Tags
deploy Comodo EDR agent parent process multiple ticket selection selected tickets security events folder transfer discoveries network management remote folder TLS TLS1.2 pci dss pci compliance ITarian Portal Endpoint Manager vdi environment vdi clone environment instant clone documentation vendor notice security dashboard events resolution remote tool partner onboard itarian unknown file hunter TLS Encryption procedure parameters pass profiles history performance metrics real time remote endpoints download browse Subscriptions service URL Security Components system Global Software Inventory 2 minutes Integrate intagrate Active Directory Portable Interception SSL enable reporting Rule Threat Protection Rule Advance spam Customize archived outgoing incoming administrator validate domains add Antispam type PCI data loss Location Network information start software session extensions appoinments resource connection computers Comodo Rescue Disk infected opportunity opportunities custom relationship management quote COMODO-CRM protect mac device email notifications registry COM Quarantined point system restore msi contained applications processes security client events Release date department registration particular os section Two Factor Authentication Login interface dashboard report generate Direct Download Link One drive Google drive HIPS mode cleanup automatic suspicious suspicious certificates shellcode injection detect Elevated Access system user access default charging groups move current malware list store push IP address ip installer acronis auto-remediation server machine icon Product Logos Rebrand backup Device Control data Chromoting WebRTC ports Protocol skip offline manual time entries ticket assignee Help Guide Tour schedule Reschedule appointment unknown application protection virtual desktop Local Verdict server manage calculation cost configuration charging SD contract prepaid hours products classification inventory analyze Device list OS patches global search bar Tool bar Windows Defender Security Center file group white Citrix record SPF work billable time onsite email template template variables emails Gmail SMTP disable Add collaborators admin action Audit logs feature requests submit vote remotely Reset proxy swg secure web gateway dome error disk ticket detail page thread section tickets section internal notes Sub-help topic help topic features Application control white_list Patch Management child parent scheduled customized get to headers columns company restrict customer technician remote access list iOS devices field Reports iOS device APN Certificate MAC OS X options Linux block Comodo Client Communication (CCC) allow Comodo Client Security (CCS) network zones active component tray icon hide show packages additional install block port baseline installation package bulk implement restrict firewall endpoints security and communication global export virus import Database folders files define exclusions change staff admin rating check reassign assign permissions new role create for user of device enroll associated use how profile specific Removing Devices Uninstall windows profile Configuration templates latest version clients comodo file ratings monitoring script procedure custom All Devices Ratings Track widgets Agent valkyrie malware files Kill chain report automated establishing endpoint remote session Users prevent Android organization windows assets Mac OS billing identified threats Sort Closed inside Program executed containment service desk remote control Locally runs update scan antivirus SLA Business Hours control CCS Password access Client Auto Specific Device Response Application Third party Status View Logs intended devices alert fails Company Information Configure Verdict Patch Procedures Executable Comodo Internet Security ITSM Analysis Command Line Heuristic Filter Unrecognized Trusted File Rate Malicious Purge Calendar Device Exclusion USB Admin Panel Settings ticket Default system-wide Specific Path Details Monitor Multi Set Currency Connected Who Quick Actions Comparison Version Enterprise Managed Service Provider C1 Portal Remote management Comodo Remote Control ticket management staff panel assign tickets
More

How to Manage Proxy Mechanism for Clients

Release Time
07/11/2019
Views
none
Category
Endpoint Manager features
Tags

  • The 'Updates' component of a Windows profile lets you configure when managed computers should check for updates for communication client (CC), Comodo Client - Security (CCS) and Virus database updates. You can also specify the location from where updates should be downloaded.
     
  • You can now specify local endpoints as proxies from which other endpoints can collect installation packages and database updates. This helps save network traffic and accelerates package deployment when many endpoints are involved. 
     
  • In this, you can define the maximum amount of traffic to be used for package distribution, and the maximum number of proxy endpoints. 

This feature is also available in the portal setup "Settings"→"Portal setup"→"Client Settings"→Communication Clients". 

Portal set up is a global setting, If we are managing a large number of a device group, they might be using a different profile for different groups. so they need to configure the client distribution separately for each profile. Instead of this, we can distribute the devices globally through a portal set up

Step [1]: Go to “Configuration Templates” -> “Profiles”

  • Please select profile associated with device or group. 

For Example, a profile"manage virtual desktop in the Endpoint Manager" is selected


Step [2]: The next step is to add profile sections.

