewall Behavior Settings interface will open.







 

Defense+ Settings

 

The Defense+ component of Comodo Internet Security is a host intrusion prevention system that constantly monitors the activities of all executable files on endpoint PCs. With Defense+ activated, the only executables that are allowed to run are the ones you give permission to. The Defense+ area also allows admins to configure sandbox settings. 



To configure Defense+ Settings


  • Click 'Defense+' from the top navigation of the CIS interface and click 'Defense+ Settings' from Defense+ Tasks interface. The Defense+ Settings interface will open.



If more details are required for these settings, see http://help.comodo.com/ for Comodo Internet Security.

 

For more details on installing CIS in an endpoint computer and connecting it to ESM from the CIS interface, refer the sections How to Install CIS and How to Connect CIS to ESM at the Local Endpoint.

Terms and Conditions Privacy Policy

© Comodo Group, Inc. 2013. All rights reserved.