Author Topic: Introducing Endpoint Security Manager 3.2  (Read 7187 times)

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Introducing Endpoint Security Manager 3.2
« on: October 09, 2014, 04:10:00 PM »
Hi Guys n Gals,

So here it is Endpoint Security Manager version 3.2 with Comodo Endpoint Security version 8

FIRST THINGS FIRST -yes, this in bold caps for a reason

ESM 3.2 does not manage CES 6.4. If you upgrade to ESM 3.2 all your CES 6.4 installs will turn to 'Unsupported' in your management console.

ESM 3.1 does not manage CES 8 If you upgrade your CES 6.4 installs to CES 8 your endpoints will turn to 'Unsupported' in your management console.

Deployments of CES 8 can not be governed by CES 6.4 policies If you upgrade all your endpoints to CES 8 all of your legacy policies will be not be usable and you will have to recreate your policies.

Please consider carefully before upgrading and please only do so outside of production hours.

So, whats new (and why should I upgrade despite all of the above warnings)?

  • Selective CES component deployment - you can now choose to deploy only certain components of CES, such as Sandbox only, to run alongside an existing AV 'solution'
  • Granular, rule-based Sandbox settings management via policies
  • Viruscope - application behavior analytics (launched from the Unrecognized Files manager)
  • File Groups - allowing Sandbox rules to be applied to groups of files
  • Registry Groups - allowing Sandbox rules to be applied to groups of registry object
  • CES Logging to 3rd party destinations - you can choose where the CES logs should be written for collection by your SIEM product or poush thelogs directly to a Syslog-style server
  • Unrecognized Files  - you now have a new management console for reviewing any files detected in your environment which are 'Unknown'
  • Observing Antivirus Events with Application activities -  right from the Computer Properties screen you can see what AV events have taken place on the endpoint

These are all the major changes, as usual there are also a whole bunch of minor enhancements and bug-fixes. Release notes attached.

Go grab a copy of ESM from the 60-day/600-user trial here https://www.comodo.com/business-enterprise/cesm3/index_v2.php. If you are an existing ESM 3.x user you will get an on-screen notification of the upgrade's availability and just follow the prompts ...

Great chatting with you again and if you want to come and have a look at ESM 3.2 before committing to an upgrade, come and register here https://www.comodo.com/resources/webinars/business-security/register.php

Quick question, if I may...are you using Comodo Antispam Gateway (https://www.comodo.com/business-security/email-security/antispam-gateway.php) as a method to filter out infections coming in via email? Please let me know...

Chat more later :)

All the best,
Michél


[attachment deleted by admin]
« Last Edit: March 06, 2015, 01:57:35 PM by ilkers »

Offline aceyhan

  • Newbie
  • *
  • Posts: 22
Re: Introducing Endpoint Security Manager 3.2
« Reply #1 on: October 09, 2014, 04:18:48 PM »
Congratulations..
Comodo ESM is best endpoint security manager products.

Br,
AhmetC

Offline mouse1

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11852
Re: Introducing Endpoint Security Manager 3.2
« Reply #2 on: October 10, 2014, 04:02:26 PM »
Hi Michel

Many congrats on new release. Just to say that there has been no update notification here in the UK.......

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Re: Introducing Endpoint Security Manager 3.2
« Reply #3 on: October 10, 2014, 04:05:03 PM »
In the black bar in your ESM 3.x console...? Nothing?

Offline mouse1

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11852
Re: Introducing Endpoint Security Manager 3.2
« Reply #4 on: October 10, 2014, 04:38:38 PM »
In the black bar in your ESM 3.x console...? Nothing?

Ta Michel - no nothing apart from Silverlight logo. I went to Help ~ About too

Offline mouse1

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11852
Re: Introducing Endpoint Security Manager 3.2
« Reply #5 on: October 10, 2014, 04:44:32 PM »
BTW were you aware that intRAnet zone based Autosandbox rules seem have no effect?

Because of the way intranet is detected, I don't think they actually can.....

I've been trying to get this bug 1261 processed.

