Jump to content
Kaspersky Support Forum

About this blog

Entries in this blog

Known Problem

Importing a new SSL certificate for KSC Web Console [Kaspersky Security Center]

Problem After importing a custom certificate instead of a default self-signed one for accessing KSC 13 Web Console, you cannot reach Web Console. When using the default certificate, there is now issue with Web Console. Solution There are several causes and solutions for this issue: You might be using Internet Explorer or any other unsupported browser to access Web Console. So first we need to check if the browser is supported by KSC. Ref : https://support.kas
svc_kms

svc_kms in Known Problem

0
Known Problem

Get error "curl: (58) schannel: Failed to import cert file" when sending a request via KPSN API from Windows client [Kaspersky Private Security Network]

Issue An attempt to send POST request via KPSN API from a Windows client.: curl --cert C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem --key C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_key.pem -k -X POST -d "{\\"action ": \\"check_url\\",\\"data ": {\\"urls ": [\\"website1.com "]}}" https://10.90.116.27:80/api/ Fails with the following error: curl: (58) schannel: Failed to import cert file C:\\Users\\user_A\\Desktop\\kpsn_api kpsn_api_crt.pem, last error is 0x8009200
Stan Shpatar

Stan Shpatar in Known Problem

0
Known Problem

NAgent upgrade failure due to mismatch between .msi packages [KSC for Windows]

Problem Network agent upgrade fails. Network Agent installation from an .msi package different from the new .msi package is the root cause. See the below logs: KLNAG_INS_MSI: CheckInstalledMsiName: installed name 'KasperskyNetworkAgent', installed ext '.msi'  MSI_UTILS: CAGetProperty(OriginalDatabase) called...  KLNAG_INS_MSI: CheckInstalledMsiName: installing name 'Kaspersky Network Agent', installing ext '.msi'  KLNAG_INS_MSI: CheckInstalledMsiName: names are NOT equal  Solution
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC Application registry doesn't clear information about deleted applications [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Application registry in KSC contains information about applications that was deleted. Reinstalling Network Agent on a workstation should solve a problem. This behavior can be caused by per-user applications. You can alter how long network agent will retain information about applications on a managed workstation: On a managed workstation : Add a registry key: [HKEY_LOCAL_MACH
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC Distribution Points auto-assignment and selection [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Sometimes it's not clear how KSC assigns Distribution Point (DP) for Managed groups or NLA subnets, and how clients choose DP.  Automatic assignment of distribution points is enabled in Kaspersky Security Center by default. The Administration Server automatically selects the scopes for distribution points, and assigns one or multiple distribution points to each scope depending on how many client
svc_kms

svc_kms in Known Problem

0
Known Problem

Error 80240037 Windows patch management [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   Problem: You have a new CPU in your managed device and Windows operating system released prior to Windows 10\Windows Server 2016. Start "Find vulnerabilities and required updates" for a managed devices. Task results and Kaspersky Event log on a workstation may indicate a following error: Windows Update Agent error 80240037 ("The functionality for the operation is not supported.") #1181 (
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC database fields explained: nIP, nStatus [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. There are multiple fields in database that are not easy to interpret. For example nIP, nStatus and many others. Most of them are from public view v_akpub_host which is one of the main sources of information about managed computer on KSC. The objective of this article is to help understanding the encoding used, if you want to learn more about public views and specific fields refer to klakdb.chm located in the
svc_kms

svc_kms in Known Problem

0
Known Problem

Network Agent installation error "Error 1181/0x91 ('System error 0x91 (The directory is not empty.)') occured while deleting directory 'C:\ProgramData\KasperskyLab\adminkit\1103"'' [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Problem Description Error "Error 1181/0x91 ('System error 0x91 (The directory is not empty.)') occured while deleting directory 'C:\ProgramData\KasperskyLab\adminkit\1103''" when installing Network Agent. The error can be found on a screenshot.  How To Fix Make sure that the folder ‘C:\ProgramData\KasperskyLab\adminkit\1103’ actually exists.  If you can navigate to this fo
svc_kms

svc_kms in Known Problem

0
Known Problem

How a Distribution Point for a host is selected [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   If two different update agents on a PC are assigned in different ways: To an administration group. Based on a network location. Which one will have a higher priority for the PC? Among the update agents assigned to administration groups, the one assigned to the administration group, that is closest to the target host in the group hierarchy, has the higher priority. If the upd
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC difference between Application Registry and Incompatible Applications Report [KSC for Windows]

Problem You may run into differences between Application Registry and Incompatible Applications Report when trying to find computers with incompatible applications. For example, you created Device selection based on an Applications registry criteria, where you specified incompatible application name in Application name field and got a device selection of 12 computers. After that, you open Incompatible Applications Report and only get 3 computers with that software. It is expected, and
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC: System error 0x52E (Logon failure: unknown user name or bad password) when downloading updates to the repository [KSC for Windows]

