Manualshelf

System information

ManualsBrandsMcafee ManualsOtherQUICKCLEAN 3.0
121122123124125126127128129130
Comodo Endpoint Security Manager - SME - Administrator Guide
If you want remove a file from the list, select it and click the 'remove' button.
Click 'yes' to confirm removal of the selected file from the list.
Click the 'save' icon for any changes to the settings to take effect.
Trusted Vendors
In Comodo Internet Security, there are two basic methods in which an application can be treated as safe. Either it has to be part
of the ‘Safe List’ (of executables/software that is known to be safe) OR that application has to be signed by one of the vendors in
the 'Trusted Vendor List'.
A software application can be treated as a 'Trusted' one if it is published by a Trusted Software publisher/vendor. To ensure the
authenticity, the publisher/vendor digitally sign their software using a code signing certificate obtained from a Trusted Certificate
Authority (CA). Ensuring whether a software/application is signed by a vendor ensures that the software is trusted. Refer to the
Background details given below for more information.
Background
Many software vendors digitally sign their software with a code signing certificate. This practice helps end-users to verify:
Content Source: The software they are downloading and are about to install really comes from the publisher that
signed it.
Content Integrity: That the software they are downloading and are about to install has not be modified or corrupted
since it was signed.
In short, users benefit if software is digitally signed because they know who published the software and that the code hasn't
been tampered with - that are are downloading and installing the genuine software.
The 'Vendors' that digitally sign the software to attest to it's probity are the software publishers. These are the company names
you see listed in the first column in the graphic above.
However, companies can't just 'sign' their own software and expect it to be trusted. This is why each code signing certificate is
counter-signed by an organization called a 'Trusted Certificate Authority'. 'Comodo CA Limited' and 'Verisign' are two examples
of a Trusted CA's and are authorized to counter-sign 3rd party software. This counter-signature is critical to the trust process and
a Trusted CA only counter-signs a vendor's certificate after it has conducted detailed checks that the vendor is a legitimate
company.
If a file is signed by a Trusted Software Vendor and the user has enabled 'Trust Applications that are digitally signed by Trusted
Software Vendors' then it will be automatically trusted by Comodo Internet Security (if you would like to read more about code
signing certificates, see http://www.instantssl.com/code-signing/).
One way of telling whether an executable file has been digitally signed is checking the properties of the .exe file in question.
Browse to the folder containing the .exe file.
Right click on the .exe file.
Select 'Properties' from the menu.
Click the tab 'Digital Signatures (if there is no such tab then the software has not been signed).
This displays the name of the CA that signed the software.
Select the certificate and click the 'Details' button to view digital signature information. Click 'View Certificate' to inspect the
Endpoint Security Manager - SME Administrator Guide | © 2013 Comodo Security Solutions Inc. | All rights reserved 122