Author Topic: CESM2 (40729.6) - Feedback  (Read 22631 times)

Offline glenmm

  • Moderator
  • Comodo Member
  • *****
  • Posts: 47
Re: CESM2 (40729.6) - Feedbacks
« Reply #15 on: August 05, 2011, 07:39:04 AM »
...
idk if its just me not being used to working with Endpoint security but i found it kind of difficult or confusing when creating a policy. i guess my first thought of an ESM was me being the admin and managing the endpoints, having the ability to configure CIS on the endpoints however i would like, being able to change all aspects of CIS like i would on my own machine. Maybe this is just a misconception i have about endpoint security idk. im sure someone can enlighten me
...
You describe how typical enterprise-designed consoles work, and what that does is require you to re-learn a whole new way to change the settings you've been managing at the endpoints -- in fact, you usually have to scrap all the settings you had at the endpoint and recreate them at the console, which is why deployment takes so long. With this business edition we've taken a "ghosting" strategy with ESM 2.0 which is more comfortable for smaller businesses, where the complexities of the settings of an endpoint are best managed at and imported from the endpoint that is tested and configured with those settings. Then those settings are distributed, in our case, as policy to other endpoints. It makes it much simpler to manage, much faster to deploy. When changes are needed, it's usually because the endpoint has changed. Meaning you're at the endpoint installing some new software, making some settings to CIS (in local mode), testing those changes at the endpoint, and reimporting the changed policy to update all other computers -- rather than making a change at the console, waiting for it to get to the endpoint, testing back at the endpoint, going back to the console to make another change, etc.

--Glen Marianko
Product Line Manager

Offline VerNIck

  • CESMUser
  • Newbie
  • *
  • Posts: 13
Re: CESM2 (40729.6) - Feedbacks
« Reply #16 on: August 05, 2011, 07:52:15 AM »
after adding my endpoints i have noticed that only having the firewall installed causes improper errors in CESM
it says one of my endpoints is outdated well it cant be updated since its the firewall and defense + only. is there anyway that CESM can detect what is installed
The bug ID: 5062 for this case was posted. Thank you for your feedback.
« Last Edit: August 05, 2011, 08:22:06 AM by VerNIck »

Offline Sergey Gorodetskiy

  • CESMUser
  • Newbie
  • *
  • Posts: 19
Re: CESM2 (40729.6) - Feedbacks
« Reply #17 on: August 05, 2011, 08:32:39 AM »
The first time I installed CESM 2.0, I was using the FULL PACKAGE.
However, after installing it, I went to the browser and had to install Silverlight.
Would be great if this could be added in to the FULL PACKAGE, dont you agree?
Specially if its for free.

w-e-v, thank you for the feedback. We completely agree with your suggestion and we are working on it. Yes, Silverlight is free but standard EULA does not allow a redistribution (http://www.microsoft.com/getsilverlight/get-started/install/license.aspx?v=4.0.50401) . So you have to download and install it manually at the moment.

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1328
  • Avert the danger that has not yet come
Re: CESM2 (40729.6) - Feedbacks
« Reply #18 on: August 05, 2011, 08:41:46 AM »
I installed it on my Home system.
Configuration: Win 7 x64, CIS 5.8 Beta

Installation went well. In the end it asked to start CESM configuration tool, I clicked OK and got this strange error message. (attached below)

To log in to CESM console it wants silverlight to be installed. I installed silverlight, but my firefox nightly x64 still asks me to install silverlight (may be x64 silverlight is not there...)

I tried to open the link in Comodo dragon and got the attached screen. (By the way, why is the https crossed in the url ?)

Someone please guide me... what should I do? (I am planning to uninstall it completely and install it again, can I enter the same license again?)

Note:I have read wev's post just now, I too agree with him. If silverlight is compulsory to enter CESM console, it better be integrated in to the package...
« Last Edit: August 05, 2011, 08:45:37 AM by SivaSuresh »
with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 3TB SATA II HDD 6Gb/s

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1328
  • Avert the danger that has not yet come
Re: CESM2 (40729.6) - Feedbacks
« Reply #19 on: August 05, 2011, 08:57:27 AM »
Completely uninstalled, rebooted and reinstalled. Still the same error.
with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 3TB SATA II HDD 6Gb/s

Offline Sergey Gorodetskiy

  • CESMUser
  • Newbie
  • *
  • Posts: 19
Re: CESM2 (40729.6) - Feedbacks
« Reply #20 on: August 05, 2011, 09:14:33 AM »

Installation went well. In the end it asked to start CESM configuration tool, I clicked OK and got this strange error message. (attached below)

Have you tried to start CESM configuration tool manually  from the Start Menu ? Please inform us if it was successfull.

