Endpoint Security

Know more about Endpoint Security Solution that delivers a multi-layered security platform for a complete endpoint protection against threats.

Endpoint Security

What is Endpoint Security?

Endpoint Security is a centralized approach to protecting all endpoints - servers, desktops, laptops, smartphones and other IoT devices - connected to the corporate IT network from cyber threats. This methodology enables efficient, effective and easier security management. Some vendors offers Endpoint Security system that includes antivirus, firewall and other high defined security software.

Endpoint Security Software is different from Antivirus software

It's to be understood that endpoint security software happens to be basically different from the antivirus software. In the case of endpoint security software, it's not an individual device that's protected; it's the network as a whole that is secured. The endpoints or endpoint devices, on the other hand, bear some amount of responsibility for their own security as well. This means that even when there is an endpoint protection software to safeguard a network, it's always necessary also to protect endpoint devices like laptops, smartphones etc with antivirus or antimalware tools.

How the Endpoint Security system works

The Endpoint Security system works on a client-server model. Within the network there would be the security software, located on a centrally managed and accessible server or gateway. On each endpoint or endpoint device would be located the client software. The security software authenticates logins made from the endpoints and simultaneously updates client software when needed.

Endpoint Security also works as a SaaS (Software-as-a-Service) model; here the security programs and the host server are both maintained remotely by the merchant.

Why Endpoint Security is so important today

An endpoint is always a potential entry point for threats. Endpoint devices, including smartphones, laptops, tablets can be used by cyber criminals to attack networks with malware that could help them steal data from the network systems. Today, the risk is even bigger as enterprises all over the world adopt practices like BYOD (Bring Your Own Device) and personal devices- smartphones, tablets etc- are connected to enterprise networks. Mobile threats have shown an increasing trend in recent times. People even connect to organizational networks using their home computer. In such a scenario endpoint security gains significance since it supplements centralized security solutions with additional protection and prevents threats to secure the network. Endpoint devices would need to meet security standards before being granted network access; this would help prevent threats to a great extent. Endpoint security software also helps in monitoring endpoints and endpoint devices for risky and malicious activities.

7-Layer Endpoint Security Platform

  • Containment with auto-sandboxing – All unrecognized processes and applications are auto-sandboxed to run in a restricted environment.
  • Web URL Filtering – Advanced interface to create rules as required – user-specific, sweeping, or as granular as desired.
  • Comodo Firewall – Offers high-level security against inbound and outbound threats, stealths computer's ports, manages network connections, and blocks confidential data transmission by malicious software.
  • Antivirus – Features multiple technology-based automatic detection, cleansing and quarantining of suspicious files to eliminate malware and viruses.
  • File Lookup Services (FLS) – Cloud-based instant analysis of unknown files that checks file reputation against Comodo's master whitelist and blacklists.
  • Host Intrusion Protection System (HIPS) – monitors important operating system activities to ensure protection against malware intrusion.
  • Viruscope (Behavior Analysis) – Behavior of all processes are monitored for potential harmful action.

Comodo Advanced Endpoint Security software brings 7 layers of defense – antivirus, firewall, web URL filtering, host intrusion prevention, auto-sandbox (containment), file reputation and viruscope (behavioral analysis) – together under a single offering for customers of all sizes, to protect them from both known and unknown threats.

Comodo ESM Checks All the Boxes…

Whether deployed as a complete security suite or by using the sandbox as a standalone to fortify existing AV solutions, the Advanced Endpoint Security offers unrivalled endpoint protection for Microsoft Windows servers, desktops, laptops and tablets.

The full Endpoint Security suite brings 7 layers of protection to the point of impact – the endpoint environment. Its disruptive auto-sandbox technology eliminates malware outbreaks and operating system contamination by automatically running untrusted/unknown process in a virtual environment within the existing system and with low system usage requirements. This makes Comodo's endpoint protection the only managed anti-malware solution that can offer a $5,000 limited warranty against infection.

The Advanced Endpoint Security dashboard gives administrators panoramic insight and control over all aspects of endpoint protection and management. Its streamlined interface displays 14 critical metrics about each machine, facilitating rapid alerting and remediation of issues. Administrators can also terminate endpoint processes, stop or start services, uninstall applications and delete unwanted files - all without causing interference to the end-user.

Comodo Advanced Endpoint Security allows you to control and centrally manage endpoint protection through the application of operational templates or policies. Any deviation from these policies causes the Advanced Endpoint Security to automatically reapply the assigned policy or alert the administrator if it is unable to do so.

