Comodo Antivirus For Servers

• Introduction To Comodo Antivirus For Servers
  • Key Features
  • Supported Servers
  • Installation
  • Starting Comodo Antivirus For Servers
  • The Main Interface
    • The Home Screen
    • The Tasks Interface
    • The Widget
    • The System Tray Icon
    • Instant Assistance
  • Understanding Security Alerts
• General Tasks - Introduction
  • Scan And Clean Your Server
    • Run A Quick Scan
    • Run A Full Server Scan
    • Run A Rating Scan
    • Run A Custom Scan
      • Scan A Folder
      • Scan A File
      • Create, Schedule And Run A Custom Scan
  • Instantly Scan Files And Folders
  • Processing Infected Files
  • Manage Virus Database And Program Updates
  • View CAVS Logs
    • Antivirus Logs
      • Filtering Antivirus Logs
    • Defense+ Logs
      • Filtering Defense+ Logs
    • Alerts Logs
      • Filtering Alerts Displayed Logs
    • Tasks
      • Filtering Tasks Launched Logs
    • Configuration Changes
      • Filtering Configuration Changes Logs
  • Manage Quarantined Items
• Sandbox Tasks – Introduction
  • Run An Application In The Sandbox
  • Reset The Sandbox
  • View Active Process List
• Advanced Tasks - Introduction
  • Create A Rescue Disk
    • Downloading And Burning Comodo Rescue Disk
  • Submit Files
  • Identify And Kill Unsafe Running Processes
  • Remove Deeply Hidden Malware
  • Manage CAVS Tasks
• Advanced Settings
  • General Settings
    • Customize User Interface
    • Configure Program And Virus Database Updates
    • Log Settings
    • Manage CAVS Configurations
      • Comodo Preset Configurations
      • Importing/Exporting And Managing Personal Configurations
  • Security Settings
    • Antivirus Settings
      • Real-time Scanner Settings
      • Scan Profiles
      • Exclusions
    • Defense+ Settings
      • HIPS Behavior Settings
      • Active HIPS Rules
      • HIPS Rule Sets
      • Protected Objects
        • Protected Files
        • Blocked Files
        • Protected Registry Keys
        • Protected COM Interfaces
        • Protected Data Folders
      • HIPS Groups
        • Registry Groups
        • COM Groups
      • Sandbox
        • The Sandbox - An Overview
        • Unknown Files: The Scanning Processes
      • Configure The Sandbox
      • Configuring Rules For Auto-Sandbox
    • Manage File Rating
      • File Rating Settings
      • File Groups
      • File List
      • Submitted Files
      • Trusted Vendors List
• Appendix 1 - CAVS How To... Tutorials
  • Enable / Disable AV And Auto-Sandbox Easily
  • Setting Up The HIPS For Maximum Security And Usability
  • Create Rules For Auto-Sandboxing Applications
  • Running An Instant Antivirus Scan On Selected Items
  • Creating An Antivirus Scanning Schedule
  • Run Untrusted Programs In The Sandbox
  • Run Browsers Inside Sandbox
  • Restoring Incorrectly Quarantined Item(s)
  • Submitting Quarantined Items To Comodo For Analysis
  • Blocking Any Downloads Of A Specific File Type
  • Disable Auto-Sandboxing On A Per-application Basis
  • Switch Off Automatic Antivirus And Software Updates
• Appendix 2 - Glossary Of Common Terms
• About Comodo Security Solutions

Setting up the HIPS for Maximum Security and Usability

This page explains on configuring the Host Intrusion Prevention System (HIPS) component of CAVS to provide maximum security from the malicious programs that try to execute from within your server and to protect your system from data theft, server crashes and system damage by preventing most types of buffer overflow attacks, prevent possible attacks from root-kits, inter-process memory injections, key-loggers and more.

To configure HIPS

1. Open 'Tasks' interface by clicking the green curved arrow at top right of the 'Home' screen.

2. Open 'Advanced Tasks' by clicking ' Advanced Tasks' from the Tasks interface and click 'Open Advanced Settings'.

3. Click 'Security Settings' > 'Defense+ ' > 'HIPS' > 'HIPS Settings' from the left hand side pane.

4. Select Enable HIPS

5. Choose 'Safe Mode' from the drop-down below it. Refer to HIPS Behavior Settings for more details on the Security Levels.

Monitoring Settings

6. Click Monitoring Settings from the HIPS Settings interface.

7. Make sure that all the check boxes are selected and click OK.

Advanced Settings

8. Make the following settings under Advanced in the HIPS Settings interface.

 
Optional – Enable 'Block all unknown requests if the application is not running'. Selecting this option blocks all unknown execution requests if CAVS is not running/has been shut down. This is option is very strict indeed and in most cases should only be enabled on seriously infested or compromised machines while the user is working to resolve these issues. If you know your machine is already ‘clean’ and are looking just to enable the highest CAVS security settings then it is OK to leave this box unchecked.

If you are using a 64-bit system, in order to maximize the security, it is important to select 'Enable enhanced protection mode (Requires a system restart)' – Enabling this mode will activate additional host intrusion prevention techniques in Defense+ to countermeasure extremely sophisticated malware that tries to bypass regular countermeasures.

Click here for more details on HIPS Behavior Settings