Which type of e-mail protection provide CIS and his antivirus component?How CIS protect e-mails and block possible virus attacks from there?
It will be good to hear some more informations about that and I think that this is important for users which consider should they start using full CIS protection (not only firewall) .
I don’t think CIS has a specific e-mail protection module however if you sandbox your e-mail client then anything it does will be done in the sandbox hence if it downloads a virus that will end up in the sandbox and anything the virus does should in theory be contained within the sandbox.
If you don’t run the e-mail client in the sandbox and you download an attachment that turns out to be a virus, then if it is a known virus to Comodo it will trigger the anti-virus and you should be able to remove it without it doing any harm.
However if the virus is not known to be a virus but still unknown to Comodo overall (not added to whitelist) then the virus will be sandboxed according to the settings you currently have, default is Partially Limited.
BUT… if the virus is for some reason whitelisted or for other reasons found safe, it could cause serious harm depending on how you have CIS set up.
If anything in my comment is wrong then please point it out ^^‘’
Thanks SanyaIV for info.So, it means that all pretty much depend on sandbox, sandbox control level and comodo white list.It will be nice to see another independent level of protection.
I wondered what instant messenger protection, email protection, browser protection
means.
An antivirus detects things. When they hit the drive or when they try to run. Why do i need those protections? Or are they names?
I scan what i download, mostly i look at it while running in a virtualized sandbox.
Use an antivirus with a guard, be sceptical in front of emails. That will do the job.
Feel free to let me know what a benefit such a protection offers.
Yes and no, there are four layers of Security within CIS as I see it:
-
The anti-virus which detects viruses based on signatures.
-
Sandbox which sandboxes unknown applications.
-
HIPS which monitors and blocks actions of non-sandboxed applications until you allow these actions. I don’t know if this component is active when the application is sandboxed though. Also noteworthy us that HIPS is disabled by default so it might be a good idea to enable it.
-
Firewall if the virus is trying to communicate or send information to it’s creator.
-
Now the most important layer security is the user! Common sense and thinking before clicking random things etc is a great protection.
I think Chiron has a guide to set up a good security with CIS, I will try to find it.
Edit: Got a PM with the link, here it is: High quality HDMI cables in comparison - Gizmo's Best
I think blocking a malware should be done before it gets to your mailbox and not depend on your resident AV. Why not?
If you check your email in more than one PC and/or mobile devices, then your resident AV installed in 1 PC will not protect your mailbox.
You need real MAILBOX protection, without having a software installed in every equipment or device where you check your emails: Comodo Antispam Gateway
Thats pretty smart, convenient and resources saving, isnt it? Best of all, FREE!
w-e-v, thanks for that advice.I didn’t notice (miss Business / Enterprise Security Products & Services section of forum) Comodo Antispam Gateway, although looked for something like that.I will inform myself about that.
Glad to help :-TU
Some AV providers advertise email scanning as a marketing technique since many people think it’s needed but email scanning is something that is almost completely redundant in today’s world. All of the mail providers scan all the mail passing through their system before you ever see it. Add to that the fact that no malware contained in an email or attachment can do anything until it is actually allowed to execute. At which point a good security package, like CIS, will either detect a known baddie or block an unknown one. There really is no need to scan email as it is being downloaded.