Comodo's endpoint protection also provides administrators with the ability to centrally manage endpoint system resources. Administrators can define operational thresholds for CPU usage, RAM usage, network usage and available storage. Should the thresholds be exceeded, the Advanced Endpoint Security will alert the administrator through the dashboard and via email notification.

Additional policy configurations include power management such as screen-locking or drive-locking. Your Green initiatives are further enhanced through system-standby and system-hibernation scheduling. Comodo's endpoint protection also offers options for disabling USB mass-storage devices, optical devices and even floppy drives.

 

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

1 Terms and conditions apply.

Features

More Control, Less Worry

One-of-a-kind containment technology automatically sandboxes unknown malware in a 'Virtual Desktop'.

Manage with Ease

Single-point management of servers and endpoints - workstations, laptops, smartphones and associated applications.

Engage in Best Practices

Multiple technologies combining containment with auto-sandboxing, web URL filtering, antivirus, firewall, cloud-based FLS, process behavior analysis and HIPS to protect each endpoint.

Save Time

Centralized system management to monitor and control processes, services and applications at endpoints.

Simplify Administration

Easy administration through 'pull' and 'push' deployment.

Interact Remotely

Ability to communicate with remote endpoints and users to provide remote assistance.

Lower Response Time

Faster response time to new and emerging threats.

Deepen Understanding

Definition of specific security configurations on the granular-level for endpoints within and outside the VPN made possible by location-aware policies.

Go Green

Integrated power management through advanced Wake-on-LAN enabled systems.

Keep System Requirements Low

Low system requirements allows installation of the product even on non-dedicated Windows servers and Pcs.

Gain Insights

At-a-glance snapshot of security settings through intuitive graphical user interface.

What protection does Endpoint Security offer?

Comodo Endpoint Security offers 360° protection against internal and external threats by consolidating multiple, cutting edge security technologies in a single, easily installed solution. These include:

  • Comodo's powerful antivirus and award-winning firewall solutions
  • Comodo's innovative Host Intrusion Prevention System which prohibits untrusted executables from tampering with other processes and files
  • Auto-Sandbox™ technology which automatically runs untrusted applications in a contained, isolated environment so they cannot damage the underlying operating system or access user files
  • Integrated 'File Reputation' system uses behavior analysis to help determine the trustworthiness of unrecognized files - all without interrupting the end-user

Comodo is so confident that we can protect endpoints against infection that we are the only vendor to offer a $5,000 Limited Virus-Free Warranty 1

How much system resource is consumed on the endpoint?

On idle, the entire 5-in-1 suite only consumes 7.5MB RAM and doesn’t register any CPU usage in Windows Task Manager.

How do I manage endpoints using Comodo Endpoint Security?

Endpoint can be administered via a list, tile or panoramic display interfaces.

Can the management server be run from a virtual server?

Yes.

Can I manage virtual machines?

Yes. ESM can manage full virtualized machines or virtual machines cloned from templates (requires sys prep utility to be run on master template first).

Where do I deploy the endpoint protection server?

The endpoint protection server can be installed on any supported Microsoft Windows operating systems running on a private cloud server, public cloud server or on-premises server.

I manage endpoints in multiple locations, how do I use Comodo ESM?

You can manage all your endpoints from a single endpoint protection server. Alternatively, you can use Comodo ESM 'Dependent Servers' function so that each site has its own endpoint protection server which you can control from an upstream endpoint protection server.

How do I deploy to my endpoints?

Comodo ESM will auto-discover any endpoints in your Active Directory/LDAP containers. Alternatively, you can use the wizards to 'push' the ESM agents to the systems you want managed. You can 'push' deploy to Active Directory OUs, Microsoft workgroups, single IP addresses or an IP address range. You can also download and save the Windows, Mac or Linux management agents to a shared folder, then use login scripts or Group Policy to 'pull' deploy to your systems.

Is alerting/reporting done on a schedule?

No. Comodo's endpoint protection alerting takes place in real-time.

How do I know when something is wrong?

There are several ways that ESM alerts an administrator.

  • The endpoints tile icon will change color to indicate an infection has been found, the signature database is out of date, the endpoint is not policy compliant or system resource usage has exceeded pre-defined thresholds.
  • The numbers in the information bar's heads-up display will increase.
  • Comodo Advanced Endpoint Security will send you a notification email for any event that you specify.

