In order to push out a list of trusted zones to our servers, I need to lock the policy setting down unsing the padlock icon.
This works fine, but has the effect of locking the window against modification on the server.
Is there a way I can push the default list to the servers, but still allow someone to add to the list using the settings on the actual server?
At the moment, I'm having to add in folder exclusions to the trusted zone on the policy, but this then excludes those folders for every server in the group (around 15 servers). I could create new groups and policies for some of the servers, but that seems a bit long winded.
I suppose the question goes for most of the policy settings. Is there a way to push the default settings out, but still be able to edit the settings on the client/server.
Regards
Carl
Full Version: Trusted Zones
Hello,
You have to play with the "Enforcement" tab of the workstation policy to push new settings on all managed hosts and let your users change their trusted zone.
I hope it will help you.
You have to play with the "Enforcement" tab of the workstation policy to push new settings on all managed hosts and let your users change their trusted zone.
I hope it will help you.
QUOTE(GriffGB @ 6.07.2009 15:56) 
In order to push out a list of trusted zones to our servers, [...]
Well... Kaspersky Server Products do not have Anti-Hacker installed, so there is no option to push that information about trusted zones to servers.
If you mixed servers with workstations up, follow the suggestion of Tybilly.
QUOTE(phr3n1c @ 7.07.2009 07:51)
Well... Kaspersky Server Products do not have Anti-Hacker installed, so there is no option to push that information about trusted zones to servers.
If you mixed servers with workstations up, follow the suggestion of Tybilly.
If you mixed servers with workstations up, follow the suggestion of Tybilly.
In the KAV for Windows Server policy, there's a "Trusted Zones" section that lets me configure "Exclusion Masks" and Trusted Applications". These are then applied to the lists in the "Trusted Zone" button on the software on the server. This kinda suggests to me that they are, erm, trusted zones.
I want to push out "exclusion masks" and "trusted applications" listed in the Trusted Zones window, but also want to be able to add to the list manually at the server.
In order to send out a list via policy, it has to be locked. The server (or workstation) receives the list, but it then removes any existing trused apps and masks, and also stops the user from adding their own.
I guess i'm going to have to leave it unlocked and add lists in manually.
QUOTE(GriffGB @ 7.07.2009 15:47)
In the KAV for Windows Server policy, there's a "Trusted Zones" section that lets me configure "Exclusion Masks" and Trusted Applications". These are then applied to the lists in the "Trusted Zone" button on the software on the server. This kinda suggests to me that they are, erm, trusted zones.
Lol, sorry. It was my fault. I mixed things up. Surely there's a trusted zone in the Kaspersky Anti-Virus for Windows Server.
QUOTE(GriffGB @ 7.07.2009 15:47)
I want to push out "exclusion masks" and "trusted applications" listed in the Trusted Zones window, but also want to be able to add to the list manually at the server.
In order to send out a list via policy, it has to be locked. The server (or workstation) receives the list, but it then removes any existing trused apps and masks, and also stops the user from adding their own.
I guess i'm going to have to leave it unlocked and add lists in manually.
In order to send out a list via policy, it has to be locked. The server (or workstation) receives the list, but it then removes any existing trused apps and masks, and also stops the user from adding their own.
I guess i'm going to have to leave it unlocked and add lists in manually.
There is only one way, to specify settings without locking the options to the local interface. Tybilly already posted the information you need to get things done. (http://support.kaspersky.com/faq?qid=208279101#enforce)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.