New Features
Truly Next Generation, Proactive Endpoint Security and Protection with Integrated System Resource Management, Monitoring & Remediation. Comodo Endpoint Security Manager (CESM) 3 Checks All the Boxes…
Unrivalled server, workstation, laptop and netbook protection is provided as standard through the combination of our unique Default Deny architecture and exclusive, patent pending Auto-Sandbox technology which allows malware to detonate in an isolated environment, eliminating the risk of Operating System contamination.
Being the only anti-malware solution that brings 5 layers of defense (Antivirus, Firewall, Host Intrusion Prevention, Auto-Sandbox & File Rating) to the point of impact, the desktop, Comodo can therefore be the only developer of an anti-malware solution that offers a $5,000* limited warranty against infection.
CESM3 is designed to centrally manage these defenses through the application of operational templates or policies which dictate an endpoints behavior and security stance. Any deviations from these policies causes CESM3 to automatically reapply the endpoint’s assigned policy or alert the administrator if it is unable to do so.
CESM3 further offers the administrator the ability to centrally manage endpoint system resources. The administrator can define operational thresholds for CPU usage, RAM usage, network usage and system-drive available storage. Should the thresholds be exceeded, CESM3 will alert the administrator through on-screen color changing icons and email notifications.
Additional policy configurations include power management such as screen-locking or drive-locking. Your Green initiatives are further enhanced through system standby and system hibernation scheduling. CESM3 also offers policy options for disabling USB devices, optical devices and even floppy disk drives with just a few clicks of the mouse.
Directly from the management console the administrator can form one-to-one secured VNC connections to LAN or WAN endpoints, move endpoints between organizational groups in real-time, apply new policies to individual or grouped endpoints in real-time, enforce full or quick AV scans or call up the endpoint’s properties displaying 34 detailed informational metrics.
This power is extended by delivering the ability to terminate undesired or suspicious processes running on an endpoint, as well as stop (or start) services, uninstall undesired applications installed on that endpoint and delete unwanted stand-alone files, all of which is done without causing any interference to the end-user. The administrator can then summon a list of all processes, services and installed applications across the entire managed site. Undesired processes or services can be terminated across all affected endpoints or unwanted applications can be simultaneously uninstalled from all endpoints on which the application is resident.
This results in enhanced system security, improved system performance, more efficient energy usage and less administrative overhead — resulting in potential savings of thousands of dollars per year in IT costs and a safer, more productive computing experience for end-users.