Fantastic work on this release guys.
I like the idea that I can upgrade my clients without uninstalling, I just upgraded all of them to 4.0 this will save a lot of time bringing them to 4.1.
I like that active directory import now moves computers to the right OU now.
One feature request, automatically hide or delete computers that are no longer in active directory.
The install went smooth no errors or problems.
Again great work.
Thanks.
If you figure out how to update the CIS without uninstalling let me know. If I try to install the CIS on a machine with an older version I get the error Another version of this product is already installed. It then tells me I have to remove the older version before I can install the updated version of CIS.
I was also not able to update the CESM agents. I had to uninstall it on everyones machine before it would push the new agent.
I can confirm this behavior. Unable to “update” CESM agents nor CIS. Full uninstall/reinstall required.
CIS update has a known issue that it does not change it’s version in windows registry and does not inform ESM console about update.
CIS downloads updated binaries and ask for restart on the remote workstation.
Note: for XP CIS ask for administrative account to run updater, otherwise update is impossible.
I do not see the CIS - Updated bases/Binaries.
This is starting to be a hassle to configure these CIS clients.
I am having issues with pushing a config and appending to safe list. When I push a config first the append to safe list does not apply to the CIS. If I apply the append safe list first it applies. After a few minutes the Safe List is gone. This is a problem…
If a request comes up of something wanting access to something I should be able to click on that request and add it to the safe list to the config so I can then push that to all clients. It is too much of a pain to have to track that application to the source and figure out where it is located on the drive and add it to a list to push.
The safe list doesn’t always work. I have added C:\Program Files*Application Folder** and still get request in the CESM to allow or deny something out of that folder. This also goes for Trusted Vendors. I should not see request to allow or deny a application from IBM or HP.
With the latest CESM Agent I am seeing some agents not come online. I either have to uninstall and reinstall or restart the agent service.
Any word on the update CIS without having to uninstall and re-install?
It would be nice to have some sort of directory system setup for Sequences, Tasks, and Packages. Once you start to add quite a few Tasks or whatever it becomes ■■■■■■■ the eyes to find a certain task.
I will have to agree with the other poster about the balloon messages. They do get pretty intense. The only time a balloon message should pop up is if there is a approval pending or a virus has been found. They don’t need to see balloon messages for Defense+ learning or definitions updating.
At this point I don’t trust CESM and CIS for Defense+ or Firewall. The only thing that seems to work OK without cause big problems is the A/V.
This pain will be improved in the next version. 88)
Well…
CIS send request if safe file tries to start unsafe application or application from unknown vendor.
If app1 is in the safe file list and app1 is not in the safe file list or is not sighed, request appear.
So both should be in the safe file list/signed to remove request and CIS should be in safe mode.
- Any word on the update CIS without having to uninstall and re-install?CIS update works but remote workstation should be logged on. Then apply action: Update base/binaries.
- I will have to agree with the other poster about the balloon messages. They do get pretty intense. The only time a balloon message should pop up is if there is a approval pending or a virus has been found. They don't need to see balloon messages for Defense+ learning or definitions updating.
Partially agree with you.
At this point I don't trust CESM and CIS for Defense+ or Firewall. The only thing that seems to work OK without cause big problems is the A/V.
F+ and D+ works fine, you simply have to understand its logic. :-TU
Maybe training would help with understanding the logic and how to configure Defense+ to allow users to actually work without having every program blocked while in safe mode and having safe list pushed out. I can’t turn D+ on because it blocks everything even trusted vendors. I push safe list, but I go and look at CIS safe list on that machine and there is nothing there. After configuring and pushing the Firewall config it blocks the network it is on and the CESM agent. So yeah maybe Comodo having better training would be a great help. I have way too much going on a daily basis to have to constantly monitor the CESM to make sure a user can actually work and not have every application blocked.
\
Just another wish-list item.
Ability to assign a config to a user agent. Basically right click on a workstation with agent install and select a config for it to use. The agent on that machine would go and pull the config from the CESM and always keep the config updated. Instead of having to create a Group and push a config. Especially with laptop environement when people are not always on the network when I try to update their config.
This would make life a lot better.
Thanks,
One more wishlist item.
Having the ability for the A/V to run a scan when a machine is sitting idle and pause when processing picks up by the user. In my case all users have laptops and setting the machine to run a scan at night is impossible as the machine is out of the building and probably turned off. Running scans during the day won’t work because users are using the machines. So a idle scan feature would be perfect.
Thanks,
Thanks.
We review your request.
Good work guys!
Any updates? It’s been a bit quiet in here lately.
will this work with cis 5.0 windows 7 ???