Maybe your QA guys could process it? The devs need to understand that they cannot (as far as I can see) pick up Zone 1 from alternate data streams.
« Last Edit: October 10, 2014, 04:48:21 PM by mouse1 »

Offline Silveringfox

  • Newbie
  • *
  • Posts: 1
Re: Introducing Endpoint Security Manager 3.2
« Reply #6 on: October 13, 2014, 04:55:40 AM »
Can you still deploy your 6.4 policies via the new interface?

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Re: Introducing Endpoint Security Manager 3.2
« Reply #7 on: October 13, 2014, 06:43:25 AM »
Hi Silveringfox,

That would be a 'no'. ESM 3.2 manages CES 8 and is unable to manage CES 6.4.

Kind regards,

Michel.

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Re: Introducing Endpoint Security Manager 3.2
« Reply #8 on: October 13, 2014, 06:44:38 AM »
[at]mouse1 - please post the version of ESM 3 you are running...

<Edit 1>...also please let me know if you can get to https://downloads.comodo.com/cesm/download/updates/updates-pe.xml from your ESM server

<Edit 2> from the devs..."Actually this forum user is right, existing browsers (IE, Chrome, FF, Opera) and mail clients (Outlook, Thunderbird) doesn’t write this IntRAnet Zone ID to the files downloaded from Intranet. We verified this case here by manually set this Zone ID.

So we can call this behavior “known limitation”. We’re tried to overcame this limitation but didn’t find robust solution."
« Last Edit: October 13, 2014, 12:01:56 PM by MichelB »

Offline Michael Allen

  • Newbie
  • *
  • Posts: 1
Re: Introducing Endpoint Security Manager 3.2
« Reply #9 on: October 13, 2014, 02:41:58 PM »
Is it possible to export my existing 3.1 policies to xml and then re-import into 3.2?

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Re: Introducing Endpoint Security Manager 3.2
« Reply #10 on: October 13, 2014, 07:36:18 PM »
Hey Michael,

No, it isn't. We are working on/testing a policy import tool. Watch this space for breaking news...

M.

Offline mouse1

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11852
Re: Introducing Endpoint Security Manager 3.2
« Reply #11 on: October 14, 2014, 05:11:49 AM »


<Edit 1>...also please let me know if you can get to https://downloads.comodo.com/cesm/download/updates/updates-pe.xml from your ESM server

<Edit 2> from the devs..."Actually this forum user is right, existing browsers (IE, Chrome, FF, Opera) and mail clients (Outlook, Thunderbird) doesn’t write this IntRAnet Zone ID to the files downloaded from Intranet. We verified this case here by manually set this Zone ID.

So we can call this behavior “known limitation”. We’re tried to overcame this limitation but didn’t find robust solution."

OK I understand, though I think there is a way to do this, I give a procdump outline of the algorithm in the Bugzilla bug report 1261
« Last Edit: October 14, 2014, 05:57:09 AM by mouse1 »

Offline mouse1

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11852
Re: Introducing Endpoint Security Manager 3.2
« Reply #12 on: October 14, 2014, 05:58:40 AM »
[at]mouse1 - please post the version of ESM 3 you are running...

Yes that was the problem sorry. I was running a slightly pre-release version of immediately previous public version. I resolved with Denis......

Offline w-e-v

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1503
  • BETA FORCE MEMBER
Re: Introducing Endpoint Security Manager 3.2
« Reply #13 on: October 14, 2014, 11:56:28 AM »
Congratulations!

In ESM 3.2, is this reported bug solved?
And any of this requests under this wishlist?

Offline MichelB

  • Comodo's Hero
  • *****
  • Posts: 516
Re: Introducing Endpoint Security Manager 3.2
« Reply #14 on: October 20, 2014, 04:43:26 PM »
Hi w-e-v,

Ubuntu 14 is in testing and will be supported in the next release.

Due to the upcoming features we are doing for the above-mentioned next release (as exposed in the MSP board), we will not have the resource to do the other requests. We have put them in the dev queue for next year's Q1 release though.

Kind regards,
Michél

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek