- Valkyrie is a cloud-based service which tests unknown files to identify those that are malicious.
- Comodo Client Security (CCS) can automatically submit to Valkyrie any unknown files found on your network. Valkyrie will test the file, award it a trust-rating, and send the results back to CCS on the endpoint.
- The software can then take actions on the file depending on its trust rating. Files rated as ‘Safe’ is allowed to run. Files rated as ‘Malware’ are, of course, quarantined or deleted.
- Click 'Security Sub-Systems' > 'Valkyrie' to view unknown files found on your network, along with their Valkyrie trust-rating.
- You need to add a ‘Valkyrie’ section to an Endpoint Manager profile to activate the service on your endpoints.
This article explains how to add and configure a Valkyrie profile section.
- Open Endpoint Manager
- Click ‘Configuration Templates’ > ‘Profiles’
- Click on the Windows, MAC or Linux profile to which you want to add Valkyrie:
- Click ‘Add Profile Section’ > ‘Valkyrie’:
- Enable ‘Lookup and submit files with Valkyrie’:
Valkyrie settings vary for Windows, MAC and Linux profiles. Here is a list of all possible settings:
- Submit for – Select one of the following:
- Automatic analysis – Files are tested by Valkyrie’s automated behavior analysis systems.
- Manual analysis – Files are tested in-depth by a human technician. Only available if you have Valkyrie Premium license.
- File Size Limitations (MB) – Specify the maximum file size that should be uploaded to Valkyrie. Default = 150 MB.
- Check Manual Analysis Interval - How often CCS should contact Valkyrie for the verdicts on files submitted for manual analysis. Default = every 1800 seconds (30 minutes).
- Check Auto Analysis Interval - How often CCS should contact Valkyrie for the verdicts on files submitted for automatic analysis. Default = every 60 seconds.
- Enable Auto Auto-Whitelisting if NO suspicious activities detected… - The files will be added to your local white-list of trusted files if Valkyrie finds they are not malicious.
- Do not lookup and submit files to Valkyrie if FLS returns an error - When an unknown file is detected, Comodo Client Security first checks the file lookup server (FLS) to see if there is a ‘Safe’ or ‘Malicious’ verdict on the file. If not, then it is confirmed as unknown and submitted to Valkyrie for testing. This option will abort the Valkyrie submission if there is an issue with the initial FLS check, meaning no verdict is provided. CCS will keep retrying the FLS to get the initial verdict.
- Submit Metadata - Metadata is general information about the file, including file source, author, and date of creation. Select this option to send metadata along with the file itself.
- Submit When – Choose between:
- Immediately – Unknown files are submitted to Valkyrie as soon as they are discovered.
- Schedule Analysis – Set a date and time when you want to submit all unknown files. All unknown files are submitted as a batch on the date/time you specify.
Click ‘Save’ to apply the Valkyrie section to the profile.
Note for Linux devices. You also need to enable cloud scanning in the antivirus section of the profile for Valkyrie to work: