We use Comodo because it has containerization.
Comodo Advanced Endpoint Protection OverviewUNIXBusinessApplicationPrice:
Comodo Advanced Endpoint Protection is the #35 ranked solution in our list of endpoint security software. It is most often compared to Sophos Intercept X: Comodo Advanced Endpoint Protection vs Sophos Intercept X
What is Comodo Advanced Endpoint Protection?
Comodo Advanced Endpoint Protection (AEP) delivers patent-pending auto-containment, where unknown executables and other files that request runtime privileges are automatically run in a virtual contain that does not have access to the host system's resources or user data.
Comodo Advanced Endpoint Protection is also known as Comodo AEP.
Download the Endpoint Protection for Business (EPP) Buyer's Guide including reviews and more. Updated: October 2021
Comodo Advanced Endpoint Protection Customers
Christian Motorcyclists Association, City of Thousand Oaks, City of Danville, HRI Properties
Comodo Advanced Endpoint Protection Video
Archived Comodo Advanced Endpoint Protection Reviews (more than two years old)
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Effective heuristics make for better ransomware protection
Pros and Cons
- "If you open up an application or a web browser, it puts a container in a sandbox area. So if there's some malicious code, it'll stick there. It also has way better protection for ransomware because it uses heuristics that are pretty effective. We've done a lot of tests with live malware, and it works really well."
- "Would be good to have a better understanding of what it is that you've got in quarantine."
What is our primary use case?
What is most valuable?
If you open up an application or a web browser, it runs within a container (sandbox). So if there's some malicious code, it' will be contained within the sandbox. Ransomware prevention and zero-day exploits were a driver for adopting Comodo. From our research lab results working with live ransomware, Comodo has been very effective in preventing infection. We've done a lot of tests with numerous types of live malware, and it works really well.
What needs improvement?
We do a lot of tests and we also work with some really malicious environments and our team would like to see better communication from Comodo on what it is doing. People that are new to the product can have a problem telling if the container is currently active or not (we have a lot of post graduate interns and the majority have all given us feedback on this issue). Uncertainty on the status of the container and quarantine process can unsettle people.
Comodo is pretty quiet and I would like to get more reports from what's happening and then get status reports. For end-users, being quiet is good but for IT security teams we need more information when testing suspect software and attachments. Having an option to allow more information would be good. The logs and reports do not have the level of detail that we would like, so improvements in this area would be good. We have other products and services that help with malware identification - if Comodo picked this up, we could eliminate some other products and save money. Some competing products outperform Comodo in this area. Sometimes we've had some of the newer people looking at it and they're not used to it, and they're not sure whether it's actually running or not, and what it's doing (there are controls that people need to know how to use). From an end user standpoint, quiet operation is good, but for a systems admin or a security person who's trying to examine something, they may want to see more feedback. So that's some of the commentary that we've gotten back internally. The guys that are used to it don't have this issue, but the people that are new to it have given this feedback to us.
The other thing is the quarantine. It would be good to have a better understanding of what it is that you've got in the quarantine, especially on the false negatives. Because sometimes it picks up something that is an okay file, but you're not really given a good explanation about why it was quarantined.
For how long have I used the solution?
We added the solution to our operations about a year ago.
What do I think about the stability of the solution?
It's very stable. We have many different systems and different versions. Because we do testing and research, and we haven't had any problems across any of them.
What do I think about the scalability of the solution?
Scaling is no problem.
How are customer service and technical support?
We very rarely have to use technical support, but when we've had to call them it's not been an issue. It's pretty quick.
How was the initial setup?
The setup was straightforward. None of the products we've had with an antivirus had ever taken more than a day and Comodo was no different.
What about the implementation team?
Our in-house team did the implementation.
What's my experience with pricing, setup cost, and licensing?
We do licensing by country. Here in Sweden, we've got 40 licenses.
What other advice do I have?
We have three companies here in our group and all three companies are using it. We have a professional business services firm that provides law, accounting, financial, and payromm services; a company that does specialized engineering and IT consulting; and we have a global company that handles enterprise ICT architecture, management, and security. All three of these companies are using the product in Sweden. They also use them in North America and Europe.
We also use a Comodo for pushing out updates/patches and to keep asset inventories of our systems and software. We're also using it for network monitoring. I'd say we use it in a more active role with Symantec because Symantec does not provide the same types of services that Comodo does regarding network asset management.
I think it's a good product and it supplements and works well with Symantec - using both products together provides two layers of protection. You do have to manage the antiviral capability because they can have conflicts with each other (we have not had any lock-up issues as we do with other product combinations but you can get false alerts). Comodo doesn't seem to have a problem running within the Symantec environment or vice versa. We haven't really run into any issues running both of them together. In fact, it's one of the reasons why we liked this combination. We have experimented with other combinations but found the Comodo-Symantec combination most stable.
I would give it a 9 out of 10. I don't think anything's perfect, so it'd be really hard for me to give a ten - especially given the areas of improvement that I mentioned above. I give weight to the cost - Comodo licenses are a good value for what you get. It gives you a really good balanced portfolio to work with for your machines, not just on the malware protection and the firewall protection, but the virtual container, the ability to manage endpoints, the ability to manage patches. In our case, Comodo replaces several products that we used to use.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product CategoriesEndpoint Protection for Business (EPP)
Download our free Endpoint Protection for Business (EPP) Report and find out what your peers are saying about Comodo, Sophos, Broadcom, and more!
- What's the best way to trial endpoint protection solutions?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- What is the best for ransomware infection?
- SCCM vs BigFix: what are pros and cons?
- What are the best on-premise Endpoint Security solutions for a Tech Services company with 10,000 employees?
- What security measures should businesses prioritize to support secure remote work?