I tried to open the link in Comodo dragon and got the attached screen. (By the way, why is the https crossed in the url ?)

Please try to use Internet Explorer as workaround.

Offline Sergey Gorodetskiy

  • CESMUser
  • Newbie
  • *
  • Posts: 19
Re: CESM2 (40729.6) - Feedbacks
« Reply #21 on: August 05, 2011, 09:30:45 AM »
By the way, why is the https crossed in the url ?

The red cross warns about possible security problems (self-signed certificate), which you can ignore at the moment. ESM Console uses HTTPS for connection with the server. HTTPS requires a valid SSL certificate installed in the server PC. CESM installer creates and deploys the SSL certificate for every server automatically  but it is self-signed of course.  Import of custom certificates will be include into the next release.     
« Last Edit: August 05, 2011, 09:44:24 AM by Sergey Gorodetskiy »

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1324
  • BETA FORCE MEMBER
Re: CESM2 (40729.6) - Feedbacks
« Reply #22 on: August 05, 2011, 09:44:24 AM »
w-e-v, thank you for the feedback. We completely agree with your suggestion and we are working on it. Yes, Silverlight is free but standard EULA does not allow a redistribution (http://www.microsoft.com/getsilverlight/get-started/install/license.aspx?v=4.0.50401) . So you have to download and install it manually at the moment.


I didnt see where it restricts the redistributtion as you mention.
However, there is away to work it out if you dont want to redistribute it directly (meaning attaching the software to the FULL PACKAGE).

In the setup process, the install can connect to MS servers to download the setup and after downloading it, run it. Then the user must click INSTALL on the recently opened instalattion wizard window. After installation of Silverlight, CESM set up can continue and finish as normal.

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1328
  • Avert the danger that has not yet come
Re: CESM2 (40729.6) - Feedbacks
« Reply #23 on: August 05, 2011, 09:45:16 AM »
Have you tried to start CESM configuration tool manually  from the Start Menu ? Please inform us if it was successfull.

Same error starting from start menu too.

Please try to use Internet Explorer as workaround.
I am able to log in to console using IE, would report back after I check all the options.
with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 3TB SATA II HDD 6Gb/s

Offline Sergey Gorodetskiy

  • CESMUser
  • Newbie
  • *
  • Posts: 19
Re: CESM2 (40729.6) - Feedbacks
« Reply #24 on: August 05, 2011, 10:31:31 AM »
I didnt see where it restricts the redistributtion as you mention.
However, there is away to work it out if you dont want to redistribute it directly (meaning attaching the software to the FULL PACKAGE).

Here is the part of EULA :
Quote
3.    SCOPE OF LICENSE. ******
You may not

·         *************
·         transfer the software or this agreement to any third party.


Also see this FAQ http://www.microsoft.com/silverlight/faq/#silverlight-plugin
Quote
Q: Do I need to sign a licensing agreement to redistribute Silverlight?


Yes, please download and complete the Silverlight Distribution Licensing Agreement.

Please don't doubt we do want to redistribute it directly. and we are working on  it.

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1324
  • BETA FORCE MEMBER
Re: CESM2 (40729.6) - Feedbacks
« Reply #25 on: August 05, 2011, 12:22:09 PM »
Please don't doubt we do want to redistribute it directly. and we are working on  it.

Great! :D Thanks for the info in the last reply.
Good to know you are working on it. :)

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1328
  • Avert the danger that has not yet come
Re: CESM2 (40729.6) - Feedbacks
« Reply #26 on: August 05, 2011, 02:17:09 PM »
Hi
Thanks for the great product.

I installed it on Win7 and used two VMs having XP 32bit and Win7 32 bit as clients.

I got some error initially, could not get the configuration tool to work. Dragon/firefox were not useful either. I used IE as suggested...to get in to console. (alreadydetailed in previous posts)

Here are my initial observations.

1. While the GUI is visually appealing, it does not seem much intuitive or  self explaining in many cases throughout the screens for me.

2. Back and next buttons not in correct position; it took a lot of time for me to adjust to their positions. We generally have the back and next buttons beneath the actual dialogs and they work with simple keyboard storkes "Enter" and "Backspace"; which was not true in this case. "Enter" key does not lead to next page, mouse click was the only way...

3. while filling username and password forms, "Tab" does not clear the previously entered password (if already exits), instead it is appending it at the end, and as I said before, the usual "Enter" did not work, I had to click the next at top right...

4. Quarantine--submit for analysis, and restore to a different location would have added a lot of meaning to this. Even something like move all to a central location (possibly on server) would make it useful.

5. Reports--PDF, XLS are good, but can't we simply have the html reports (just to look at, instead of creating the pdf or xls)

6. Speed ??? I do not know whether it is common for CESM to take such long time (30sec to 150 sec) to create reports, but it looked slow to me (I just had one client actively monitored).

