How to set the trust rating of an application in Endpoint Manager

Release Time
07/03/2017
Download PDF
Views
1725 times
Category
Devices
Tags


  • Login to ITarian > Click 'Applications' > 'Endpoint Manager'

  • Click 'Security sub-systems' > 'Application Control'

Introduction

Comodo Client Security (CCS) assigns the following trust ratings to applications:

  • Trusted - Applications that are on the Comodo whitelist. These are allowed to run as normal on the endpoint

  • Malicious - Applications that are on the Comodo blacklist, aka malware. These are automatically quarantined or deleted at the endpoint.

  • Unrecognized - Applications that could not be identified as trusted or malicious. Untrusted applications are automatically run in the container on endpoints. Contained applications are not permitted to modify files, user data or other processes on the host machine.

The application control interface lists all 'malicious' and 'unrecognized' files. There are two types of ratings for each file:

  • Comodo Rating - The rating assigned by Comodo's file-look up system

  • Admin Rating – The rating manually assigned by an administrator

    • Admin ratings over-rule Comodo ratings. Admin ratings will be pushed to all endpoints during the next update cycle

    • This allows you to locally whitelist applications which Comodo determines are unrecognized or malicious.

Assign admin ratings to applications

There are two ways to do this:

  1. Application Control - For all devices

  2. Device List - For individual devices

1. Application Control

  • Login to ITarian > Click 'Applications' > 'Endpoint Manager'

  • Click 'Security sub-systems' > 'Application Control'

  • Select the files whose ratings you want to change

  • Click the 'Change Rating' button in the top-menu

  • Select the new rating from the following:

    • Rate File as Trusted

    • Rate File as Malicious

    • Rate File as Unrecognized

  • The new rating is shown in the 'Admin Rating' column

  • This rating will be pushed to all endpoints during the next update cycle:

2. Device List

  • Login to ITarian > Click 'Applications' > 'Endpoint Manager'

  • Click 'Devices' > 'Device List'

  • Select the device on which you want to set a rating.

Click the 'File List' tab

  • Select the files whose rating you want to change

  • Click the 'Change Rating' button

  • Select the new rating from the following:

    • Rate File as Trusted

    • Rate File as Malicious

    • Rate File as Unrecognized

  • The new rating will be reflected in the 'Admin Rating' column

  • It will be pushed out to the affected endpoint in the next update cycle