What Is Endpoint Security?

Endpoint Security or Endpoint Protection focuses on protecting enterprise endpoints in a network when accessed through remote devices such as laptops or other wireless devices. A potential entry point for security threats is developed by every single device with a remote connecting to the network.

Free Trial
0/5 - 0 Votes
Endpoint Security

What is Endpoint Security?

Endpoint Security or Endpoint Protection is a centralized approach to protecting all endpoints - servers, desktops, laptops, smartphones, and other IoT devices - connected to the corporate IT network from cyber threats. This methodology enables efficient, effective, and easier endpoint security management. Some vendors offer Endpoint Security systems that includes antivirus, firewall, and other high-defined security software.

When any device-smartphone, laptop, tab, etc- is connected remotely to a network, the endpoint thus created would provide an entry point for threats and malware. Endpoint security management is all about adequately securing such endpoints and thereby securing a network by blocking access attempts and such risky activities at endpoints.

Endpoint security systems are a must in today's threat landscape. As more enterprises adopt practices like BYOD and also as incidences of mobile threats are consistently on the rise, endpoint security becomes highly relevant. Employees today connect to company networks using their laptops or mobile devices, from their homes, and also while on the move. In this scenario, when security perimeters tend to be undefinable and ever-shifting, a centralized security solution won't be adequate. It's here that security endpoints come in, supplementing centralized security measures with additional layers of protection at endpoints, which are not just entry points for threats and attacks, but points of egress for sensitive data (corporate and personal) as well.

Companies need to ensure that endpoint devices meet security standards; this has to be ascertained before such devices are granted network access. Endpoint security helps enterprises maintain greater control over all access points and also helps block threats and access attempts effectively. Security endpoint tools also help monitor for, detect and block malicious activities.

Endpoint security systems typically consist of centrally located security software (which is located on a centrally managed server or gateway within the network) plus the client software that's installed on each endpoint or endpoint device.

Difference between Endpoint Security Software and Antivirus Software

It's to be understood that endpoint security software happens to be basically different from antivirus software. In the case of endpoint security software, it's not an individual device that's protected; it's the network as a whole that is secured. The endpoints or endpoint devices, on the other hand, bear some amount of responsibility for their own security as well. This means that even when there is endpoint protection software to safeguard a network, it's always necessary also to protect endpoint devices like laptops, smartphones, etc with endpoint security antivirus or antimalware tools. Comodo’s free endpoint antivirus software is capable of protecting your network with anti-spyware, anti-spam, and virus protection, which can lessen slowdowns of the system and offer customized options.

Endpoint Protection

How Does Endpoint Security Solutions work?

The Endpoint Security Solutions works on a client-server model. Within the network, there would be the endpoint security software, located on a centrally managed and accessible server or gateway. On each endpoint or endpoint device would be located the client software. The security software authenticates logins made from the endpoints and simultaneously updates client software when needed.

Endpoint Security software also works as a SaaS (Software-as-a-Service) model; here the security programs and the host server are both maintained remotely by the merchant.

Why Endpoint Protection is so important today

An endpoint is always a potential entry point for threats. Endpoint devices, including smartphones, laptops, tablets can be used by cybercriminals to attack networks with malware that could help them steal data from the network systems. Today, the risk is even bigger as enterprises all over the world adopt practices like BYOD (Bring Your Own Device) and personal devices- smartphones, tablets, etc- are connected to enterprise networks. Mobile threats have shown an increasing trend in recent times. People even connect to organizational networks using their home computers. In such a scenario endpoint security gains significance since it supplements centralized security solutions with additional security endpoint protection and prevents threats to secure the network. Endpoint devices would need to meet security standards before being granted network access; this would help prevent threats to a great extent. Endpoint security software also helps in monitoring endpoints and endpoint devices for risky and malicious activities. Comodo Endpoint Security Manager provides centralized management of Comodo's 7-layered security suite that is capable of proactively protecting endpoints and their applications against advanced threats and malware.

