ITarian – IT Operation Platform October Release (2019-10-12)

Endpoint Manager

Endpoint Manager Core

New Features

Fallback connections for proxy servers

You can now tell CCC and CCS to use a direct internet connection if your proxy server is not reachable for any reason.

Two-factor authentication on standalone Endpoint Manager

Two-factor authentication has been an option on Comodo One and ITarian portals for some years now. With this release, we extend the feature to the standalone version of Endpoint Manager.

Endpoint Manager admins can now: 

  • Force two-factor authentication for all Endpoint Manager users
  • Enable two-factor for themselves
  • View the status of two-factor authentication on all user accounts
  • Reset two-factor authentication if there are issues

Flag and remove options for old and duplicate devices

New device management options allow admins to:

  • Filter duplicate devices
  • Define a time period after which inactive and duplicate devices will be removed from Endpoint Manager

Support for iOS 13

Endpoint Manager now supports mobile devices running on iOS 13.

Change Passwords Manually

You can now manually reset an Endpoint Manager user account password. Admins can now specify, or auto-generate, a new password on behalf of users.

Security

New Features

Shellcode injection moved to Miscellaneous tab

  • The shellcode injection option has been moved from the HIPS section of a Windows profile, to the ‘Miscellaneous Settings’ section.  This was done for consistency with the Windows security client (CCS)/

 ‘Skipped’ status added to antivirus logs

  • Antivirus logs in the security dashboard now state ‘Skipped’ if a file was not scanned. The new description is more useful for troubleshooting purposes than the previous description of ‘Unknown’.

Ability to restore disabled services, autoruns and scheduled tasks

  • You can now view all disabled services, autoruns and scheduled tasks in the ‘Antivirus’ area of Endpoint Manager. Admins can re-enable these items on selected devices, or all devices.

Remote Control

New Features

Proxy Configuration Fallback

Admins can now have the Remote Control tool revert to a direct connection if their proxy is unavailable.

 File Transfer Improvements

The latest release sees the following incremental improvements to remote file transfers:

  • Select and transfer multiple items.
  • Single-click remote files/folders to rename them
  •  ‘Transfer Logs’ have been added to the ‘Audit Logs’ section.

Bug Fixes

  • Fixed occasional connection errors when using remote tools in the Endpoint Manager portal.
  • Fixed issue that prevented Comodo Remote Control sessions when a maintenance window was active on target devices.

Remote Monitoring and Management

New Features

Procedure workflows:

  • You can now receive reports after a procedure is successful on targeted devices.
  • More details about a failed procedure have been added to auto-generated Service Desk tickets.

Improvements

  • Hidden procedure execute for support admin account.
  • Redesigned storage structure.
  • Improve logging mechanism for network discovery.

Bug Fixes

  • Fixed bug which caused the RMM service to crash (specifically RMMService 6.30.29303.19090)

Patch Management

New Features

OS patching on vulnerable devices

  • Admins can now install operating system patches on at-risk/vulnerable devices.

Improvements

  •  Improvements to the patch manager log collector

Bug Fixes

  • Fixed a procedure execution issue related to logged in users
  • Fixed issue related to Microsoft Teams collaboration software
  • Fixed bug that caused Endpoint manager to mistakenly show supported software as unsupported

Comodo Client Security

Windows

New Features

Scan DLLs loaded by processes

  • Added new option, ‘Monitor DLL files loaded by running processes’, to ‘Advanced Protection’ > ‘Miscellaneous’

Improved Windows Boot Protection

  • Comodo Client Security (CCS) now monitor untrusted DLLs & autoruns before the CCS service launches. This includes untrusted apps and unknown PE files which attempt to load via system vulnerabilities.

Scan from VDT session or via ‘Windows Fax and Scan’ application 

  • Added  list for application which allowed to access COM/DCOM unrestricted from containment and be a part of configuration.   

Monitor Un-trusted DLLs & autoruns before CCS service launches

  • Added new option, “Use direct connection if proxy is unreachable”  the Proxy and Host settings.

Two-factor authentication added to Unknown File hunter (UFH)

  • After setting up 2FA in the portal, users will also be able login to UFH with the same system of Google Authenticator codes.

 Vulnerability Fixes

  •  Refactoring to resolve CVE-2019-14694
  •  Contained applications are now prohibited from accessing power options
  • Unsigned DLLs can no longer load into Comodo Client Security processes. Supported on Windows 8+
  • Added ability to prevent contained processes reading the memory of other processes. 

Bug Fixes

  • Full scan aborted – cavwp.exe crashes on Windows 10×64   
  • Application crashes when it is started in Containment via right click
  • Virtual desktop prompt is split when 2 screens are connected 
  • Unable to start browsers in containment 
  • CCS does not start “Antivirus Update” operation by “COMODO Signature Update” scheduled task 
  • AV scan doesn’t log embedded code detected in autorun items correctly 

Service Desk

Bug Fixes

  • Post a reply issue from the browser on Service Desk
  • New SD users created via Helpdesk portal are not getting activation/verification e-mails automatically right after registration
  • Wrong error message appears creating new ticket with wrong e-mail format
  • Ticket Data and Executive Ticket Summary Report don’t receive data from SD
  • “Add New Field” button doesn’t work when editing the CUSTOM FORM “Ticket Details”

Cost -Neutral IT Management

At ITarian we strive to bring you the essential platform and tools needed to manage either your own IT department or your customer’s IT infrastructure. That means, RMM (Remote Monitoring Management), Remote Access, Patch Management, SNMP, and much more.

We initially achieved this Cost Neutrality by not having a “commercial relationship” with users and not charging.

Now we have over 16,000 MSPs and Enterprises (as of Sept 2019) using the platform on a daily basis to manage their IT infrastructure.

Challenges we faced with the Free Model vs Cost Neutral Model

Mid to Large MSPs and Enterprises started demanding a commercial relationship in order to achieve the SLAs they provide for their customers. For Mid to Large level MSPs and Enterprises it was more about SLAs vs free. It was only fair that such a critical infrastructure/tool that affected their SLA should also provide an SLA under a commercial agreement.

That’s when the ITarian Product Management Team started thinking about providing a Cost Neutral model but also providing an SLA for everyone! Soon there had to be a commercial relationship with our userbase for the upcoming launch of our Marketplace. We naturally expect the people we benefit by providing a cost neutral infrastructure, to support us by using our marketplace (which will be very reasonable).

So, What’s the Idea?

We charge per endpoint per month (MSPs please apply for MSP discounted rate), but we will reimburse your spending, dollar for dollar, by deducting all of your spending on the following products

100% Re-imbursement on the following products:

1)Comodo Advanced Endpoint Protection (AEP)

2)Comodo Endpoint Detection and Response (EDR)

Marketplace Re-imbursement:

TBA

What will you have in your marketplace?

Our ultimate goal is to integrate everything you need to buy via the marketplace so that you have a much smoother, centralized experience. We will add vendors in phases.

Phase 1 – Apart from Comodo Endpoint Security, cDome Shield, Comodo Antispam, and Comodo MDR; The following will be available:

Acronis Acronis Backup

CloudStack CloudStack

Google G Suite

Huawei Huawei Fusion Manager

iMind iMind Video Conference

ISPsystem ISPmanager

Microsoft Azure Advanced Threat Protection for Users

Microsoft Azure Active Directory

Microsoft Azure Pack

Microsoft Dynamics 365 Business Central

Microsoft Dynamics 365 Marketing

Microsoft Microsoft Exchange Server 2016

Microsoft Azure Stack

Microsoft Exchange Online Archiving

Microsoft Exchange Online

Microsoft Dynamics 365 Field Service

Microsoft Dynamics 365 Retail

Microsoft Dynamics 365 Sales

Microsoft Dynamics 365 Finance and Operations

Microsoft Dynamics 365 Operations

Microsoft Dynamics 365 Talent

Microsoft Azure Information Protection

Microsoft Microsoft Enterprise Mobility + Security

Microsoft Microsoft 365 Enterprise

Microsoft Microsoft 365 Business

Microsoft Office 365 Education

Phase 2 – TBA

Phase 3 – TBA

What if I can’t afford it because I am just starting out?

Please write to us at success@itarian.com and we will set you up with our “Business Start Up” team to help you all the way!

Will you reimburse me for my marketplace spending?

As soon as we launch the marketplace, we will announce the “reimbursement” ratios. Until then you can get 100% deduction on the above 2 products.

Any special pricing for MSPs?

Yes, please get in contact with us for special pricing at success@itarian.com

How will I be reimbursed?

We will deduct 100% of your spending to use towards your purchase of any of these 2 products. That amount will be deducted from your invoices automatically.

I have been using ITarian for free – do I need to pay?

Get in touch with our Partner success team (success@itarian.com) to help you navigate the best solution. Don’t forget, we want to make IT Management Cost-Neutral for you.

Client Versions

  • Windows Communication Client 6.31.30518.19100
  • Windows Client – Security 11.6.0.7829
  • Windows Remote Control 6.31.30444.19100
  • MacOS Communication Client 6.31.30316.19100
  • MacOS Client – Security 2.4.4.844
  • MacOS Remote Control 6.31.30425.19100
  • Linux Communication Client 6.28.26228.19060
  • Linux Client – Security 2.2.1.495
  • Android Mobile Device Management Client 6.13.8.2
  • iOS Mobile Device Management Client 1.2.27

ITarian – IT Operation Platform September Release (2019-09-07)

Endpoint Manager

Endpoint Manager Core

New Features

Onboarding Wizard for Enrollment

We redesigned the enrollment process to make it easier to add new devices. You can now enroll and protect your device in a single wizard. 

Admins now have the option to ‘Enroll’, ‘Protect’, or ‘Enroll + Protect’ when adding new devices. You can pick different options for individual devices, or different options per operating system. 

Apple DEP Integration 

Endpoint Manager now supports Apple’s Device Enrollment Program (DEP), an important boon for customers who manage devices in the Apple ecosystem. DEP simplifies the previously complex procedure of enrolling and managing MAC/iOS devices, reducing the number of steps required before a device is ready for use. 

From the September release onwards, iOS devices that are managed over DEP will be synced automatically with Endpoint Manager.

  • Sync and manage iOS devices from Apple DEP
  • Manage enrollment and notification settings of Apple DEP
  • Add, remove or renew Apple DEP tokens on Endpoint Manager.

For more information about Apple DEP, please visit https://www.apple.com/business/site/docs/DEP_Guide.pdf

Security

New Features

Virtual Desktop events

You can now view virtual desktop logs in the ‘Event View’ tab of ‘Security Dashboards’.

 Virtual Desktop Status in Device List

New ‘Virtual Desktop’ column added to the device list. There are three icons to indicate the status of the virtual desktop on the endpoint:

  • Virtual Desktop is running
  • Virtual Desktop is not running
  • Virtual Desktop is not supported

Disable realtime scans on network files – Mac OS profiles

In the last release, we added a setting to MAC CCS to disable automatic scans on network items. We have now added the same setting to MAC OS profiles in Endpoint manager. This means the feature can be more easily rolled out to all managed endpoints.

“Real time virus scans are now optional for items on shared network drives. This can improve performance by eliminating needless scans on write-restricted files. If an endpoint does not have the rights to delete/quarantine files in a shared folder anyway, then there is little reason to scan them at this point. Any files copied to the endpoint will, of course, still be scanned locally.”

Device tree added to Security Dashboard pages

A much requested quality-of-life feature, the new device tree lets you view events, and take actions, on specific device groups.

Remote Control

New Features

ITSM Service Inventory

New feature lets you silently connect to a managed endpoint to manage the local service inventory.

Added multi-language support to the Remote Control app

You can now use the Remote Control app for Mac and Windows devices in German, French, Portuguese and Chinese.

Bug Fixes

  • Fixed device takeover error messages.

 Remote Monitoring and Management

New Features

 SNMP Monitoring

You can now use SNMP monitoring to monitor network devices as well. It is now also possible to:

  • Manage devices which are found on the network
  • Create profiles for network devices
  • Create monitors for network devices.

 Auto Enrollment for Network Devices

You can now define auto-enrollment preferences for network discoveries.

Clearer, Filterable, Exportable Procedure logs

You can now email scheduled procedure logs. The details in the logs themselves have also been improved.

Bug Fixes

●       Fixed bug that caused disk space monitors to produce a false positive.

Patch Management

New Features

CVE Visibility – Vulnerability Management

You can now view CVE details about issues affecting vulnerable devices.

Bug Fixes

● Fixed an issue where MSI errors during a 3rd party patch operation were not getting reported in the Endpoint Manager UI.

● Fixed an issue that caused Endpoint Manager to show the wrong number of installed/uninstalled patches. 

● Fixed issue that prevented patching from working properly in some cases

● Fixed bug that caused software inventory scans to take an abnormally long time

Comodo Client Security

Windows

New Features

  • Website filtering. New feature automatically detects and blocks harmful websites, improving online security for endpoint users.
  • Detailed parent process logging. CCS logs now show the parent process of applications blocked by the containment module.
  • Macro script monitoring. The antivirus now monitors the execution of macro scripts and blocks malicious behaviour.

Improvements

  • Confirmation message shown when attempting to exit the Virtual Desktop. You now have the option to show a confirmation message to end-users if they try to close the virtual desktop. This is to help ensure users do not accidently leave a virtual session.
  • ‘Ok’ button added added to the ‘PIN’ popup that is shown when the Virtual Desktop starts. The button allows the user to close/hide the PIN popup.
  • Added option to force users to scroll to the end of the Virtual Desktop Disclaimer.
  • Virtual Desktop sessions now have a maximum time expiry time of 24 hours.
  • %USERPROFILE%\Downloads\* folder has been removed from the ‘Shared Spaces’ file group. This location could potentially contain valuable user information.

Service Desk

Bug Fixes

  • Fixed the issue of unable to enable/disable Admin Email
  • Fixed the issue of wrong SLA warning levels
  • Fixed the issue of error messages for uploading over sized pictures
  • Fixed the issue of multiple attachment showing problem

APPENDIX-1  

New Client Versions:

  • Windows Communication Client  6.30.29304.19090
  • Windows Client – Security 11.5.0.7759
  • Windows Remote Control 6.30.29237.19090
  • MacOS Communication Client 6.30.28366.19090
  • MacOS Client – Security 2.4.4.844 (previous)
  • MacOS Remote Control 6.30.29238.19090
  • Linux Communication Client 6.28.26228.19060 (previous)
  • Linux Client – Security 2.2.1.495
  • Android Mobile Device Management Client 6.13.8.2 (previous)
  • iOS Mobile Device Management Client 1.2.27 (previous)

ITarian – IT Operation Platform July Release (2019-07-13)

Endpoint Manager

Endpoint Manager Core

New Features

Proxy Mechanism for Clients

You can now specify local endpoints as proxies from which other endpoints can collect installation packages and database updates. This helps save network traffic and accelerates package deployment when a large number of endpoints are involved.

You distribute the following packages with this feature:

  • Comodo Communication Client
  • Comodo Client Security
  • Virus database updates

You can define the maximum amount of traffic to be used for package distribution, and the maximum number of proxy endpoints.

Here is the wiki of this feature.

Bug Fixes

  • Fixed the issue of auto-remediation procedure triggers despite it is disabled in monitor settings on portal.
  • Fixed the issue of MacOS Communication Client connection failure.
  • Fixed the issue of maintenance window being shown as “OFF” while it is actually in the preset interval.
  • Fixed the issue of location tracking for mobile devices.
  • Fixed the issue of download servers from security profile not being applied to client immediately.
  • Fixed the issue of translation inconsistencies for Remote Control and Remote Tool settings in profiles.
  • Supported Device Platforms page is updated in order not to cause disinformation.

Security

New Features

Virtualization Exclusions for Removable Media

You can now exclude removable media such as USB sticks and external drives from virtualization. Doing so allows apps in the Virtual Desktop to write and make changes to specific media attached to the endpoint. This provides another way to export data from the Virtual Desktop in addition to Shared Space.

You can configure these exceptions in the ‘Containment’ section of an Endpoint Manager profile.

Set Custom Disclaimer for Virtual Desktop

Expanding our white-label options, you can now configure a custom disclaimer message for the Virtual Desktop. Users must accept the disclaimer before starting the virtual session.

You can configure the disclaimer in the ‘Containment’ section of an Endpoint Manager profile.

See this wiki if you want help to white label/rebrand the Endpoint Manager clients.

Allow User to Override Virtual Desktop settings

When enabled, Endpoint Manager will not reverse local Virtual Desktop settings that are different to those in the endpoint’s profile. Ordinarily, Endpoint Manager checks devices to see if the local settings match those in the device profile. It will re-implement the profile settings if it detects any deviation.

The new setting gives admins greater flexibility and control over individual endpoints. For example, you can now disable the exit password on a specific endpoint, avoiding the need to create a whole new profile just to accomplish this one task.

This addition complements the existing override option in the ‘Client Access Control’ section of a profile, which allows local changes to *every* CCS setting. Admins can now allow local override of just the virtual desktop settings, while preventing changes to other CCS settings.

You can configure the override setting in the ‘Containment’ section of an Endpoint Manager profile.

Here is the wiki of this feature.

Show only Virtual Desktop settings on endpoint

New option to only show virtual desktop options when users click the CCS tray icon on an endpoint. End-users can then access and launch the virtual desktop, but cannot change other CCS settings.

This feature is useful when used with the override option described above.

You can configure this setting in the ‘UI Settings’ section of an Endpoint Manager profile.

Here is the wiki of this feature.

Improvements

Auto-updates disabled by default in CCS

Automatic updates to the CCS client are now disabled by default in predefined profiles. This change was made after valued feedback from our customers who manage complex, sometimes delicately balanced networks. To avoid potential disruptions, customers prefer to be notified when updates are available so they can review them before installation.

New default actions for unknown autorun entries

This setting determines what CCS should do if an application tries to create/modifiy a service, auto-start entry, or scheduled task. You can find it at ‘Configuration Templates’ > ‘Profiles’ > open a level 2 or 3 profile > Click the ‘Miscellaneous’ tab.

The previous default was ‘Ignore’. The new defaults are:

  •         Security Level 2 profiles –  ‘Terminate and Disable’
  •         Security Level 3 profiles –  ‘Quarantine and Disable’

You can find background information on this setting at https://help.comodo.com/topic-399-1-904-11900-miscellaneous-settings.html#action_on_tasks

Remote Control

New Features

File Transfer: Folder Transfers

You can now send/receive folders via file transfer in the Remote Control application.

You can track folder transfer status in the file transfer queue pane.

Here is the wiki of this feature.

Role-based access control for Remote Control file transfer

You can now limit file transfer capabilities for specific devices and/or device groups.

Similarly, you can now limit file transfer capabilities by role.

Here is the wiki of this feature.

Bug Fixes

  • Fixed the issue of connecting to MacOS with Remote Control.

Comodo Client Security 

Windows

New Features

‘Virtual Desktop only’ mode

As mentioned in the Endpoint Manager section earlier, we have added the ability to show only virtual desktop options when users click the CCS tray icon on an endpoint.

When enabled in a profile, CCS will only show these two items when you click the tray icon:

  •       Run Virtual Desktop – Opens the Virtual Desktop
  •       Open Virtual Desktop Settings – Opens the Virtual Desktop settings area in CCS

End-users cannot access any other area of CCS.

Improved password policy for the Virtual Desktop

Admins can prevent end-users from accessing the local computer by setting an ‘exit’ password on the Virtual Desktop. Once set, users will need to enter the password if they want to switch from the virtual environment to the local environment. We added the following settings to improve the security of this password:

  •       90-day validity period. The exit password will expire, and must be changed, after 90 days.
  •       Password complexity requirements. Passwords must now be 8-16 characters and contain a mix of upper case letters, lower case letters, numbers, and special characters.

Detection of msi installation through URL

Added a default containment rule that prevents the installation of msi packages via a URL in a command line. This feature is tightly coupled with Script Analysis as it will be detected in the list of enabled interpreters.

Virtualization exclusions for removable media.

Under default conditions, apps in the virtual desktop write to a virtual file system, and cannot save changes to the host or any peripherals. As covered earlier, you can now create exceptions to this rule for specific removable media. Creating such an exception allows users to more easily export data from the virtual desktop to USB sticks, external storage drives, or CD/DVD.

Extended Virtual Desktop Logs

Virtual desktop logs have been moved out of the ‘Containment Logs’ section and now have their own section. This improves log visibility and makes it easier to conduct investigations, analysis and forensics.

Bug Fixes

  • Fixed the issue of aborted AV Full Scans
  • Fixed the issue of adding timeout value in the duration of Virtual Desktop session
  • Fixed the issue of internal process crashes on Windows 10 Pro, Server 2016 and Server 2012 R2
  • Fixed the issue of twitching CCS icon
  • Fixed the issue of incompatibility between the security agent and Google Chrome Enterprise
  • Fixed the issue of mapping drives under incorrect directories
  • Fixed the issue of failed Antivirus signature database updates

MacOS

New Features

Disable real time scans on network items

Real time virus scans are now optional for items on shared network drives. This can improve performance by eliminating needless scans on write-restricted files. If an endpoint does not have the rights to delete/quarantine files in a shared folder anyway, then there is little reason to scan them at this point. Any files copied to the endpoint will, of course, still be scanned locally.

Here is the wiki of this feature.

Linux

New Features

External Device Control logs

We added event logs for the USB control rule. The rule allows admins to block the use of USB devices on Linux endpoints. The new logs let you analyze events where there was an attempted breach of the rule.

Here is the wiki of this feature.

Bug Fixes

  • Fixed the issue of requesting password on scan initiation attempt

Remote Monitoring and Management

Bug Fixes

  • Fixed the issue of RMM service crashing.
  • Fixed the issue of Disk Space Monitoring’s false alerts.
  • Fixed the issue of incorrect output in monitoring results.

Patch Management

Bug Fixes

  • Fixed the issue of not showing Russian characters in the Global Software Inventory.
  • Fixed the issue of Software Inventory loading failure.
  • Fixed the issue of available but not displayed 3rd party patches problem.

Service Desk

New Features

With July release Audit Data Logs will include the action time.

Portal

New Features

Comodo Dragon platform

As you may remember we introduced Itarian platform in October release. In that release, all functionality was the same for both the ITarian and Comodo ONE platforms. The only difference was the platform skin (either ITarian or Comodo ONE branded).

However, the ultimate goal was reaching to a point that we have two perfect platform. The first one, ITarian Platform, would mainly bring IT Management aspects into the forefront which is strengthened with security products. With the second platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that brings security aspects into the forefront which is strengthened by IT Management features. You will find MDR, EDR, Network Security products and much more that are directly integrated in this platform. With this new platform you now become MSSP!!! Yes, you can offer full MSSP capabilities with your own whitelabelled SOC! Just enable COMODO Dragon Platform and start offering MSSP services, no expertise, no staff, no costly SIEM licenses! It is literally MSSP in a box!!!

Now it is time to do this. By introducing Comodo Dragon Platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that provides Active Breach Protection in a single platform. Enable this and become an MSSP!!!

This release will be the first step toward this goal. Comodo One will turn into Dragon Platform step by step. We will first start with rebranding and continue with powerful dashboards, with built-in security products and much more.

Nothing will change from Itarian side. Itarian will continue to be your centralized IT management platform with much more powerful features.

APPENDIX-1

New Client Versions:

  • Windows Communication Client  6.29.27210.19070
  • Windows Client – Security 11.4.0.7615
  • Windows Remote Control 6.29.27171.19070
  • macOS Communication Client 6.29.27177.19070
  • macOS Client – Security 2.4.4.844
  • macOS Remote Control 6.29.27180.19070
  • Android Mobile Device Management Client 6.13.8.2

ITarian – IT Operation Platform June Release (2019-06-08)

Remote Monitoring and Management

New Features

  • Maintenance Window compliance warnings

    Endpoint Manager will warn you if you set an end-time for a patch procedure which is outside that of the maintenance window.  The warning will list the maintenance window times so you can adjust accordingly.
  • Passing Parameters for Custom Script Monitors

    You can now use custom procedures with parameters when creating a monitor.
    Here is the wiki of this feature.

Improvements

  • Procedure Log Enhancements

    You can now filter execution logs by the following columns:
  • Device online status
  • Device Name
  • Started at
  • Started by
  • Launch Type
  • Finished at
  • Status
  • Last status update

  • New fields added to device execution logs. You can now export these logs with the following additional fields:

    • Last execution time
    • Last execution status
    • Additional information
    • Service Desk ticket link
    • Service Desk ticket status
    • Service Desk ticket created date

Bug Fixes

  • Fixed the issue of Endpoint Manager Portal sending late email notifications about triggered monitors.
  • Fixed the issue of incorrect time within email notifications about triggered monitors.
  • Fixed the issue of being unable to set “End Time Settings” correctly for scheduled procedures.

Patch Management

Bug Fixes

  • Fixed the issue about incorrect number of patches reported and shown in device list section in Endpoint Manager portal.
  • Fixed the issue about inability to silently uninstall RStudio1.1.463 64bit application.
  • Fixed the issue about inability to update OneDrive application.

Comodo Client Security  

Windows

Connectivity Issues Regarding CCS v11.2

  • The engineering team investigated the issue from the first day of the incident, as some firewall-sourced connectivity issues were reported from some customers. Eventually, the issue is identified as it sourced from the complications of Firewall module refactoring during the transition from v11.1 to 11.2. Therefore, it has been decided that these refactorings should be reverted in this release. Internal tests and the tests on several customer environments were completed successfully. The team will keep working in depth to prevent recurrence of similar incidents. Due to this reversion, a few recent Firewall features will disappear. The detailed feature list can be found below. Please note that these features were not reflected to Endpoint Manager. Therefore, it will not require you to make any changes on your configuration under usual circumstances.
    • Ability to specify criteria for Firewall rules.
    • Rating, Containment status, Age, Parent Process etc
    • Ability to create Firewall rules for IPv6 address ranges
    • Features to be reverted:

New Features

  • The antivirus scanner will now skip files that take longer than 5 minutes to scan. This improves performance in manual and scheduled scans. Skipped files are shown in the scan results screen.

Improvements

  • New rule to auto-contain .msi installers. The new ‘Run Virtually’ rule applies to msiexec.exe files if the parent process is in the ‘Management and Productivity Applications’ group. This improves security by virtualizing any unknown files launched via msiexcec.exe by legitimate applications in the group.
  • View logs straight from the tray icon. You can now access the ‘View Logs’ interface by simply right-clicking on the CCS tray icon.
  • Enable/disable HIPS from the tray icon. Quickly activate or deactivate HIPS from the right-click menu of the CCS tray icon.
  • Added ‘Block’ actions to the containment parent process tree. Processes blocked by the containment module are now logged in Containment Logs > Parent Process records. This improves visibility during forensic investigations.
  • ‘Reputation’ column renamed as ‘Rating’ in the auto-containment rules screen. This change is to improve language consistency across product interfaces.
  • Caps-Lock Warning. You are now warned if caps-lock is on when entering the client access password.

Bug Fixes

  • Fixed the issue of not minimizing Virtual Desktop
  • Fixed the issue of Full Antivirus scan failures
  • Fixed the issue of reporting internal containment services to EM
  • Fixed the issue of BSOD after CCS installation
  • Fixed the issue of BSOD when a cellular modem is enabled on the endpoint
  • Fixed the issue of internal Comodo services crashs on Windows Server 2012 R2

Linux

New Features

  • External device control rule for USB Devices. New rule lets you block the use of USB devices on Linux endpoints. You can create exceptions for specific devices if required.

Bug Fixes

  • Customer name can exceed characters count limit with Edit option has been fixed.
  • C1 Portal Notifications – html tag was shown. It has been fixed.
  • Error 500 was appears after session timeout.It has been fixed.
  • There was a problem on changing Daylight Saving Time settings. It has been fixed.

ITarian – IT Operation Platform Hotfix (2019-05-17)

Endpoint Manager

Endpoint Manager Core

  • License expiration mails are extended with:
    • Contact information for portal.
    • Unsubscribe option
  • Report settings are extended with option to send license usage report only to account admin.
  • Fixed the issue of translation for Endpoint Manager when language change from portal.

ITarian- IT Operation Platform April Release (2019-04-13)

Endpoint Manager

Endpoint Manager Core

New Features

  • License Management for Advanced Endpoint Protection

With this release, you will be able to manage licenses for Advanced Endpoint Protection to manage licenses for devices with Comodo Client Security is installed.

  • You will be able to distribute your seats in your licenses between your customers and manage allocation for a specific customer from different licenses at the same time.
  • you will be able to assign licenses to specific customer or use as global to manage it for all customers
  • you will be able to setup license usage reports for tracking the activities of a specific license
  • you will be able to get notified about expirations of the licenses
    Here is the wiki of this feature.
  • Maintenance Windows

You will be able to define maintenance windows in order to create a planned maintenance calendar. With this feature,

  • You will be able to create maintenance window for different timeframes.
  • You will be able to stop monitors in this period
  • You will be able to schedule procedures to a specific maintenance window.
  • You will be able to randomize the tasks that you plan in order to prevent performance issues.

This feature is will be the first version. In the upcoming releases you will also be able to have below features:

  • blocking below on demand tasks or warning about it to the related staff
    • remote control
    • remote tools
    • patch installation
    • script procedures
    • patch procedures
    • other MSI package installation
    • reboot system
  • ability to define time frames in order to stop maintenance windows for special days like christmas, holiday etc.
  • ability to select the methodology for procedure running for offline devices in maintenance windows.
    Here is the wiki of this feature.
  • Management of Communication and Security Client Versions

With this release, you will be able to plan updates for clients so that you can track your own plan for your portal. With this feature,

  • you will be able to select a default version for communication and security clients under Portal Set Up section.;
    The default version will be applied to Endpoint Manager for enrollment, bulk installation, client updates and dashboard sections.
  • you will also be able to enable or disable selecting different versions to be installed or updated by your staff.
    Here is the wiki of the feature

Improvements

  • Support for operating systems
    We continue to develop Endpoint Manager as the platform which lets you manage EVERY device on your network or your customer’s network. In addition to the existing list, you can now enroll devices which run the following operating systems:
    • Windows Server 2003
    • Windows Server 2008
    • Windows Server 2012

Bug Fixes

  • Fixed the issue of uninstallation of softwares from global software inventory.
  • Fixed the issue of event count alignment with portal dashboard and list in security sub systems.
  • Fixed the issue with CCSM version in device list exported report.
  • Fixed the issue of e-mail and help link shared in question mark at top right of the screen.
  • Fixed the issue of addition of file group with sign “?”.
  • Fixed the issue with warning while adding iOS application to iOS app store.
  • Fixed the issue of high CPU usage for Android mobile device management clients.

Security

New Features

  • Countdown timer for Training Mode. This feature enables you to set a restriction for HIPS and Firewall modules to run in Training Mode for a specified time period. The major benefit is that CCS running in Training Mode for a long time on endpoints may overwhelm by creating excessive amount of rules which results in performance issues on the endpoints.
    Here is the wiki of this feature.
  • Valkyrie section in MacOS Profiles. We’re proud to introduce our unique cloud file analysis system, Valkyrie to MacOS endpoints. Now, your unknown executables files (e.g. .dmg and Mach-o files)  detected on MacOS endpoints will be sent to Valkyrie and be analyzed whether they are trusted or malicious. You can enable this component and unknowns on your system can be analyzed and required action taken on them automatically.
    • Lookup and Submit files for Analysis: Enable the agent to to perform lookups for unknown files and submit if their rating is unknown. Enabled by default
    • File size limitation. Set a file size constraint for the target files to be uploaded. The default value is 150 MB
    • The options available on the agent settings:

Here is the wiki of this feature.

  • Valkyrie section in Linux  Profiles. We’re proud to introduce our unique cloud file analysis system, Valkyrie to Linux  endpoints. Now, your unknown executables files (e.g. .elf and other executables) detected on Linux  endpoints will be sent to Valkyrie and be analyzed whether they are trusted or malicious. You can enable this component and unknowns on your system can be analyzed and required action taken on them automatically.
    • Lookup and Submit files for Analysis: Enable the agent to to perform lookups for unknown files and submit if their rating is unknown. Enabled by default
    • File size limitation. Set a file size constraint for the target files to be uploaded. The default value is 150 MB
    • The options available on the agent settings:

Here is the wiki of this feature.

  • Security Dashboards – Device View. A brandnew approach to your system security monitor. With this feature, you will have an overall look to the security events based on the device that they takes place. By aggregating the security events per device, you will have the ability to display each device per the latest event and related CCS component. With the expandable line capability, you can expand and check for the latest events from the each component that reports any to the portal.
    Here is the wiki of this feature.
  • Restore Affected Autorun entries. With this feature, the suspicious autorun entries (e.g autoruns, Windows Services, scheduled tasks) and the target files will be reported to the portal with the action taken on them. You can see their current statuses whether they are blocked or quarantined, or ignored. Furthermore, you can enable the disabled service back and restore the quarantined files affiliated with that entry. Since you have more control on your system now, you can strengthen your autoruns policies in Miscellaneous section to enhance the protection level on  your systems.
  • Virtual Desktop. With this feature, you can start managing Virtual Desktop environment, which was introduced in previous release of CCS. The current abilities in Profiles -> Containment-> Virtual Desktop are:
    • Password Protection. If enabled, password protection locks end-users in the virtual environment to stop them switching back to the host.
    • Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.
    • Automatically reset Virtual Desktop on session termination. This setting is enabled by default and provides privacy for the user by automatically vanishing all the data and changes made in Virtual Desktop.

Improvements

● Added WerFault.exe to “Windows system applications” default file group. This legitimate files used for Windows error reporting is added to the file group in order to be excluded from security policies in CCS.

Remote Tools

New Features

You’ll now have access to folder support via File Explorer :

  • Download single folder from the endpoint
  • Uploading single or multiple folders to the endpoint.

Remote Control

New Features 

File Transfer via Remote Control Application

Long waited File Transfer via Remote Control Application will be available with the April release!

  • You can now transfer files through the Remote Control Windows Application. Just go to device list and initiate your session!
  • You can initiate File Transfer sessions through Endpoint Manager (if you prefer in-portal transfers, we suggest you to use File Explorer under Remote Tools)
  • You can run File Transfer simultaneously when you are in a Remote Control session.
  • You’ll be able to queue to be transfered files, start and stop the transfers through the queue pane
  • You can create, rename, delete folders on the remote device (as well as on your device)
  • You can rename and delete files on the remote device (as well as on your device)

What is next for File Transfer?

  • Role based Access Scope, Device Profile Settings, Audit Logs are coming soon.
  • In session File Transfer via drag & drop and triggering File Transfer via the viewer’s action toolbar are coming soon as well!

Remote Monitoring and Management

New Features

  • Create Discovery Widget
    • You will be able to create network discoveries even easier with two steps with necessary information, while creation process.Here is the wiki of this feature.
  • Schedule Discoveries
    • Network discoveries can now be scheduled daily, weekly or monthly. You can set schedules for different time periods.Here is the wiki of this feature.
  • Device View for Discovered Devices
    • You can now view summary and network details of a discovered device by clicking device name inside discovered devices list.
  • Device Type
    • Devices can be differentiated by type from now on. There will be “Device Type” in Device List and Discovered Devices List. Each Type of device will be represented in different icon. You will be able to easily change the type of a device manually.
    • Available Device Types are:
      • Router
      • Printer
      • UPS
      • Switch
      • Load Balancer
      • Firewall
      • Workstation
      • Server
      • Mobile
      • Other
      • Unknown
      Here is the wiki of this feature.
  • Passing Parameters for Auto Remediation
    • You will also be able to use procedures with parameters in auto remediation section while creating a monitor.

Improvements

  • Procedure Logs
    • Procedure Log Statuses are now colored for better traceability.

ITarian – IT Operation Platform February Release (2019-02-16)

Endpoint Manager

Endpoint Manager Core

New Features

  • TLS 1.2 Upgrade

To comply with the best industry security practices, we are upgrading the protocol used in our communication client (CC) to Transport Layer Security (TLS) 1.2

You will need to make sure that the version of CC on your Windows (XP, 2003 Server, 7 and 2008 Server) devices is version 6.16.10680.18030 or higher before 07-01-2019 (July 1st 2019).

Here is the wiki of this feature.              

Improvements

  • Logged in User
    Added the ability to see the user logged into a device in the ‘Device List’. You can search, sort and filter according to this new field.

Bug Fixes

  • Fixed the issue of upgrade button under license options section.
  • Fixed the issue of phone numbers under support section for ITarian and Comodo ONE
  • Fixed the issue of delayed application of profile settings to devices.
  • Fixed the issue of role management for editing device name.
  • Fixed the issue of high CPU usage for communication client.
  • Fixed the issue of communication client proxy settings with symbol ‘\’.
  • Fixed the issue of notifications which cannot be removed for Android devices.
  • Fixed the issue of grey screen in Kiosk mode for Android devices.

Security

New Features

●     Improved heuristic analysis and embedded code detection settings.

With this feature, interpreter interactions with suspicious autoruns items can be configured separately for each interpreter type. This means even better protection against malicious code triggered by Windows start-up and auto-run items. You can configure the feature in the new ‘Script Analysis’ section in Profiles.

Improvements

●New ‘Script Analysis’ section. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ have been moved to the new script analysis section in a profile. This provides more granular management of security components.

  • General Settings. You can enable or disable the ‘Runtime Detection’ feature from this tab, and also limit the size of scripts which should be analyzed.
  • Runtime Detection. ‘Heuristic Command Line Analysis’ and ‘Embedded Code Detection’ settings have been moved to this section.
  • Autoruns Scan. Interpreter configuration for scanning/monitoring autorun items can be done from this section.

●Valkyrie details about a file can now be viewed in the ‘Security Dashboards’ area. Simply select a file in the security dashboards screens and click ‘Valkyrie details’.

●Download Valkyrie reports from the security dashboard. Simply select a file in the security dashboard and click ‘Valkyrie Report’ to view granular information about the file.

●Added a ‘Show ignored containment events’ filter in to the security dashboard. In ‘Event View’, you can now show all ignored containment events. We think you’ll find this addition useful, but please note that we disabled the new filter by default. This is a practical move to highlight more important activities and lessen the potential noise created by multiple ignore events.

Remote Tools

New Features

New additions to file explorer functionality. We know you’ve been looking for these and we’re excited to deliver!

  • Upload files of any format to remote endpoints from your admin device (50MB file size limit). Folder and multi-file support coming soon. Here is the wiki for this feature
  • New remote folder operations:
    • Create folders
    • Rename folders & files
    • Delete folders & files Here is the wiki for this feature

You can enable or disable folder operations for specific staff by configuring the user role (‘Users’ > ‘Role Management’).

Improvements

  • More informative error messages in the file explorer interface allow you to troubleshoot and react to issues faster.
  • Moved the info box that appears on an endpoint during remote connections to the bottom left corner of the screen. We expect this repositioning will improve user experience by freeing up desktop space.

Remote Control

Bug Fixes

  • On some MAC endpoints, crashes observed and this caused connection initiation. The issue was identified and is fixed.

Remote Monitoring and Management

New Features

Network Management

We are proud to announce the addition of a brand new section for network management. The first feature in the new section is ‘Network Discovery’, and we’ll be adding many more network capabilities in upcoming releases.

Network Discovery:

●     Discover devices from the probe device you select

●     Add new IP ranges for discovery

●     Add exclusions for IP ranges

●     Set SNMP v1.2 to discover network devices

●     Get alerts and logs when items are discovered

●     Easily view discovered devices in ‘Device List’ > ‘Discovered Devices’.

Here is the wiki of this feature.

Improvements

  • Custom scripts failures for monitoring
    With this release, custom scripts monitors could be setup by ability to select the trigger for script failures.

Bug Fixes

  • Fixed the issue of high CPU consumption of monitors.
  • Fixed the issue of repeating service crash of monitors for some customers.

Patch Management

Bug Fixes

  • Software inventory was not showing the list of softwares and third party applications of patch management. This is fixed.

Comodo Client Security  

Windows

New Features

  • Prevent registry keys from being read by contained applications. You can now stop the virtualization of specific registry keys by the containment module. This will prevent unknown applications from reading potentially sensitive data held in those keys (write access is already disabled by default). You can access the setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Protected Objects’
  • Option to disable real time scans on network items. Real time virus scans are now optional for items on shared network directories. This will improve system performance because, if an endpoint does not have the rights to delete or quarantine items in shared folders anyway, there is less reason to run real time scans on them. Network files that are copied to the endpoint will, of course, still be scanned and handled locally.
  • Antimalware Scan Interface (AMSI) Integration. CCS now provides even better malware protection via our integration with Microsoft AMSI. This means deeper software scans and stronger protection for your endpoints. The option is disabled by default, but can be enabled in ‘Advanced Settings’ > ‘AV Settings’ > ‘Real time scan’.
  • Virtual Desktop. With this brand new component, you can virtualize your entire desktop and perform all tasks within a fully virtual environment. Everything!! Applications running in the virtual desktop are isolated from the rest of the endpoint,   write to a virtual file system, and cannot access personal data. This makes it ideal for surfing the net without risk and even for testing out beta/unstable software. You can save any data you wish to keep to a special folder called ‘Shared Space’, which the host system can also access. You can launch the virtual desktop from CCS at Containment Tasks > Run Virtual Desktop. Go ahead and try it!

Admins can also set the following items for the virtual desktop:

  • Password Protection. If enabled, password protection locks end-users in the virtual environment to stop them switching back to the host.
  • Launch Virtual Desktop upon user login. Starts the virtual desktop automatically as soon as the endpoint is booted. Enable this setting in CCS at ‘Advanced Settings’ > ‘Containment’ > ‘Virtual Desktop’.

Improvements

●      ‘Protected Objects’ are now under containment settings. ‘Protected Data’ and ‘Protected Keys’ have been moved to ‘Advanced Settings’ > ‘Containment’. This improves UI consistency by grouping these two items with related features and settings.

Bug Fixes

  • The issue with firewall driver that causes connection problems is fixed.
  • The issue with CCS Task Logs which was caused by spontaneous reboots during AV scans is fixed.
  • The issue with applying profiles to CCS is fixed.
  • The functionality issue with “jump folder” in scan window is fixed
  • The issues that caused performance problems are fixed.

Linux

New Features

  • TLS 1.2 Upgrade

To comply with the best industry security practices, we are upgrading the protocol used in our security client to Transport Layer Security (TLS) 1.2.

Bug Fixes

  • The issue with restoring quarantined items is fixed.
  • The performance issue regarding to the compatibility with some specific browsers is fixed.

Portal

New Features

●     You can now login to your Comodo One or ITarian account from any login page in the US or EU. We will redirect you to the correct region based on your account.

Improvements:

●     It is now easier to remove plainPassword from the single sign-on (SSO) authentication process.

Bug Fixes

  • Grammar issue has been fixed on the report.

Service Desk

New Features

  • Added the ability to view device summaries direct from a ticket. Click on the device name in the ticket list or ticket detail and you can navigate to the device summary.
  • Alerts for ticket stage changes. From now on you can receive email notifications when staff escalate a ticket to the next stage.

Improvements

  • Reduced the amount of critical application errors
  • Performance of ticket list has been improved.
  • Weak password policy has been fixed.

Bug Fixes

  • Workflow related notifications were not being sent.It has been fixed.