manualshive.com logo in svg

KAPERSKY ADMINISTRATION KIT 6.0, Administrator'S Manual

Get the most out of your Kaspersky Administration Kit 6.0 with the free Administrator's Manual. This manual provides detailed instructions on how to effectively manage your security solutions. Download it now from manualshive.com and take control of your network security with ease.

Share
Download
background image

20 

Kaspersky Administration Kit 

 

• 

Synchronization of policies, application settings, tasks, and task settings 

• 

Updating the information on applications and tasks running on client com-
puters 

• 

Delivery of events to be processed on the server 

In most cases, client computers are connected to the server. This connection is 
used to automatically exchange data between the clients and the server and to 
send information about application events to the server. 

Automatic synchronization is performed at regular time intervals defined by the 
Network Agent settings (for example, once every fifteen minutes). The time 
interval is set by the administrator. 

Information about an event is sent to the server immediately after the event 
occurs. 

In the client settings, you can check/uncheck the 

Keep connection

 checkbox to 

keep or terminate the client–server connection after the above operations are 
over. Permanent connection is preferred if connecting to a client is impaired for 
some reasons (the client is behind a firewall, client ports cannot be opened, the 
client IP address is unknown, etc.) or you need to constantly monitor the 
performance of Kaspersky Lab applications. 

The administrator can force synchronization to start by clicking the 

Force 

synchronization

 command on the shortcut menu of the client computer 

(see section 2.10.4 on page 31). In this case, the connection is initiated by the 
server. To enable connection, the UDP port is opened on the client computer. 
The server sends a connection query to the client’s UDP port. In response, the 
server rights to connect to the client are verified (based on a digital signature), 
and, if the signature is valid, the connection is established. 

A second type of connection is also used to retrieve data from client computers – 
update the lists of applications and tasks running on the client and refresh 
application statistics. 

2.3. Secure connection to the 

Administration Server 

Data exchange between clients and the Administration Server and connections 
of the console to the Administration Server are secured by SSL protocol (Secure 
Socket Layer). SSL protocol is responsible for authentication of communicating 
parities, encryption of the data being transferred and preventing modification of 
data during the transfer. Data integrity ensures that the data has not been 
corrupted or altered in transit. An SSL-enabled connection involves 

Summary of Contents for ADMINISTRATION KIT 6.0

Page 1: ...KASPERSKY LAB Kaspersky Administration Kit version 6 0 Administrator smanual...

Page 2: ...K A S P E R S K Y A D M I N I S T R A T I O N K I T V E R S I O N 6 0 Administrator s manual Kaspersky Lab Visit our website http www kaspersky com Revision date February 2007...

Page 3: ...etween the policies and the local application settings 18 2 2 Connecting clients to the Administration server 19 2 3 Secure connection to the Administration Server 20 2 3 1 Administration Server certi...

Page 4: ...settings 52 4 1 1 Managing policies 52 4 1 2 Local application settings 57 4 2 Managing the application 58 CHAPTER 5 UPDATING THE ANTI VIRUS DATABASE AND PROGRAM MODULES 65 5 1 Receiving updates by th...

Page 5: ...Table of Contents 5 APPENDIX B KASPERSKY LAB 98 B 1 Other Kaspersky Lab Products 99 B 2 Contact Us 109 APPENDIX C LICENSE AGREEMENT 110...

Page 6: ...ions at once on networked computers on any number of networked com puters Efficiently manage license keys With Kaspersky Administration Kit you can centrally install license keys for all Kaspersky Lab...

Page 7: ...ng mechanism of notifications about specific events in application s operation and notifications sending mechanism You can specify a set of events which require notification Such events that may occur...

Page 8: ...Vista x64 Hardware requirements Intel Pentium III processor 800 MHz or faster 128 MB RAM 400 MB available space on hard drive Administration Console Software requirements Microsoft Windows 2000 SP 1 o...

Page 9: ...64 or higher Microsoft Windows Vista Microsoft Win dows Vista x64 For Novell systems Novell NetWare 6 with SP3 or higher Novell Netware 6 5 with SP3 or higher Hardware requirements For Windows Systems...

Page 10: ...tion about new Kaspersky Lab applications and about new com puter viruses for those who subscribe to the Kaspersky Lab newsletter Kaspersky Lab does not provide information related to operation and us...

Page 11: ...tc Note Additional information notes Attention Critical information To perform an action 1 Step 1 2 Description of the successive user s steps and possible actions key modifier name Command line modif...

Page 12: ...dministration Server with the automatic startup at the operating system startup with profile Local system or user s profile depending on the selection made during the component s installation The func...

Page 13: ...tails see section 3 5 1 on page 45 The ability to create a hierarchy of servers may be used to restrict the load on the Administration server compared with one server installed in the network to decre...

Page 14: ...ked if the Cisco Trust Agent application is installed Parameters for cooperation with Cisco NAC are configured through Administration Server properties A computer server or workstation on which the Ne...

Page 15: ...ed to as administrator workstations From these workstations administrators can remotely manage all Kaspersky Anti Virus components installed across the logical network After the installation of the Ad...

Page 16: ...form the task settings The application settings and task settings do not overlap For more information about task types refer to the documentation for Kaspersky Lab applications To have an application...

Page 17: ...ral policies with different settings value may be defined for one application However each application may only have one active policy There is a provision that allows the user to activate an inactive...

Page 18: ...name file masks etc You can schedule tasks to start automatically or run them on demand Task performance results are saved both on the administration server and locally The administrator can be notif...

Page 19: ...tting a group policy if the policy did not prohibit changes to this setting Figure 2 Policy and local application settings Changes to local application settings following the initial policy applicatio...

Page 20: ...need to constantly monitor the performance of Kaspersky Lab applications The administrator can force synchronization to start by clicking the Force synchronization command on the shortcut menu of the...

Page 21: ...ion wizard while the Administration Server is being installed To restore the certificate you must reinstall the Administration Server and restore the lost data from the Backup about backup options see...

Page 22: ...nnection in a similar manner 2 4 Identification of computers on the logical network Client computers on the logical network are identified by their host names A host name must be unique among other na...

Page 23: ...s creating policies tasks for groups and individual computers configuring application settings centralized administration of applications using services pro vided by the Administration Server the Netw...

Page 24: ...s own can be created that will have rights applied within this particular logical network only If computers related to one domain create several logical networks the domain administrator will be the a...

Page 25: ...work Agent This deployment scenario is used only if centralized deployment is impossible Remote installation can be used for installation of any applications selected by the user However bear in mind...

Page 26: ...each Server create a logical network structure as follows create a hierarchy of the administration groups and distribute computers among the corresponding groups In the next stage you should install t...

Page 27: ...strator decided to involve he or she can do it from his own work station for example disinfect infected files on this computer Timely update the anti virus database on client computers see Chapter 5 o...

Page 28: ...ndard menu Start Programs This programs group is created only on the administrator s workstations at the time when the Administration Console is installed The logical network Administration server mus...

Page 29: ...ss to the logical network settings The Kaspersky Administration Kit namespace can have several nodes the Kaspersky Administration Server Server Name by the number of Administration Servers The Kaspers...

Page 30: ...which the Administration server is installed The Administration server creates and updates the information about the network structure and computers included in this network by regularly polling the W...

Page 31: ...r the objects themselves are not copied to the Administration server Information presented in the Administration Console is updated automatically only for nodes To update the information in the result...

Page 32: ...View Active Directory Display the computer network structure according to the Active Directory structure New IP sub network Create an IP sub network to display computers View Administrati on server Sw...

Page 33: ...s computer activity Configure the Administration server settings response to the absence of computer activities in the network All tasks Safety Configure access rights to the group All tasks Policies...

Page 34: ...a new filter to search for computers View Filter Apply a filter for the event preview table Events All tasks Import Import a task from a file Global tasks New Task Create a new global task Add license...

Page 35: ...task for the client computer Force synchronization Synchronize the client computer and the administration server data Reset virus counter Reset virus detection counters on a given client Connect to t...

Page 36: ...to the required administration server see Figure 4 The program receives information about the logical network structure from the administration server and displays it in the console tree Figure 4 Est...

Page 37: ...for connecting to the server and working with the logical network will be granted to the users included into KLAdmins and KLOperators groups of the logical network see section 2 5 on page 22 You can...

Page 38: ...a list of computers of the respective domain or workgroup not included into the structure of the logical network Once a computer is included into any group information about it will be immediately de...

Page 39: ...tus OK Warning Critical based on the criteria established by the administrator Information update date of the last update of the information about the computer DNS domain a DNS domain to which the com...

Page 40: ...inistration Server Based on the obtained information and logical network structure data the Administration server will update the Network group as well as the structure and the contents of the Network...

Page 41: ...o an existing group will not be added this time because the Unassigned group displays only computers that are not included in the logical network Settings for sending alerts via e mail or NET SEND abo...

Page 42: ...any other objects and the Administration servers Policies and Group tasks folders are empty During the creation of the logical network structure by the administrator client computers and nested group...

Page 43: ...otal number of viruses detected at the client computers since the installation of the anti virus application first com puter scan or since the last reset of the value counter of detected vi ruses The...

Page 44: ...he logical network is reflected in the Groups folder You can obtain information about each object of the logical network slave servers groups and client computers The data provided will contain inform...

Page 45: ...logical network by moving individual client computers and entire groups to other groups Add slave Administration servers to the logical network structure in order to reduce the load on the master Ser...

Page 46: ...erved In order to resolve a naming conflict rename the group before you move it If you do not observe this rule suffix _1 _2 etc will be automatically added to the name You cannot rename the Groups fo...

Page 47: ...be automatically including all computers detected into the specified administration group For this the corresponding settings must be configured in the Network group properties see Figure 10 A comput...

Page 48: ...om the Master Server logical network to a slave Server logical network In order to do it the client computers must be connected to the new Administration server Connecting the client computer to anoth...

Page 49: ...ion on all slave Administration servers can be created The policies and tasks received from a master Administration Server are not available for modification on a slave server In order to add a slave...

Page 50: ...ts logical network Additionally a slave Administration server inherits from the main Server all group tasks and policies of the group into which it is included Inherited policies and tasks area reflec...

Page 51: ...ion server The regular task icon is Global deployment tasks cannot be transferred to the slave Servers The transfer of group tasks is configured in the task properties Updating of the slave Administra...

Page 52: ...tation To create a policy use the New Policy command from the shortcut menu of the Policy folder At this stage of the policy creation you configure a minimum set of parameters required for operation o...

Page 53: ...ks settings and policies of the nested groups and slave Administration servers Local settings have higher priority as compared to the policy settings see section 2 1 7 on page 18 If you wish to use a...

Page 54: ...le users that will be enforced immediately after the computer is disconnected from the corporate logical setting A node is considered disconnected from a logical network following three unsuccessful a...

Page 55: ...tions will revert to values in effect before the policy was applied Apply mandatory policy settings to the local settings at first policy application This would result only in parameters marked with u...

Page 56: ...lowing way If resident tasks real time protection were running on a client they will seamlessly switch to the new settings values If there are periodic tasks currently running on a client on demand sc...

Page 57: ...ky Lab s applications is provided in the applications Guides Policy configuration for the Network Agent and the Administration server is described in the Reference Book for Kaspersky Administration Ki...

Page 58: ...ky Administration Kit supports all types of tasks provided for the local application management Additionally there is a provision for a remote launching and stopping applications using corresponding N...

Page 59: ...the installation package Tasks of these types have several distinctive features as far as creation and launching are concerned A detailed description of managing these tasks is provided in the Kasper...

Page 60: ...another or delete them using the shortcut menu commands During execution of tasks on each client computer the application operation settings will be installed in accordance with the group policy task...

Page 61: ...rt of the settings is specific to a particular task schedule for launching a task account under which the task is launched scan scope for on demand scan tasks etc Values of these settings are set for...

Page 62: ...g to be turned off during the scheduled launch time the operating system can be automatically loaded using the Wake On LAN function In order to use this function you must check the corresponding box s...

Page 63: ...ase the task will not be deleted but it will not be launched either Additionally you can start a task interrupt it pause or resume a task manually using the shortcut menu commands or from the task set...

Page 64: ...w With the hierarchal structure of the Administration servers if the corresponding parameter is included into the task settings see Figure 21 the slave Servers will receive group tasks from the main A...

Page 65: ...rver in public folder Updates from where they can be automatically distributed across the client computers and slave Administration servers immediately after the updating has been completed The public...

Page 66: ...ng task Selecting application and task type If the Administration server hierarchy is created or is planned to be created in the logical network then the Force the updating of the slave Servers box se...

Page 67: ...e section 5 2 on page 68 and slave Administration servers see section 5 3 on page 69 The following resources can be used as the update source for the Administration server Kaspersky Lab s updates serv...

Page 68: ...ation modules updates versions installed on the client computers within the logical are the same select the Administration server as the updates source in the settings of the tasks for receiving updat...

Page 69: ...n Administration Server as the updates source in the settings of the task for receiving updates for the slave Servers Enable mode of automatic updates distribution to the slave Servers in the settings...

Page 70: ...y receive updates from the Administration server and place them into the application installation folder Only those updates that are required within the group are downloaded Later client computers wit...

Page 71: ...Updating the Anti Virus database and program modules 71 Figure 26 Creating the list of updating agents...

Page 72: ...ab application you purchased which may be managed through Kaspersky Administration Kit Kaspersky Administration Kit checks for a license and determines the license expiration period using a license ke...

Page 73: ...client computers within the logical network including both current and backup license keys with the indication of the computers on which they are used and the license restrictions A full list of licen...

Page 74: ...rsky Lab s applications This information is transferred from the client computers by the Network Agents and stored in the Administration server s information database There is an ability to perform th...

Page 75: ...Maintenance 75 Figure 28 Configuring remotes storage areas Figure 29 Viewing the storage contents...

Page 76: ...operation of the application and the results of tasks execution You can configure the list of events to be logged in the operation of each application and the procedure for notifying the administrato...

Page 77: ...tional failures Warnings Informational messages Audit Events The use of filters allows performing search and structuring of the information about registered events since after applying the filter only...

Page 78: ...e You can delete an individual event selected in the results pane all events or events that satisfy certain conditions You can review the list of events registered during the application operation for...

Page 79: ...written to the system registry by the Administration Agent Reports can be created for the anti virus protection system in general computers included into a certain administration group a set of client...

Page 80: ...oftware or Kaspersky Lab s applications not supporting administration via Kaspersky Administration Kit that are installed on the client computers Network attack report contains information about netwo...

Page 81: ...lete existing templates view or edit their parameters Reports are viewed using the default browser In case of a hierarchal structure of the Administration server you can create general reports that wo...

Page 82: ...nistration server and its slave Servers are installed all computers within networks in which the Administration server and its slave Servers are installed irrespective of whether the particular comput...

Page 83: ...mputers included into the Network group selected for the search and in the Network groups of all slave Servers if the Include data from the slave Servers box is checked in the search parameters Admini...

Page 84: ...ing the last 24 hours is presented in a separate node of the console tree named Computer selections see Figure 36 Diagnostics of the status of the client computers is performed based on the informatio...

Page 85: ...e New New filter item from the shortcut menu for the Computer filters node As the result a new folder with the name you have specified for the filter will appear in the console tree will appear in the...

Page 86: ...n the logical networks using the Virus attack event registered in the operation of the Administration server component This feature is of great significance in the periods of virus outbreaks as it hel...

Page 87: ...s activity threshold which when ex ceeded will trigger the Virus Outbreak event Viruses field number of viruses detected on the logical network by appli cations of this type In minutes time interval d...

Page 88: ...nce in 24 hours You can reset information about the occurrence of such event only be restarting the Administration server service Figure 40 Configuring Event Logging Notification procedure for the Vir...

Page 89: ...otification Settings 6 8 Backup copying and restoration of the Administration server data Backup copying allows transferring the Administration server from one computer to another with no information...

Page 90: ...cessary modify the settings as required Copying data of the Administration server for the backup storage and its subsequent restoration can be performed automatically using the backup copying task or...

Page 91: ...irus applications use the database to successfully detect and disinfect viruses The anti virus database available on the Kaspersky Lab websites is regularly updated as new virus threats appear Registe...

Page 92: ...plications that can be managed through Kaspersky Administration Kit Centrally managing an application Managing an application through Kaspersky Administration Kit Client Administration Server or clien...

Page 93: ...TFS formatted disks that remained unmodified since the last scan The IStreams technology was implemented by using a method of storing file checksums in the additional NTFS streams Infected object An o...

Page 94: ...network computers M Maximum protection A protection level that ensures comprehensive protection but slightly decreases performance characteristics Maximum speed A protection level that has a maximum...

Page 95: ...tallation Installation of Kaspersky Lab applications using the services provided by Kaspersky Administration Kit Restoring Restoring Administration Server data using a backup utility The information f...

Page 96: ...aspersky Lab application Third party application An anti virus application by a third party vendor or a Kaspersky Lab s application not supporting administration via Kaspersky Administration Kit U Unk...

Page 97: ...Appendix A 97 fashion to new threats and take preventive measures to protect his her network...

Page 98: ...protection from current and future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step ah...

Page 99: ...Kaspersky Lab Ltd Kaspersky OnLine Scanner This program is a free service provided to the visitors of Kaspersky Lab s corporate website The service delivers an efficient online anti virus scan of you...

Page 100: ...stem The program allows users to create a list of applications which it will control on a per component basis It helps protect application integrity against the influence of mali cious software Monito...

Page 101: ...ges to the file system and registry and restores the system after ma licious influence Protection against Internet fraud is ensured by recognition of phishing attacks thereby preventing confidential d...

Page 102: ...omatically scanned as well as files when attempts are made to access them Protection from text message spam Kaspersky Anti Virus for File Servers This software package provides reliable protection for...

Page 103: ...ty is a software package withal new approach to security for today s corporate networks of any size providing centralized protection information systems and support for remote offices and mobile users...

Page 104: ...o technology Remote disinfection capability Intel Active Management Intel vPro Kaspersky Business Space Security provides optimal protection of your company s information resources from today s Intern...

Page 105: ...and file servers from viruses Trojans and worms Protection of Sendmail Qmail Postfix and Exim mail servers Scanning of all e mails on Microsoft Exchange Server including shared folders Processing of...

Page 106: ...o Internet gateways Proactive Defense for workstations from new malicious programs whose signatures are not yet added to the database Protection of mail servers and linked servers Scans Internet traff...

Page 107: ...Postfix and Exim and also enables you to configure a dedicated e mail gateway The solution includes Kaspersky Administration Kit Kaspersky Mail Gateway Kaspersky Anti Virus for Lotus Notes Domino Kas...

Page 108: ...rams Scans Internet traffic HTTP FTP in real time Filters Internet traffic using a trusted server list object types and user groups Quarantines suspicious objects Easy to use administration system Rep...

Page 109: ...traffic on servers running Clearswift MIMEsweeper for SMTP Clearswift MIMEsweeper for Exchange Clearswift MIMEsweeper for Web The program is a plug in and scans for viruses and processes inbound and...

Page 110: ...OU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT DO NOT BREAK THE CD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANCE WITH THE LEGISLATION REGARDING KASPERSKY SOFTWARE INTENDED FOR IN...

Page 111: ...spersky Lab s update servers 1 1 3 If you sell the computer on which the Software is installed you will ensure that all copies of the Software have been previously deleted 1 1 4 You shall not decompil...

Page 112: ...e renders only assistance in Software activation and registration of the End User ii By completion of the Support Services Subscription Form you consent to the terms of the Kaspersky Lab Privacy Polic...

Page 113: ...the manner specified in the Documentation ii You accept all responsibility for the selection of this Software to meet your requirements Kaspersky Lab does not warrant that the Software and or the Doc...

Page 114: ...following losses or damage whether such losses or damage were foreseen foreseeable known or otherwise a Loss of revenue b Loss of actual or anticipated profits including for loss of profits on contrac...

Page 115: ...__________ When using demo software you are not entitled to the Technical Support specified in Clause 2 of this EULA nor do you have the right to sell the copy in your possession to other parties You...

Reviews:

No comments

Related manuals for ADMINISTRATION KIT 6.0

Juniper RESIDENT CONSULTANT Datasheet preview
RESIDENT CONSULTANT
Brand: Juniper Pages: 4
TC Electronic Tap Factory Product Manual preview
Tap Factory
Brand: TC Electronic Pages: 12
AMX Content Database Editor v 1.0 Manual preview
Content Database Editor v 1.0
Brand: AMX Pages: 28
Mitsubishi WiFi-Doc Client for iOS User Manual preview
WiFi-Doc Client for iOS
Brand: Mitsubishi Pages: 10
Model Technology Model Sim EE Start Here Manual preview
Model Sim EE
Brand: Model Technology Pages: 37
Crestron SIMPL Windows Installation & Operating Manual preview
SIMPL Windows
Brand: Crestron Pages: 230
Belkin UPGRADE FIRMWARE MODEM ROUTER Manual preview
UPGRADE FIRMWARE MODEM ROUTER
Brand: Belkin Pages: 1
Samsung SyncMaster S23A750D (Spanish) Manual Del Usuario preview
SyncMaster S23A750D
Brand: Samsung Pages: 90
GRASS VALLEY AURORA EDIT - INSTALLATION V7.1 Installation Manual preview
AURORA EDIT - INSTALLATION V7.1
Brand: GRASS VALLEY Pages: 152
VERITEQ vLog 4.4 User Manual preview
vLog 4.4
Brand: VERITEQ Pages: 112
Autodesk 495B1-05A111-1301 - 3ds Max Design 2010 User Manual preview
495B1-05A111-1301 - 3ds Max Design 2010
Brand: Autodesk Pages: 916
PressReader Android Tablet Software User Manual preview
Android Tablet Software
Brand: PressReader Pages: 4
Lucid Virtu Installation Manual preview
Virtu
Brand: Lucid Pages: 10
Lucid FM2A85X Extreme4 Installation Manual preview
FM2A85X Extreme4
Brand: Lucid Pages: 12
Navman S60 User Manual preview
S60
Brand: Navman Pages: 15
Navman NavDesk 2009 User Manual preview
NavDesk 2009
Brand: Navman Pages: 36
Epson PowerLite S17 Quick Setup preview
PowerLite S17
Brand: Epson Pages: 4
Epson PowerLite D6250 Brochure preview
PowerLite D6250
Brand: Epson Pages: 6

Brands by name

Popular brands

Load more brands