7-Layer Endpoint Security Platform

  • Containment with auto-sandboxing – All unrecognized processes and applications are auto-sandboxed to run in a restricted environment.
  • Web URL Filtering – Advanced interface to create rules as required – user-specific, sweeping, or as granular as desired.
  • Comodo Firewall – Offers high-level security against inbound and outbound threats, stealths computer's ports, manages network connections and blocks confidential data transmission by malicious software.
  • Antivirus – Features multiple technology-based automatic detection, cleansing, and quarantining of suspicious files to eliminate malware and viruses.
  • File Lookup Services (FLS) – Cloud-based instant analysis of unknown files that checks file reputation against Comodo's master whitelist and blacklists.
  • Host Intrusion Protection System (HIPS) – monitors important operating system activities to ensure protection against malware intrusion.
  • Viruscope (Behavior Analysis) – Behavior of all processes is monitored for potentially harmful action.

Comodo Advanced Endpoint Security software brings 7 layers of defense – antivirus, firewall, web URL filtering, host intrusion prevention, auto-sandbox (containment), file reputation, and viruscope (behavioral analysis) – together under a single offering for customers of all sizes, to protect them from both known and unknown threats.

Comodo ESM Checks All the Boxes…

Whether deployed as a complete security suite or by using the sandbox as a standalone to fortify existing AV solutions, the Advanced Endpoint Security software offers unrivaled endpoint protection for Microsoft Windows servers, desktops, laptops, and tablets.

The full Endpoint Security suite brings 7 layers of protection to the point of impact – the endpoint environment. Its disruptive auto-sandbox technology eliminates malware outbreaks and operating system contamination by automatically running untrusted/unknown processes in a virtual environment within the existing system and with low system usage requirements. This makes Comodo's enterprise endpoint security the only managed anti-malware solution that can offer a $5,000 limited warranty against infection.

The Advanced Endpoint Security dashboard gives administrators panoramic insight and control over all aspects of security endpoint protection and management. Its streamlined interface displays 14 critical metrics about each machine, facilitating rapid alerting and remediation of issues. Administrators can also terminate endpoint processes, stop or start services, uninstall applications and delete unwanted files - all without causing interference to the end-user.

Comodo Advanced Endpoint Security allows you to control and centrally manage security endpoint protection through the application of operational templates or policies. Any deviation from these policies causes Advanced Endpoint Security to automatically reapply the assigned policy or alert the administrator if it is unable to do so.

Comodo's advanced endpoint protection also provides administrators with the ability to centrally manage endpoint system resources. Administrators can define operational thresholds for CPU usage, RAM usage, network usage, and available storage. Should the thresholds be exceeded, Advanced Endpoint Security will alert the administrator through the dashboard and via email notification.

Additional policy configurations include power management such as screen-locking or drive-locking. Your Green initiatives are further enhanced through system-standby and system-hibernation scheduling. Comodo's endpoint protection also offers options for disabling USB mass-storage devices, optical devices, and even floppy drives. Click on the endpoint security download button and get Comodo’s free endpoint security trial today!


Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac, and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

1 Terms and conditions apply.


one of kind of technology More Control, Less Worry

One-of-a-kind containment technology automatically sandboxes unknown malware in a 'Virtual Desktop'.

Single point management of endpoints Manage with Ease

Single-point management of servers and endpoints - workstations, laptops, smartphones, and associated applications.

Engage in Best Practices in protecting endpoint Engage in Best Practices

Multiple technologies combining containment with auto-sandboxing, web URL filtering, antivirus, firewall, cloud-based FLS, process behavior analysis, and HIPS to protect each endpoint.

Centralized endpoint management Save Time

Centralized system management to monitor and control processes, services, and applications at endpoints.

simplified administration Simplify Administration

Easy administration through 'pull' and 'push' deployment.

Esm Feat Interact Remotely

Ability to communicate with remote endpoints and users to provide remote assistance.

Reduced Response Time Lower Response Time

Faster response time to new and emerging threats.

Easy Security Configuration Deepen Understanding

Definition of specific security configurations on the granular level for endpoints within and outside the VPN made possible by location-aware policies.

Wake-on-lane systems Go Green

Integrated power management through advanced Wake-on-LAN-enabled systems.

Easy Endpoint Installation Keep System Requirements Low

Low system requirements allow installation of the product even on non-dedicated Windows servers and Pcs.

GUI Based Endpoint Security Settings Gain Insights

At-a-glance snapshot of security settings through an intuitive graphical user interface.


"Our paramount concern had been how we prepare for the unknown and how we ensure the protection of our endpoints. Comodo came in and solved our concerns with the most advanced threat containment technology I have ever seen."

Bolmet SA

Mr. Michal Zientara, IT Manager, BOLMET SA

Read the full case study with Bolmet here:

Christian Motorcyclists Association

"Before Comodo, we were going through what seemed to be daily malware fixes and problems. Since Comodo, we've had zero malware or spyware issues. We don't fear that unknown, zero-day threat because we know the Comodo Advanced Endpoint Protection suite can handle anything the cybercriminals try and throw at it."

Christian Motorcyclists Association

Mr. Clint Davis, IT Manager, Christian Motorcyclists Association.

Read the full case study with Christian Motorcyclists Association here:

City of Danville

"We selected Comodo and its Advanced Endpoint Protection solution because it clearly addresses the problem of malware and cyber-attacks through a unique containment technology. Also, its prevention philosophy is different from anything else in the market today."

City of Danville

Agnel DSilva, Information Technology Administrator for the City of Danville

Read the full case study on the City of Danville, Illinois at

City of Thousand Oaks

"Comodo Advanced Endpoint Protection gives us a streamlined dashboard where we can manage our endpoints, keep them secure, and perform installations and updates to our technology—with zero interruptions to our users."

City of Thousand Oaks, California

Mr. Dustin Hurshman, IT Analyst, the City of Thousand Oaks.

Read the full case study on the City of Thousand Oaks, California at

CMNetworx Computer Services

"Comodo's technology has the ability to automatically contain any file that might be harmful or cause disruption to us – and contain that file automatically. There is so much malware and spam in the world today, I need to be sure that I'm using the very best technology that can automatically contain and control these threats and never have them negatively impact my IT environment. Comodo technology contains all threats – known and unknown – and keeps my IT environment secure."

CMNetworx Computer Services

Mr. Kris Wolf, CEO, and Owner, CMNetworx Computer Services

Read the full case study with CMNetworx here:

Community Action Committee

"We ran multiple tests and benchmarks of putting Comodo, Symantec, and other anti-virus technologies against one other to simply pick out who would perform best. When we tested the Comodo endpoint security product, it detected viruses and malware that none of the other competing products detected. It was right then and there that we knew Comodo's technology had to be the new solution for us to protect our critical data."

Community Action Committee of Pike County

Mr. Matthew Dill, IT Coordinator, Community Action Committee of Pike County

Read the full case study with Community Action Committee here:

eWinery Solutions

"For more than a year, we have been using Comodo ESM and we've never had an issue related to malware or spyware penetrating our IT environment. The Comodo ESM solution contains any outside threats and keeps them away from our critical infrastructure, while at the same time giving our IT team tremendous insight, freedom, and flexibility to configure the solution in the most optimal way for us. It's a win-win security solution for us and we are proud to use Comodo."

eWinery Solutions

Mr. Joe Eaton, Technical Systems Manager, eWinery Solutions

Read the full eWinery Solutions case study here:

HRI Properties

"The Comodo Advanced Endpoint Protection console is a valuable source for information on all of our endpoints, providing a snapshot of resource utilization, event log entries, and overall protection strategy. We can't imagine using any other security software other than Comodo to protect our endpoints."

HRI Properties

Mr. Wayne Clement, Jr., IT Security Analyst, HRI Properties

Read the full case study with HRI Properties here:

Licking School District

"The key with Comodo's ESM solution is that its unique containment technology truly protects our endpoints from any outside threat to our IT system – regardless of what that threat might be. We are protected and safe and able to run applications freely in a contained, controlled, and safe environment – with zero interruption to our users."

Licking School District in Texas County, Missouri

Mr. Michael Allen, Technology Director, Licking School District in Texas County, Missouri

Read the full case study with Licking School District here:

Mid-South Steel

"For the past year, Comodo ESM has contained our network from the possibility of any known or unknown threats from penetrating our IT environment. It keeps our critical information intact and protects us from malware and spyware – with no interruption to any of our users"

Mid-South Steel Products

Sonny Underwood, IT Director, Mid-South Steel Products, Inc.

Read the full case study with Mid-South Steel Products, Inc. at

Perry Community School District

"We are thrilled with the endpoint security protection suite that Comodo provided for our IT environment. Comodo Endpoint Security Management gives us peace of mind, where our students can freely take advantage of all the great technology we have in place to share and exchange information to improve themselves as students. Because we are now using Comodo and its containment technology, we are not at risk to have any of our school or student data exposed to cyber attacks, and that makes me and my team sleep easier at night."

