System information
Comodo Endpoint Security Manager - SME - Administrator Guide
To filter the results:
• Click the filter icon in any of the respective column header to search for a particular item
• Type or enter the filter criteria fully or partly or select and click 'Apply'
Only the entries that match the criteria will be displayed in the report.
• Click 'Reset' to display all the items
Downloading the Report
If the administrator had opted for generating a printable report file in step 4, the report can be downloaded by clicking the
Download icon at the bottom of the report page.
2.5.1.7. Policy Compliance Report
Each target computer in ESM can receive a security policy that dictates the security settings of each of the antivirus, firewall and
Defense+ components of CIS installed at the target computer. The CIS installation at the target endpoint will automatically be
configured as per the applied policy when CIS is in remote management mode.
If the end-user or the network administrator changes any of the security settings in their local installation of CIS by switching it to
local administration mode, the computer becomes 'non-compliant' with its designated (or 'applied') policy. If the computer is
switched back to remote management mode, its designated policy will be automatically reapplied at next polling time (as per the
agent settings made to the policy) and the computer's status will return to 'compliant'.
The target computer will be retained in Non-Compliant status under the following conditions:
• CIS on the target computer is maintained in local administration mode and settings were modified
• CIS on the target computer was switched to Remote Management mode but the policy has not yet been applied
because ESM has not yet polled the computer
The target computers applied with the 'Locally Configured' policy will always be retained in 'Compliant' status as ESM does not
enforce any policy compliance on to them. Also, 'Locally Configured' policy allows the user to change the CIS configuration
settings locally and stores the changes dynamically. If the target computer is switched back to Local Configuration policy from
any other ESM applied security policy, the last stored configuration is restored on to it.
Tip: To ensure a new configuration is applied permanently, leave the endpoint in local administration mode, import the
configuration as a new policy into ESM and apply it to the required target computer(s) (including the one from which the
settings are imported). See 'Creating a New Policy' for more details.
Administrators are advised to regularly check whether imported computers are compliant with their assigned policy. Non-
compliance can indicate changes in management mode and/or unauthorized changes to CIS security settings.
The Policy Compliance report provides a summary of the compliance of the target computers and details of computers which are
non-compliant to the policy.
To generate a Policy Compliance report, click the 'compliance' tile from the 'reports gallery' screen.
Endpoint Security Manager - SME Administrator Guide | © 2013 Comodo Security Solutions Inc. | All rights reserved 165