  • Each profile section contains a range of settings for a specific security or management feature.
     
  • For example, there are profile sections for 'Antivirus', 'External Device Control', 'Firewall', 'Procedures' and so on.
     
  • To get started:

          Click "Add profile section"→ Select "Updates"
 

 

 

 


Step [3]:    Click “Communication Client”

The 'Communication Client' tab allows you to enable or disable automatic program updates for the EM communication client, set an update for the endpoints to check for availability and download the updates and enable Communication Client to distribute update packages among the clients in the same network to reduce network inbound traffic
 


Step [4]: Click ->Enable Communication Client to distribute update packages among the clients in the same network to reduce network inbound traffic

once you enabled this option, you can view the following settings for Communication Client to distribute update packages.

  • Select specific devices to be proxy for distributing packages 
     
  • Enabling network traffic limitation,
     
  • Enable device count limitation
     
  • Use download servers directly in case of any communication issue options below

You can select the components for which the updates can be shared with other devices. It allows you to distribute packages  for Communication Client packages, Comodo Client – Security (CCS) and Comodo Client security Antivirus Database packages

Communication Client packages – Share CC program updates

Comodo Client - Security packages - Share CCS program updates

Comodo Client - Security Antivirus Database packages - Share antivirus database updates

You can view the Select specific devices to be proxy for distributing packages, Enabling network traffic limitation, Enable device count limitation, Use download servers directly in case of any communication issue options below
 

 

  • Select specific devices to be proxy for distributing packages

    In this option, this will allow you to select enrolled devices that you want to use as a source to distribute packages

    If you enabled the devices that can act as a source. Enter the first two characters of the device name and choose the device from the options 

          For example Type windows7-pc as a device

          If it is not enabled no devices act as a proxy for the distribution of packages

 

 

  • Enable Network traffic limitation

  This setting enables you to choose the maximum percentage of network traffic to be used for the distribution of packages. Network traffic is the amount of data moving across a network at a given point of time.

  Less than or equal to, % - In this, it can only accept integer values between 0 to 100. Network traffic should be less than or equal to this value. (default %30 )

  If we disabled the option we can access all the networks with maximum speed

 Select the option to change the usable network traffic and enter the maximum percentage in the 'Less than or equal to' field.

 For example, you can add a maximum of 30 percent of network speed  to be used for distribution of packages
 

 

 

  • Enable device count limitation

     Select the option to change the allowed device count 

     In this setting enables you to add the selected number of devices based on your network size used for the distribution of packages. 

    ​​​​​​ If it is not enabled you can add up-to to 20 devices and the updates would be distributed as well

           Less than or equal to – Set the number of devices in the network with which the client is allowed to share the updates and the accepted values are between 0 to 20. The default value in the profile is 10. We can set a maximum of devices should be limited for the distribution of packages.

 

 

  • Use download servers directly in case of any communication issue

    They can only connect to the download servers as configured in the Download servers tab if the client could not connect to any other options to download the updates.

     If this is not selected, in any communication issue, the clients will not update selected packages above until communication is restored
     

 

  • Download Server

    • Click Download servers tab

    • The 'Download Servers' tab lets you add and select the servers from which endpoints should collect updates.

    • You can configure different proxy servers for Comodo Client Security and Comodo Client Communication.

 

 

Once done, Save all the changes.

After saving the changes the window shows the summary of the updated communication client. Based on that  it will perform the  distribution for  updating the packages

Portal Set-up for Communication client to distribute the packages

This feature is also available in the portal setup "Settings"→"Portal setup"→"Client Settings"→Communication Clients". 

The portal set up enables you to distribute the packages to all devices globally instead of configuring the client distribution updates separately in the profiles. 

Note: The client distribution settings defined on  Windows profile > 'Updates' has higher priority over the global settings.

 

 

 

Priority table for portal set-up and profile configuration

  • If both portal set-up and profile configuration are disabled from client to distribute packages then a decision should act as disabled.
     
  • If the portal set-up is enabled and profile configuration is disabled for the client to distribute packages, then a decision should act as enabled as per portal set-up.
     
  • If the portal set-up has device count limitation = 5 and profile configuration has device count limitation = 10 and If both of them are in enable mode then setting will be applied from profile configuration as it has high priority. 
     
  • If the portal set-up is disabled and the profile configuration is enabled for client distribute package, then a decision should act as enabled as per profile configuration.