Perry School

Mr. Rich Nichols, Director of Technology, Perry Community School District

Read the full case study with Perry Community School District here:

Proactive Remote Computer Solutions

"The unique containment technology that makes up the foundation of Comodo Advanced Endpoint Protection is completely different than anything in the market today – focusing on prevention, not detection – and that's what sets it apart. Also, the ESM dashboard allows for panoramic insight and control over all aspects of endpoint protection for both me and my customers – saving me time, money, and resources – without sacrificing features or security protection."

Mr. Chad Barnard, CEO, Proactive Remote Computer Solutions

Read the full case study with PRCS here: https://www.comodo.com/case-study/proactive-remote-computer-solutions/

Rahr Malting Company

"As a company that works across a global network, we have hundreds of endpoints in various forms, all of which could be at risk for a virus or rogue malware. We have been thrilled with how Comodo Advanced Endpoint Protection fits into our IT environment."

Rahr Malting Company

Mr. Josh Vogel, Manager of Network Administration, Rahr Malting Company

Read the full case study with Rahr Malting Company here:

Scheurich GmbH & Co.KG

"We have been thrilled with the partnership with Dr. Deutsch GmbH as well as with Comodo's endpoint security technology because it protects our IT environment from both known – and unknown threats. Comodo's containment technology is like a fortress for our IT environment – keeping the bad and unknown files away from our endpoints, while at the same time allowing all of our good files to be fully accessed by our employees and not impacting productivity."


Mr. Joerg Chemii, IT Manager for Scheurich GmbH & Co.KG

Read the full case study with Scheurich at:

Southlands English School

"We've been running Comodo Advanced Endpoint Protection for over a year now and we have never encountered a security or malware issue. Comodo's automatic containment technology—which clearly separates Comodo from all other products – keeps our endpoints secure. The fact that my IT system can automatically contain a piece of malware gives me peace of mind. Every enterprise should use Comodo ESM if they want to protect themselves from unknown malware."

Southlands English School

Mr. Luca Iacono, Technology Officer, Southlands English School

Read the full case study with Southlands English School here:


What protection does Endpoint Security offer?

Comodo Endpoint Security offers 360° protection against internal and external threats by consolidating multiple, cutting edge security technologies in a single, easily installed solution. These include:

Why endpoint security is important?

  • Comodo's powerful antivirus and award-winning firewall solutions
  • Comodo's innovative Host Intrusion Prevention System prohibits untrusted executables from tampering with other processes and files
  • Auto-Sandbox™ technology which automatically runs untrusted applications in a contained, isolated environment so they cannot damage the underlying operating system or access user files
  • Integrated 'File Reputation' system uses behavior analysis to help determine the trustworthiness of unrecognized files - all without interrupting the end-user

Comodo is so confident that we can protect endpoints against infection that we are the only vendor to offer a $5,000 Limited Virus-Free Warranty 1

How much system resource is consumed on the endpoint?

On idle, the entire 5-in-1 suite only consumes 7.5MB RAM and doesn’t register any CPU usage in Windows Task Manager.

How do I manage endpoints using Comodo Endpoint Security Protection?

The endpoint can be administered via a list, tile, or panoramic display interface.

Can the management server be run from a virtual server?


Can I manage virtual machines?

Yes. ESM can manage full virtualized machines or virtual machines cloned from templates (requires sys prep utility to be run on the master template first).

Where do I deploy the endpoint protection server?

The endpoint protection server can be installed on any supported Microsoft Windows operating systems running on a private cloud server, public cloud server, or on-premises server.

I manage endpoints in multiple locations, how do I use Comodo ESM?

You can manage all your endpoints from a single endpoint protection server. Alternatively, you can use Comodo ESM 'Dependent Servers' function so that each site has its own endpoint protection server which you can control from an upstream endpoint protection server.

How do I deploy to my endpoints?

Comodo ESM will auto-discover any endpoints in your Active Directory/LDAP containers. Alternatively, you can use the wizards to 'push' the ESM agents to the systems you want to be managed. You can 'push' deploy to Active Directory OUs, Microsoft workgroups, single IP addresses, or an IP address range. You can also download and save the Windows, Mac, or Linux management agents to a shared folder, then use login scripts or Group Policy to 'pull' deploy to your systems.

Is alerting/reporting done on a schedule?

No. Comodo's endpoint protection software solutions alerting takes place in real-time.

How do I know when something is wrong?

There are several ways that ESM alerts an administrator.

  • The endpoints tile icon will change color to indicate an infection has been found, the signature database is out of date, the endpoint is not policy compliant or system resource usage has exceeded pre-defined thresholds.
  • The numbers in the information bar's heads-up display will increase.
  • Comodo Advanced Endpoint Security software will send you a notification email for any event that you specify.

How are virus database updates received and how are they pushed out?

Virus database updates aren't pushed; instead, they are pulled by the endpoint according to the schedule you have set for them. Updates can be received from the Internet or from the ESM server acting as a caching proxy. You can choose to use either (or both) as part of the post-deployment policy configuration. Administrators can also update selected endpoints using the 'Update' button in the administrative interface or on the endpoint's 'Properties' tab.

Can I enable and disable individual components?

Yes. You can choose which components to install (AV/Firewall/Sandbox) during the initial setup or you may re-configure the components at any time thereafter.

Can I configure Advanced Endpoint Security to use an existing database server?

Yes. Comodo's endpoint security protection software can use its embedded Microsoft SQL Express 2012 edition or can be configured to use an existing instance of Microsoft SQL 2005 or later (Express, Standard, or Enterprise).

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac, and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

System Requirements

Endpoint Protection Central Service computer - The host running the Advanced Endpoint Security Server software

Hardware requirements

  • Dual-Core 1.8 GHz processor or better
  • 2 GB RAM (4GB recommended)
  • 15 GB free disk space if using SQL Express 2008/2012

Software requirements

  Operating system

   a) Microsoft Windows Server family:

  • Windows 2003 Server (SP2 or higher) x86 and x64 editions
  • Windows 2003 Small Business Server
  • Windows 2003 Small Business Server R2
  • Windows 2008 Server (SP2 or higher) x86 and x64 editions
  • Windows 2008 Small Business Server
  • Windows 2008 Server R2
  • Windows 2011 Small Business Server
  • Windows 2012 Server

  b) Microsoft Windows client family:

  • Windows Vista (SP1 or higher) x86 and x64 editions
  • Windows 7 x86 and x64 editions
  • Windows 8 x86 and x64 editions

Other supporting software (will be installed automatically if not present)

  • Microsoft .NET Framework 4.0
  • Microsoft ReportViewer 2010 SP1
  • Microsoft SQL Server 2012 Express LocalDB

Endpoint Protection Administrative Console computer - The computer that will run the management interface (this computer may also be the Central Service PC)

Hardware requirements

Sufficient to run any of the browsers listed below.

  • Microsoft Internet Explorer 10.0 or higher
  • Mozilla Firefox 21.0 or higher
  • Google Chrome 27.0 or higher
  • Comodo Dragon 27.0 or higher
  • Opera 12.x or higher
  • Safari 5 or higher
  • Maxthon Cloud Browser 4.x or higher

Other supporting software (will be installed automatically if not present)

  • Microsoft Silverlight 5.1


  • Minimum 1024x768 display with windowed browser
  • Optional touch capable display interface and operating system

Comodo ESM Endpoints - Managed endpoints that will run Comodo Endpoint Security/Comodo Antivirus for Servers and host the endpoint protection agent

Hardware requirements

  • 1.2 GHz processor or better
  • 512 MB RAM (1GB recommended)
  • 420 MB free hard drive space

Software requirements

  Operating system

  a) Microsoft Windows client family:

  • Windows XP (SP3 or higher) x86
  • Windows Vista (SP1 or higher) x86 and x64 editions
  • Windows 7 x86 and x64 editions
  • Windows 8 x86 and x64 editions

  b) Microsoft Windows server family:

  • Windows 2003 Server (SP2 or higher) x86 and x64 editions
  • Windows 2003 Small Business Server
  • Windows 2003 Small Business Server R2
  • Windows 2008 Server (SP2 or higher) x86 and x64 editions
  • Windows 2008 Small Business Server
  • Windows 2008 Server R2
  • Windows 2011 Small Business Server
  • Windows 2012 Server

  c) Apple Mac OS X® client family:

  • Mac OS X 10.10
  • Mac OS X 10.6.8

  d) Debian Linux .deb family:

  • Debian x86 and x64 editions
  • Ubuntu x86 and x64 editions

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac, and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Licensing & Pricing

Comodo Advanced Endpoint Security licenses are offered in 3 ways:

Free Trials

Basic Subscription

Premium subscription

For questions, demos, quotations, or additional information please click here to contact us

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac, and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.