Cis won't allow a domain login

wrapper · May 20, 2009, 9:28pm

Hi Melih,

This probably isn’t the right forum for this, but I did want to get this message to you, so…

I am a principal in a small firm doing some consulting for a Fortune 50 US based firm. We use your CIS at home, in the office, and our our work laptops, and it is fabulous - far less of a resource consumer than Zone Labs with Symantec AV and very effective. I tout it to my friends, family, and clients. But my current main client wants me to logon into their domain, and CIS had prevented my ability to effectively do that for almost a week now. In testing we had frequently exited from CIS on the off chance that it might be the inhibitor, and of course quitting CIS made no difference. By the end of the week one of their level 3 analysts was insisting that my firewall had to be the problem, but I was confident that it was not. So I bet him that it was not, and even offered to uninstall CIS to prove it. To my chagrin, CIS was the culprit that was slowing and preventing the access that I needed.

I looked throughout the forums to see if someone had a clear solution or some standard script that could be appllied to detect and adapt to the clients’ LAN, but without success.

So I reluctantly installed ZoneLabs firewall/antivirus product, and it quickly and cleanly adapted to my clients’ network.

As part of my business, we sell Internet application accelerator and universal access controllers, and offer a customized Sharepoint service, so we were excited to see your recent announcement about securing Sharepoint and Outlook webmail. We would like to able to partner with Comodo, but we need for the CIS product to be easier to use on a corporate desktop for us to be able to encourage our customers to use it.

Is their any chance that Comodo will make CIS as “intuitive” as is ZoneLabs product when it comes to installing on a PC that is part of a large domain?

Thanks, and congratulations on realizing your dream so far - it must be very satisfying.

Ray Palkovic, aka wrapper

languy99 · May 20, 2009, 9:32pm

wrapper post:1:

Hi Melih,

This probably isn’t the right forum for this, but I did want to get this message to you, so…

I am a principal in a small firm doing some consulting for a Fortune 50 US based firm. We use your CIS at home, in the office, and our our work laptops, and it is fabulous - far less of a resource consumer than Zone Labs with Symantec AV and very effective. I tout it to my friends, family, and clients. But my current main client wants me to logon into their domain, and CIS had prevented my ability to effectively do that for almost a week now. In testing we had frequently exited from CIS on the off chance that it might be the inhibitor, and of course quitting CIS made no difference. By the end of the week one of their level 3 analysts was insisting that my firewall had to be the problem, but I was confident that it was not. So I bet him that it was not, and even offered to uninstall CIS to prove it. To my chagrin, CIS was the culprit that was slowing and preventing the access that I needed.

I looked throughout the forums to see if someone had a clear solution or some standard script that could be appllied to detect and adapt to the clients’ LAN, but without success.

So I reluctantly installed ZoneLabs firewall/antivirus product, and it quickly and cleanly adapted to my clients’ network.

As part of my business, we sell Internet application accelerator and universal access controllers, and offer a customized Sharepoint service, so we were excited to see your recent announcement about securing Sharepoint and Outlook webmail. We would like to able to partner with Comodo, but we need for the CIS product to be easier to use on a corporate desktop for us to be able to encourage our customers to use it.

Is their any chance that Comodo will make CIS as “intuitive” as is ZoneLabs product when it comes to installing on a PC that is part of a large domain?

Thanks, and congratulations on realizing your dream so far - it must be very satisfying.

Ray Palkovic, aka wrapper

quick question, did you have comdo check for new networks? From what I can tell it could not see the new LAN. The option to do that is under the MISC tab at the top. Click on settings and it is under the general tab. It is “automatically check for new networks”, if this was not checked comodo would not identify the new network you were trying to get on.

Melih · May 20, 2009, 9:43pm

wrapper post:1:

Hi Melih,

This probably isn’t the right forum for this, but I did want to get this message to you, so…

I am a principal in a small firm doing some consulting for a Fortune 50 US based firm. We use your CIS at home, in the office, and our our work laptops, and it is fabulous - far less of a resource consumer than Zone Labs with Symantec AV and very effective. I tout it to my friends, family, and clients. But my current main client wants me to logon into their domain, and CIS had prevented my ability to effectively do that for almost a week now. In testing we had frequently exited from CIS on the off chance that it might be the inhibitor, and of course quitting CIS made no difference. By the end of the week one of their level 3 analysts was insisting that my firewall had to be the problem, but I was confident that it was not. So I bet him that it was not, and even offered to uninstall CIS to prove it. To my chagrin, CIS was the culprit that was slowing and preventing the access that I needed.

I looked throughout the forums to see if someone had a clear solution or some standard script that could be appllied to detect and adapt to the clients’ LAN, but without success.

So I reluctantly installed ZoneLabs firewall/antivirus product, and it quickly and cleanly adapted to my clients’ network.

As part of my business, we sell Internet application accelerator and universal access controllers, and offer a customized Sharepoint service, so we were excited to see your recent announcement about securing Sharepoint and Outlook webmail. We would like to able to partner with Comodo, but we need for the CIS product to be easier to use on a corporate desktop for us to be able to encourage our customers to use it.

Is their any chance that Comodo will make CIS as “intuitive” as is ZoneLabs product when it comes to installing on a PC that is part of a large domain?

Thanks, and congratulations on realizing your dream so far - it must be very satisfying.

Ray Palkovic, aka wrapper

hi Ray

Thank you for that post.
We have Endpoint Security Manager for easy management of corporate desktops. If you ask the question in the forum or to our techies we could help I am sure.

thanks
Melih

panic · May 21, 2009, 12:02am

This topic has been spilt and moved from its original location.

PM sent asking the OP for details.

Ewen

wrapper · May 21, 2009, 3:55pm

Hi All,

First, Languy99, yes, it was set to discover new networks. It discovered it, but it didn’t say anything about intrusions, etc., at least not in any alert dialogs.

Melih and Ewen, thanks for your rapid responses.

Since I am at my clients’ location and on their LAN and huge domain, I don’t have CIS installed anymore on this laptop, but I can respond to some of the questions that Ewen posed.

The version was 3.8.65951.477 with whatever was the latest db; I always accept all of the updates. The LAN is Windows based, and is very structured and restrictive. The client is very serious about data security.

The IP is obtained via DHCP.

I really don’t know what authentication method is used. I have a user ID and a domain that I log into, and the domain creates a new user on my desktop with rights controlled by the domain. When I access remotely, the authentication employs SecureID.

There were NO error messages, at least not in terms of alerts. It turns out that there were blockages in the firewall log, and I thought I had them resolved, but evidently not. Besides not letting me connect to the Exchange server, another symptom of the problem was that it took 15 minutes to get my desktop up after logging on to the domain. Now with ZA installed it takes 30 seconds.

Melih, the possibility of getting the client to adopt Endpoint Security instead of their current method of managing their huge number of endpoints is very remote. They are very, very large and therefore very, very conservative.

My recommendation to you about penetration into a large corporate market was more to the idea of making CIS as “friendly” in the LAN discovery process as ZA is. Again I don’t know what ZA did, but when I now look in my trusted zones I see the DHCP servers, the DNS servers, and the domain controller, and I didn’t have to do a thing to make that happen. That’s the kind of ease of use that you need to emulate. If you do that, you can obviously compete on price, even if you do charge them for seats, and your better ratings and less resource consumption make great selling points.

I don’t have the time to try and adapt CIS to work in this environment, so I’m not looking for further technical help. But if Comodo ever does try to emulate the discovery process that ZA uses, please ask me to beta test it.

Thanks again,
Ray Palkovic