How are virus database updates received and how are they pushed out?

Virus database updates aren't pushed; instead they are pulled by the endpoint according to the schedule you have set for them. Updates can be received from the Internet or from the ESM server acting as a caching proxy. You can choose to use either (or both) as part of the post-deployment policy configuration. Administrators can also update selected endpoints using the 'Update' button in the administrative interface or on the endpoint's 'Properties' tab.

Can I enable and disable individual components?

Yes. You can choose which components to install (AV/Firewall/Sandbox) during the initial setup or you may re-configure the components at any time thereafter.

Can I configure Advanced Endpoint Security to use an existing database server?

Yes. Comodo's endpoint protection can use its embedded Microsoft SQL Express 2012 edition or can be configured to use an existing instance of Microsoft SQL 2005 or later (Express, Standard or Enterprise).

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Was this answer helpful?
  • 0%
  • 25%
  • 50%
  • 75%
  • 100%

System Requirements

Endpoint Protection Central Service computer - The host running the Advanced Endpoint Security Server software

Hardware requirements

  • Dual-Core 1.8 GHz processor or better
  • 2 GB RAM (4GB recommended)
  • 15 GB free disk space if using SQL Express 2008/2012

Software requirements

  Operating system

   a) Microsoft Windows Server family:

  • Windows 2003 Server (SP2 or higher) x86 and x64 editions
  • Windows 2003 Small Business Server
  • Windows 2003 Small Business Server R2
  • Windows 2008 Server (SP2 or higher) x86 and x64 editions
  • Windows 2008 Small Business Server
  • Windows 2008 Server R2
  • Windows 2011 Small Business Server
  • Windows 2012 Server

  b) Microsoft Windows client family:

  • Windows Vista (SP1 or higher) x86 and x64 editions
  • Windows 7 x86 and x64 editions
  • Windows 8 x86 and x64 editions

Other supporting software (will be installed automatically if not present)

  • Microsoft .NET Framework 4.0
  • Microsoft ReportViewer 2010 SP1
  • Microsoft SQL Server 2012 Express LocalDB

Endpoint Protection Administrative Console computer - The computer that will run the management interface (this computer may also be the Central Service PC)

Hardware requirements

Sufficient to run any of the browsers listed below.

  • Microsoft Internet Explorer 10.0 or higher
  • Mozilla Firefox 21.0 or higher
  • Google Chrome 27.0 or higher
  • Comodo Dragon 27.0 or higher
  • Opera 12.x or higher
  • Safari 5 or higher
  • Maxthon Cloud Browser 4.x or higher

Other supporting software (will be installed automatically if not present)

  • Microsoft Silverlight 5.1

Display

  • Minimum 1024x768 display with windowed browser
  • Optional touch capable display interface and operating system

Comodo ESM Endpoints - Managed endpoints that will run Comodo Endpoint Security/Comodo Antivirus for Servers and host the endpoint protection agent

Hardware requirements

  • 1.2 GHz processor or better
  • 512 MB RAM (1GB recommended)
  • 420 MB free hard drive space

Software requirements

  Operating system

  a) Microsoft Windows client family:

  • Windows XP (SP3 or higher) x86
  • Windows Vista (SP1 or higher) x86 and x64 editions
  • Windows 7 x86 and x64 editions
  • Windows 8 x86 and x64 editions

  b) Microsoft Windows server family:

  • Windows 2003 Server (SP2 or higher) x86 and x64 editions
  • Windows 2003 Small Business Server
  • Windows 2003 Small Business Server R2
  • Windows 2008 Server (SP2 or higher) x86 and x64 editions
  • Windows 2008 Small Business Server
  • Windows 2008 Server R2
  • Windows 2011 Small Business Server
  • Windows 2012 Server

  c) Apple Mac OS X® client family:

  • Mac OS X 10.10
  • Mac OS X 10.6.8

  d) Debian Linux .deb family:

  • Debian x86 and x64 editions
  • Ubuntu x86 and x64 editions

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Licensing & Pricing

Comodo Advanced Endpoint Security licenses are offered in 3 ways:

Free Trials

Basic Subscription

Premium subscription

For questions, demos, quotations or additional information please click here to contact us


Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Apple, Mac and OS X are trademarks of Apple Inc., registered in the U.S. and other countries.
Comodo's endpoint protection is not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.