7. Policies---This kind of implementation is completely new to me (to what I am actually used to), needs a complete reunderstanding... I will work on it...and comment later.

8. Can't we make the scan and update two different issues and processes ? If I am running a scan (say Fullscan) the update fails and it does not even restart after the completion of the scan.

9. During client deployment, particularly the IP address field, I could not figure out for quite some time that I need to click the "+" button on the left to add it (It is supposed to be on the right side...and even the "Enter" key is supposed to activate it). This behaviour is not easily understandable and not intuitive.

10. There were no CIS packages initially (quite understandable and looks a good policy as we get different versions time to time)

11. During the component download/updates progress a "% or progress bar" would give a great relief. The animation is testing our patience, it does not contain any info whether or not something is happening, or to what extent did it already happen...

Later, I figured out where the downloaded packages are, but they have strange names...

If, I want to use them for an offline server use, should I be copying them with the same names or what ? I really did not get this.. (I have sent a PM to Fiolla explaining my exact test case, so may be I should ask for his help in this issue too...)

12. During deployment, unfortunately, I got the bad result - "deployment failed" for both my clients.

In case of the XP client on VM CESM says that the username or password was wrong. But the same username and password were working fine when I try to connect to that client through explorer. I manually installed CIS on this client and tried the "More--Manage this endpoint" option. It says the agent is installed but shows as "disconnected" in the main window. It does not show up in the server console as well.

In the other client's case (Win7 client on VM), the client simply hung, I do not know why.. I tried to manually install CIS on that system, even in manual installation also, the VM hangs during the "kernel driver installation" stage. I will restore the client to a previous clean state and check it tomorrow.

I have also got this message once but I do not remember exactly when or on which client..."Windows works in guest only mode ? shall we switch to ..." Is this normal ?

13. I also observed that the downloaded CIS was a different version (newer infact) CIS 5.8.3569.2040. Is there any change log ?

14. what is non compliant ? non reporting ?

Looking forward to more comments and explanation.

Tomorrow, I will try to spend some more time on this on my VMs... until I get a way to get it to run on my work environment (I am waiting for help from Fiolla).
« Last Edit: August 05, 2011, 02:20:32 PM by SivaSuresh »
with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 3TB SATA II HDD 6Gb/s

Offline wasgij6

  • Volunteer Moderator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3794
Re: CESM2 (40729.6) - Feedbacks
« Reply #27 on: August 05, 2011, 02:33:12 PM »
just out of curiosity how do we know if we get one of the beta t-shirts  ;D
| Win 8.1 Pro (x64) | UAC Disabled | CFW 7.0.317799.4142 | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 16gb RAM | Samsung 840 Pro SSD |

Offline wasgij6

  • Volunteer Moderator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3794
Re: CESM2 (40729.6) - Feedbacks
« Reply #28 on: August 05, 2011, 04:56:56 PM »
everytime i try to import a policy i get an error saying unable to import policy. i think its because the endpoints keep randomly getting disconnected and idk y. they are still connect to the internet and nothing changes.

im going to wait for the next beta release of CESM because this is to frustrating. i have been trying to set this up for 2 days now with only 2 endpoints and i am still unsuccessful.
| Win 8.1 Pro (x64) | UAC Disabled | CFW 7.0.317799.4142 | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 16gb RAM | Samsung 840 Pro SSD |

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1328
  • Avert the danger that has not yet come
Re: CESM2 (40729.6) - Feedbacks
« Reply #29 on: August 05, 2011, 11:34:01 PM »
My suggestions and quick tips for the next release:

I have only checked the Console, I do not have any idea on the configuration tool (could not get it to work)

After having seen how the CESM 2 beta console looks and works, I have some quick suggestions.

1. Keep the fancies aside, concentrate on Professional look and approach.

2. Why split simple tasks and form filelds across too many pages for every operation (Does not make sense for an enterprise tool). Use more space on each page, Put as many fileds as possible on single page (without clutter, you can still keep the good looks)

3. Keyboard navigation and operation are completely lacking...Please improve on this.

4. Links to logs (any failures or successful actions, not the CIS logs on clients) should be available from main window itself.

5. Most of the different tabs on the console simply take to the same pages, in such a case, we can merge all them to simple and less buttons and tabs.

6. I do not feel the new approach to policies very intuitive or useful. It does not even give any gist of the policy that is applied to different groups/clients. There is no way to configure the policy issues from console anyway.(May be my own thoughts..you may feel otherwise)

Looking forward to the next beta with more improvement to looks and operations

Note: I could not get a way to get it work offline. I will do a second round test on VM s again tonight and comeback.
with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 3TB SATA II HDD 6Gb/s

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek