System information

ManualsBrandsMcafee ManualsOtherQUICKCLEAN 3.0

Comodo Endpoint Security Manager - SME - Administrator Guide

• To start, click the 'computers' link from the top navigation followed by the 'group' tile. Select required computers, leave

policy as (Locally Configured), type a name for the group then finish.

• If you wish to create multiple groups, repeat the previous step until all computers have been assigned.

• See 'Creating Endpoint Groups' if you need help with this wizard. See 'The Computers area' for an overview of

functionality.

Step 6 - Import security policy from an endpoint and apply to groups

A policy is the security configuration of Comodo Internet Security (CIS) deployed on a group of endpoints. Each policy

determines the antivirus settings, Internet access rights, firewall traffic filtering rules, sandbox configuration and Defense+

application control settings for an endpoint. Policies are imported from already tested and configured endpoint machines then

applied to groups. In the previous step, you assigned computers into groups but left the policy as 'Locally Configured' - which

means remote management is effectively switched off (ESM will not enforce policy compliance and each endpoint in the group

will simply continue to use the CIS settings it is currently using).

The next tasks are to import a policy from a tested and configured endpoint, apply the policy to a group and (optionally), switch

on remote management for computers in that group.

• To set the parameters of a particular security policy, you need to place the endpoint in 'locally managed' mode by

selecting 'Manage Locally' in CIS settings on the endpoint itself - either by physically sitting at the machine or by a

remote connection. See How to Configure CIS Policies - An Introduction for general advice with this.

• Once you have set and tested the policy at the endpoint, you should return to the ESM console and prepare to import

this policy. Note - leave the endpoint in locally managed mode while doing this.

• At the console, click 'policies' then the 'create' tile to start the policy import and deployment wizard. Select 'A

Computer' as source type then choose the specific computer from which you want to import. Modify 'Settings' and

'Agent Settings' if required.

• For 'targets', choose which groups you want to apply the policy to and how you want it applied. 'for local policy' and 'for

Internet policy' are the policies to be used depending on whether the machine connects from inside or outside of the

VPN. Also, select 'Override individual computer's policy' to make sure this policy is applied correctly.

• Selecting 'Force target computers to be managed remotely upon policy assignment' means ESM will engage 'Remote

Mode' and thus enforce policy compliance on the selected endpoint. if the policy becomes altered, ESM will

automatically re-apply it. If not selected, the endpoints will remain in locally managed mode (although your policy will

still be applied, it could become changed over time at the local level).

• Finally, give the policy a name and description and select 'Apply policy after finish' to immediately implement. Do not

select this if you wish to deploy later.

Please see Policies - Key Concepts for more explanation of policies - including how to create, import, export and

deploy.

Step 7 – Viewing Active Reports™

The reports area contains a wealth of valuable information for administrators. Each report is an 'Active Report' that allows

admins to launch relevant tasks from within the report itself. Admins can also drill-down to individual endpoints from any report.

Reports can be exported, printed and cover the following categories:

• Computer Details

• CIS Configuration

• Computer Infections

• Quarantined Items

• Antivirus Updates

• CIS Log

• Policy Compliance

• Policy Delta

• Malware Statistics

• Top 10 Malware

Click here to read more about reports.