There are also two supplemental services: The first is Viruscope, which automatically analyzes running processes and records their activities. You turn this on with a few toggle switches. If it detects something that it hasn’t seen before – which could be malware – it flags it as unknown and then sends the file to the second service, called Valkyrie, which is Comodo’s online file analysis tool.
Valkyrie looks at suspicious files and rates them based on dozens of various behaviors and other analyses, both human and machine-based. The whole process takes less than a minute, but is designed to provide the least impact on end users in terms of flagging false positives. The basic analysis engine is included in the entry-level subscription.
For smartphones, AEP provides basic MDM services: it tells you which apps are installed on your phone (and you can de-select those that you don’t want your users running), the version of software and other general settings. You can remotely wipe your phone, reset its screen PIN, turn off the camera, and several dozen other settings. If you already have a MDM or other management profile downloaded on your phone, you will need to remove it before installing AEP’s profile. (It would be nice to get a warning from Comodo when this situation happens.)
Unlike some of the other products reviewed here, it doesn’t allow you to specify any particular security feeds or log files. There is an “Applications” tab that does have some of the same roles as an IDP: you can white/blacklist specific applications, exclude specific software publishers and examine if any files have been uploaded to Comodo’s sandbox for further analysis.
Under the Settings/roles management tab, AEP has the largest collection of granular roles, allowing you to enable full device management or set up read-only access to security policies, among more than 30 other parameters.
On the profile list there are various templates: Windows, iOS and Android. Mac doesn’t have a full profile yet but should have in the next version. Each policy has a series of sections, such as antivirus or file analysis, which in turn have their own specific parameters. As you construct your policy, each section shows up as a separate tab on a bar across the top, making it easier to find and modify a specific element.The Windows policies are more complete: the smartphone policies omit the firewall, Host IPS and other sections that aren’t relevant to mobile devices.
AEP’s biggest weakness is that it has just a few canned reports: an earlier version had just a single inventory report; this has been augmented in the latest version. Reports can be downloaded either in Excel or PDF formats.
Sign up for CIO Asia eNewsletters.