Comodo Endpoint Security

The only endpoint security solution that uses proprietary hour - zero containment technology to render malware useless at the endpoint without compromising performance or productivity.

Our Awards and Recognition

Named Best in Ransomware Protection in 2018

Named Top Product for Endpoint Protection

Named APT Software of the year 2017

Named Best Anti-Malware solution of the year 2016

Comodo Endpoint Security

What is Endpoint Security ?

Endpoint Security or Endpoint Protection is a centralized approach to protecting all endpoints - servers, desktops, laptops, smartphones and other IoT devices - connected to the corporate IT network from cyber threats. This methodology enables efficient, effective and easier security management. Some vendors offer Endpoint Security systems that includes antivirus, firewall and other high defined security software.

When any device-smartphone, laptop, tab etc- is connected remotely to a network, the endpoint thus created would provide an entry point for threats and malware. Endpoint security management is all about adequately securing such endpoints and thereby securing a network by blocking access attempts and such risky activities at endpoints. Endpoint security systems are a must in today's threat landscape. As more enterprises adopt practices like BYOD and also as incidences of mobile threats are consistently on the rise, endpoint security becomes highly relevant. Employees today connect to company networks using their laptops or mobile devices, from their homes and also while on the move. In this scenario, when security perimeters tend to be undefinable and ever-shifting, a centralized security solution won't be adequate. It's here that security endpoints come in, supplementing centralized security measures with additional layers of protection at endpoints, which are not just entry points for threats and attacks, but points of egress for sensitive data (corporate and personal) as well.
Companies need to ensure that endpoint devices meet security standards; this has to be ascertained before such devices are granted network access. Endpoint security helps enterprises maintain greater control over all access points and also helps block threats and access attempts effectively. Security endpoint tools also help monitor for, detect and block malicious activities.
Endpoint security systems typically consist of a centrally located security software (which is located on a centrally managed server or gateway within the network) plus the client software that's installed on each endpoint or endpoint device.

What is the difference between Endpoint Security and Antivirus Software?

It's to be understood that endpoint security software happens to be basically different from the antivirus software. In the case of endpoint security software, it's not an individual device that's protected; it's the network as a whole that is secured. The endpoints or endpoint devices, on the other hand, bear some amount of responsibility for their own security as well. This means that even when there is an endpoint protection software to safeguard a network, it's always necessary also to protect endpoint devices like laptops, smartphones etc with endpoint security antivirus or antimalware tools. Comodo’s free endpoint antivirus software is capable of protecting your network with anti-spyware, anti-spam, and virus protection, which can lessen slowdowns of the system and offer customized options.

How Does Endpoint Security Solutions work?

The Endpoint Security Solutions works on a client-server model. Within the network there would be the endpoint security software, located on a centrally managed and accessible server or gateway. On each endpoint or endpoint device would be located the client software. The security software authenticates logins made from the endpoints and simultaneously updates client software when needed.

Endpoint Security software also works as a SaaS (Software-as-a-Service) model; here the security programs and the host server are both maintained remotely by the merchant.

Why Endpoint Protection is so important today

An endpoint is always a potential entry point for threats. Endpoint devices, including smartphones, laptops, tablets can be used by cyber criminals to attack networks with malware that could help them steal data from the network systems. Today, the risk is even bigger as enterprises all over the world adopt practices like BYOD (Bring Your Own Device) and personal devices- smartphones, tablets etc- are connected to enterprise networks. Mobile threats have shown an increasing trend in recent times. People even connect to organizational networks using their home computer. In such a scenario endpoint security gains significance since it supplements centralized security solutions with additional security endpoint protection and prevents threats to secure the network. Endpoint devices would need to meet security standards before being granted network access; this would help prevent threats to a great extent. Endpoint security software also helps in monitoring endpoints and endpoint devices for risky and malicious activities. Comodo Endpoint Security Manager provides centralized management of Comodo's 7-layered security suite that is capable of proactively protecting endpoints and their applications against advanced threats and malware.

Billion Files Contained
Without Infection
Business Clients Trusted By
Comodo Brand
7 - Layer
Endpoint Security Platform

Comodo Advanced Endpoint Security software brings 7 layers of defense – antivirus, firewall, web URL filtering, host intrusion prevention, auto-sandbox (containment), file reputation and viruscope (behavioral analysis) – together under a single offering for customers of all sizes, to protect them from both known and unknown threats.

All unrecognized processes and applications are auto-sandboxed to run in a restricted environment.
Advanced interface to create rules as required – user-specific, sweeping, or as granular as desired.
Offers high-level security against inbound and outbound threats, stealths computer's ports, manages network connections, and blocks confidential data transmission by malicious software.
Features multiple technology-based automatic detection, cleansing and quarantining of suspicious files to eliminate malware and viruses.
Cloud-based instant analysis of unknown files that checks file reputation against Comodo's master whitelist and blacklists.
Monitors important operating system activities to ensure protection against malware intrusion.
Behavior of all processes are monitored for potential harmful action.

Comodo ESM Checks All the Boxes…

Whether deployed as a complete security suite or by using the sandbox as a standalone to fortify existing AV solutions, the Advanced Endpoint Security software offers unrivalled endpoint protection for Microsoft Windows servers, desktops, laptops and tablets.

The full Endpoint Security suite brings 7 layers of protection to the point of impact – the endpoint environment. Its disruptive auto-sandbox technology eliminates malware outbreaks and operating system contamination by automatically running untrusted/unknown process in a virtual environment within the existing system and with low system usage requirements. This makes Comodo's enterprise endpoint security the only managed anti-malware solution that can offer a $5,000 limited warranty against infection.

The Advanced Endpoint Security dashboard gives administrators panoramic insight and control over all aspects of security endpoint protection and management. Its streamlined interface displays 14 critical metrics about each machine, facilitating rapid alerting and remediation of issues. Administrators can also terminate endpoint processes, stop or start services, uninstall applications and delete unwanted files - all without causing interference to the end-user.

Comodo Advanced Endpoint Security allows you to control and centrally manage security endpoint protection through the application of operational templates or policies. Any deviation from these policies causes the Advanced Endpoint Security to automatically reapply the assigned policy or alert the administrator if it is unable to do so.

Comodo's advanced endpoint protection also provides administrators with the ability to centrally manage endpoint system resources. Administrators can define operational thresholds for CPU usage, RAM usage, network usage and available storage. Should the thresholds be exceeded, the Advanced Endpoint Security will alert the administrator through the dashboard and via email notification.

Additional policy configurations include power management such as screen-locking or drive-locking. Your Green initiatives are further enhanced through system-standby and system-hibernation scheduling. Comodo's endpoint protection also offers options for disabling USB mass-storage devices, optical devices and even floppy drives. Click on the endpoint security download button and get Comodo’s free endpoint security trial today!

What Our Customers Are Saying?

Comodo Endpoint Security

More Control, Less Worry
One-of-a-kind containment technology automatically sandboxes unknown malware in a 'Virtual Desktop'.

Manage with Ease
Single-point management of servers and endpoints - workstations, laptops, smartphones and associated applications.

Save Time
Centralized system management to monitor and control processes, services and applications at endpoints.

Lower Response Time
Faster response time to new and emerging threats.

Simplify Administration
Easy administration through 'pull' and 'push' deployment.

Interact Remotely
Ability to communicate with remote endpoints and users to provide remote assistance.

Gain Insights
At-a-glance snapshot of security settings through intuitive graphical user interface.

Keep System
Requirements Low

Low system requirements allows installation of the product even on non-dedicated Windows servers and Pcs.

Go Green
Integrated power management through advanced Wake-on-LAN enabled systems.

Deepen Understanding
Definition of specific security configurations on the granular-level for endpoints within and outside the VPN made possible by location-aware policies.

Engage in Best Practices
Multiple technologies combining containment with auto-sandboxing, web URL filtering, antivirus, firewall, cloud-based FLS, process behavior analysis and HIPS to protect each endpoint.

Frequently Asked Questions (FAQs)

Comodo Endpoint Security offers 360° protection against internal and external threats by consolidating multiple, cutting edge security technologies in a single, easily installed solution. These include:

  • Comodo's powerful antivirus and award-winning firewall solutions
  • Comodo's innovative Host Intrusion Prevention System which prohibits untrusted executables from tampering with other processes and files
  • Auto-Sandbox™ technology which automatically runs untrusted applications in a contained, isolated environment so they cannot damage the underlying operating system or access user files
  • Integrated 'File Reputation' system uses behavior analysis to help determine the trustworthiness of unrecognized files - all without interrupting the end-user

Comodo is so confident that we can protect endpoints against infection that we are the only vendor to offer a $5,000 Limited Virus-Free Warranty1

On idle, the entire 5-in-1 suite only consumes 7.5MB RAM and doesn’t register any CPU usage in Windows Task Manager.

Endpoint can be administered via a list, tile or panoramic display interfaces.


Yes. ESM can manage full virtualized machines or virtual machines cloned from templates (requires sys prep utility to be run on master template first).

The endpoint protection server can be installed on any supported Microsoft Windows operating systems running on a private cloud server, public cloud server or on-premises server.

You can manage all your endpoints from a single endpoint protection server. Alternatively, you can use Comodo ESM 'Dependent Servers' function so that each site has its own endpoint protection server which you can control from an upstream endpoint protection server.

Comodo ESM will auto-discover any endpoints in your Active Directory/LDAP containers. Alternatively, you can use the wizards to 'push' the ESM agents to the systems you want managed. You can 'push' deploy to Active Directory OUs, Microsoft workgroups, single IP addresses or an IP address range. You can also download and save the Windows, Mac or Linux management agents to a shared folder, then use login scripts or Group Policy to 'pull' deploy to your systems.

No. Comodo's endpoint protection alerting takes place in real-time.

There are several ways that ESM alerts an administrator.

  • The endpoints tile icon will change color to indicate an infection has been found, the signature database is out of date, the endpoint is not policy compliant or system resource usage has exceeded pre-defined thresholds.
  • The numbers in the information bar's heads-up display will increase.
  • Comodo Advanced Endpoint Security will send you a notification email for any event that you specify.

Virus database updates aren't pushed; instead they are pulled by the endpoint according to the schedule you have set for them. Updates can be received from the Internet or from the ESM server acting as a caching proxy. You can choose to use either (or both) as part of the post-deployment policy configuration. Administrators can also update selected endpoints using the 'Update' button in the administrative interface or on the endpoint's 'Properties' tab.

Yes. You can choose which components to install (AV/Firewall/Sandbox) during the initial setup or you may re-configure the components at any time thereafter.

Yes. Comodo's endpoint protection can use its embedded Microsoft SQL Express 2012 edition or can be configured to use an existing instance of Microsoft SQL 2005 or later (Express, Standard or Enterprise).

Contact Us to learn more
Please complete the below form and we will be in touch