Please share with the community what you think needs improvement with Comodo Advanced Endpoint Protection.
What are its weaknesses? What would you like to see changed in a future version?
There are a few technical items the solution could improve upon. The licensing fees are high. The company should work to try to lower them for the customer.
They need to just modernize the infrastructure with something that is next-generation. We have recently moved to SentinelOne. It had been doing good for us for a while, but we needed something modern with new technology.
They need to enhance the performance of the agents. Currently, the performance is going low when the agent starts a full scan. The agent is consuming a lot of resources while scanning. When there are a lot of documents to check, it slows down the endpoint. This is the only thing that worries me about Comodo, but this issue is also there in other products. It is missing DLP, and I know that they are working on adding some data loss prevention capabilities. They have added some capabilities, but these capabilities are not yet mature. I hope they will enhance these capabilities because it is important to prevent the data from going out from inside. We are protected from the outside, but we also have to be protected from the inside out.
Their support is not very good because they are very late to reply. They have to continue to work on the endpoint device management so that customers can manage their devices properly. They don't have a reseller portal for vendors or for MSPs. This means that for each customer, you have to enable a separate portal we would like to manage all of our customers from a single portal.
We do a lot of tests and we also work with some really malicious environments and our team would like to see better communication from Comodo on what it is doing. People that are new to the product can have a problem telling if the container is currently active or not (we have a lot of post graduate interns and the majority have all given us feedback on this issue). Uncertainty on the status of the container and quarantine process can unsettle people. Comodo is pretty quiet and I would like to get more reports from what's happening and then get status reports. For end-users, being quiet is good but for IT security teams we need more information when testing suspect software and attachments. Having an option to allow more information would be good. The logs and reports do not have the level of detail that we would like, so improvements in this area would be good. We have other products and services that help with malware identification - if Comodo picked this up, we could eliminate some other products and save money. Some competing products outperform Comodo in this area. Sometimes we've had some of the newer people looking at it and they're not used to it, and they're not sure whether it's actually running or not, and what it's doing (there are controls that people need to know how to use). From an end user standpoint, quiet operation is good, but for a systems admin or a security person who's trying to examine something, they may want to see more feedback. So that's some of the commentary that we've gotten back internally. The guys that are used to it don't have this issue, but the people that are new to it have given this feedback to us. The other thing is the quarantine. It would be good to have a better understanding of what it is that you've got in the quarantine, especially on the false negatives. Because sometimes it picks up something that is an okay file, but you're not really given a good explanation about why it was quarantined.
What do you like most about Comodo Advanced Endpoint Protection?
Thanks for sharing your thoughts with the community!
We all know that it's important to conduct a trial and/or proof-of-concept as part of the buying process.
Do you have any advice for your peers about the best way to conduct a trial/POC?
How do you conduct a trial effectively? Are there any mistakes to avoid?