Try the following: 1. Check if the Administration Server is configured to use a proxy server on the Kaspersky Security Center server. 2. Try to clear the updates repository. Download the updates once again and check behavior. If you still have issues, Delete the Download updates repository task and create a fresh task.
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC server is not accounted for in activation code count [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Article applies to KSC13-15.1 Consider the following scenario: Open KSC MMC console; Go to Kaspersky licenses; Select KSC license. Devices on which the license key is active is zero regardless of fact that this key is assigned as active on KSC Server: Explanation In older versions of Kaspersky applications, several license key files were provided to activate
svc_kms

svc_kms in Known Problem

0
Known Problem

Machines' status doesn't change or events are not registering on Administration server [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. KSC13 introduced a feature that limits the frequent publication of events. In the event that the event storage overflows on the Server, the most common event in the storage is calculated, and such events are blocked when published on hosts. Problem: Machines have status "Virus scan wasn't performed for a long time" but the "Virus scan" task was started recently. Events that oc
svc_kms

svc_kms in Known Problem

0
Known Problem

Equality logic in subnet conditions of klnagent connection profiles [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Consider the following scenario: You have a large local area network 10.36.0.0/16. There is a managed device with the following IP config: IPv4 address: 10.36.35.10 and Subnet Mask: 255.255.255.0. You create a new subnet condition for klnagent connection profile: 10.36.0.0/16. Actual result: The connection profile is not applied to the managed device. The reason of this behavior is equali
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC OpenSSL protcomp vulnerabilities [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. When running security analyzers on KSC server you may occasionally get warnings about outdated OpenSSL libraries. Normally these vulnerabilities can not be exploited as the OpenSSL library is used in a very specific way. If vulnerable OpenSSL libraries were found in C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\protcomp then there is actually no way to exploit it. Due to this fact this library is us
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC displays the message "you must install WADK" even if WADK is installed [KSC for Windows]

Problem You install latest Windows Assessment and Deployment Kit (Windows ADK) on the server where KSC is installed, but KSC console still shows message "to deploy OS images, you must install the Windows Assessment and Deployment Kit (Windows ADK) on the device that has KSC installed". Solution KSC doesn't see all the needed WADK components being installed. Because Microsoft is always changing components within their installation packages, we recommend to install all utiliti
svc_kms

svc_kms in Known Problem

0
Known Problem

Microsoft Store gets blocked when KSC is acting as WSUS [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.   Problem When you assign KSC as WSUS all hosts are not able to download anything from Microsoft Store. It is a Microsoft's design limitation. Description When KSC acts as WSUS group policy (GPO) "DoNotConnectToWindowsUpdateInternetLocations" is applied to the hosts. It is needed to prohibit hosts from downloading updates from the Internet (it is relevant for Windows 10/Server 2016). Such
svc_kms

svc_kms in Known Problem

0
Known Problem

Sizing recommendations for KSC for connecting VDI hosts [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Dynamic hosts require more KSC resources than regular hosts. When a new host is connected to KSC (and the dynamic host is considered new), an icon and a new entry in the database are created, full synchronization with the agent is performed, and the host moved to a group. When the host is deleted, all information about it is deleted as well. These operations consume a lot of KSC resources, while static
svc_kms

svc_kms in Known Problem

0
Known Problem

Q&As on the VAPM functionality of KSC [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. Which task is responsible for downloading third party Application updates? Updates metadata is downloaded by Download Updates to the repository task. Updates themselves are downloaded by Install updates and fix Vulnerability task. What is a source folder containing the third party application updates on the administration server? 3rd party updates are downloaded into the folder C:\ProgramData\Kasper
svc_kms

svc_kms in Known Problem

0
Known Problem

Fix vulnerabilities task fails with error 'Transaction became the database conflict victim: '1205, ...' [KSC for Windows]

Problem While running Fix vulnerabilities task, the following error can occur: 'Transaction became the database conflict victim: '1205, 'Lock wait timeout exceeded; try restarting transaction' , LastStatement='CALL vapm_arrange_task_updates(119, 0xC89EAD3312227039C9FAC933840D7936)' Solution Most possible, the reason of the problem is that you have Fix vulnerabilities task or tasks with a big number of vulnerabilities that should be fixed inside one task. For example, you scro
svc_kms

svc_kms in Known Problem

0
Known Problem

Computer description field is not updated on KSC console

Problem Computer description may stop updating on KSC console. It may be different from what is set on managed PC in computer properties. Solution If computer description field was changed on KSC side manually it will no be updated again. To enable synchronization with local description you have to delete the computer from managed computers group, then from unassigned, and add it back. In case it did not help check that the following services are enabled (set to automatic sta
svc_kms

svc_kms in Known Problem

0
Known Problem

Errors "0x52E", "0x200A" and "'Access is denied" when deleting a task [KSC for Windows]

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. These errors appear when the remote installation task of NAgent or KES with NAgent was created with the Assign package installation in Active Directory group policies option selected. At the first startup they start under the account specified in the New Task Wizard. If that user has access for creating domain policies and groups, the task will be completed successfully, and "GPO" and "Security Group" w
svc_kms

svc_kms in Known Problem

0
Known Problem

KSC and ROBOT attack [KSC for Windows]

This article explains ROBOT attack, RSA Key Exchange, OpenSSL and KSC. Explanation If you are running security analyzer and it shows that connections on ports 13000 (server-nagent traffic) and 17000 (activation proxy) are suspicious for a ROBOT attack, don't panic. Automatic analysis is not accurate. Run specific diagnostics to make sure that KSC traffic is actually not vulnerable. Examples: https://testssl.sh/ https://github.com/robotattackorg/robot-det
svc_kms

svc_kms in Known Problem

0
Known Problem

Issue with encoding of events transferred to SIEM by the KSC [Kaspersky Security Center]

KSC sends events to SIEM in UTF-8 encoding. If the events received from KSC in the SIEM system look unreadable, for example, like this: Тип приложениÑ: ÐеизвеÑтное приложение\r\nÐаправление: ВходÑщее\r\nПротокол: ICMPv6\r\nСтатуÑ: Разрешено\r\nУдаленныРIt is necessary to configure UTF-8 encoding in the SIEM system itself.
Stan Shpatar

Stan Shpatar in Known Problem

0


×
×
  • Create New...