Jump to content

thewild

Members
  • Content Count

    80
  • Joined

  • Last visited

Everything posted by thewild

  1. OK, so what's the way to go if one wants to use a mysql database. Re-installing KSC from scratch is not a problem for me, I just want to move it to another server (and not use sql server anymore). Also, is there a way to backup and restore only policies ?
  2. I just tried this now (incredible coincidence), and it does not work. 'incompatible database version' is the error from klbackup. I wonder I could do this conversion manually...?
  3. Are you kidding me ? Okay, I'm upgrading right now, and I can tell you the problem will remain. So in 30 minutes you'll be able to giv me support, right ?
  4. Hi ! I try to find it just to see whether it is used or not (to check its size and its modified date, for instance). Versions : KES 10.2.1.23 (a) KSC 10.1.249
  5. Hi all We are running KES 10 on Windows 7 Pro workstations, managed by KSC 10. We have a weekly scan setup, and on all workstations it looks like all files are analyzed, whether changed or not since last scan. So these scans take ages, and our workstations slow down to a crawl. I double (triple, and quadruple) checked both File Antivirus policy and Scheduled Scan task policy : both have iSwift and iChecker enabled, and "Scan only new and changed files" is also checked (why does this option even exist when there is iSwift and iChecker ??). I have searched after the iSwift database on client computers but haven't found it in windir\system32\drivers. Is it somewhere eles ? Thanks for your help !
  6. OK thanks for the information. Why do I have this "fix vulnerabilities" option in KSC ? Is this something different ? Also, how then can I prevent vpam.exe from running on client computers at all ?
  7. I think we have a "core" license. But the functionality seems to be present : when selecting the vulnerabilities to look after and to fix, I was presented with a list of many vulnerabilities for third party applications (i.e. java, flash, mozilla products, etc., exactly the ones I'm looking for). The problem is that I am asked to select single vulnerabilities (I selected all the vulnerabilities, there were hundreds of them and I had no way to easily select a subset), I can't find a more generic approach like "find and fix all current and future vulnerabilities for Mozilla Firefox". PS : I just checked our license, it is "Kaspersky Endpoint Security for Business - Core European Edition"
  8. Hi ! I found this thread looking for an easy tutorial to push third-party application updates to our workstations, but the link given above is a 404. I did a quick search on this topic but it seems that everything I find is about "windows updates". I want to push updates for very specific third party applications (i.e. Firefox, Thunderbird, Adobe Flash, Adobe Reader and Java). Where can I find a way to configure this ? I tried a simple "find vulnerabilities" task, but it asked me to select specifically which vulnerabilities I wanted to fix, and in the end it only installed a Windows Update. I don't want KSC to manage Windows Updates, only updates for the aforementioned softwares? Is this possible ? Could you point me to a tutorial for doing this ? Thanks !
  9. I mean it doesn't exist at all, as far as I can tell. Under "managed computers -> tasks", we have one KES update task, and one KES scan taks. Under "administration server tasks", we have one KSC update task and one KSC backup task. Under "tasks for all computers" (translated from French, I don't know the exact name), we have one installation task for KES (manual). That's it, I don't see anything related to Network Agent. I confirm that we have no policy defined for the network agent. I have never wondered about network agent policies, I'll look into this. Creating a policy without changing any option should leave the current functionalities untouched, right ? Or workstations' Windows Update settings are currently defined via a group policy, we want this to stay untouched for the moment.
  10. OK. No such task in KSC. I will upgrade this specific workstation first and see if it helps.
  11. No, it does not describe our case. There is no task running, and the problematic process is vapm, not klnagent. Network Agents (and KSC) are version 10.1.249 on all workstations, and KES is 10.2.1.23. I will think about upgrading the agents, but a quick fix would be nice. We've been running with this configuration for quite some time and never had this problem.
  12. Hi, thanks for your answer. It happens some time afterward. I cannot tell you what did trigger this exactly, but nothing unusual in any case. The only active components are File Antivirus and Internet Antivirus, on all our workstations. Some other components are installed but disabled (we never enabled them, we just installed them in case we changed our mind). Another user just reported another issue. He had a system warning about low memory (very strange for a workstation with 8GB ram). I checked his processes and he had a vapm.exe process eating 3GB of ram. No task was running in KES (as I already mentionned, we only have a weekly virus scan on mondays and an update task every 4 hours). I checked his configuration and the strategy was correctly applied : everything disabled but File Antivirus and Internet Antivirus. We are using KES 10 MR1. PS : nothing unusual in system event log either. Edit : I just rebooted the other user workstation, vpam.exe is still running. Not taking a huge amount of ram at the moment, but it should not be there at all IMHO.
  13. Hi all I witnessed slowdowns on my own workstation today (it happened before but I could not find where it came from). It appears to be vapm.exe taking a very high amount of CPU and HDD time. In our strategy, Application Control is totally disabled : We have no task running it either, we only have one virus scan task and one update task. Could you please explain how to solve this ? CPU impact is not acceptable, we really need to disable this. Thanks !
  14. Hello ! Yes, we are upgrading from KES 8. Thanks for you link. It says this will be fixed in the "Critcal Fix 1". Checking the beta releases forum, I see that the upcoming "Maintenance Release 1" still has this issue. Wait and see... Thanks for your help !
  15. Hi all ! We just upgraded our Admin Kit from KSC9 to KSC10, and I tried deployment KES 10 on a client workstation which was previously running KES 8. Everything went fine, but after the initial reboot a window popped up on the client workstation asking for an activation. I just had to click on "next" and it was done, but I don't want the end users to have to do that. I expect the installation process to be totally silent and to require absolutely no action on the end-user side. How can I prevent this window from being displayed ? Thanks a lot !
  16. I can confirm that scavenging is on, I just checked. I always use Active Directory scanning in fact, the other ones just don't work. After some more tries, I think that manually installing the network agent is the way to go. IMHO, centralized deployment is not working well in KSC9 (same as in previous versions actually, it never worked well)
  17. There is only ONE software on the whole network which doesn't know, and it's KSC9 !!!
  18. I don't think this could happen. We have DHCP configured for automatic DNS updates, and whenever a new IP address is attributed to a computer its DNS records are also updated. I never had problems of ghost records in the DNS server Maybe I was missing this second step indeed ! Will try that now. Still, the problem with that is that I have to wait for a network rescan. I can trigger it manually, but it still takes some time. That's a shame since I know (and the system knows) the right IP address for this computer...
  19. Why would my DNS entries be messed up ? The computer gets a new IP address, but DNS updates work fine. As soon as it's back online forward and reverse lookup are fine from any computer on the network. Actually, if I install the agent manually, it works (tried it yesterday). But usually we deploy the agent together with KES, and that's what does not work. Removing and redetecting the client does not work either. It is redetected with the same IP address, and detection via IP range does not work at all (I don't know why). We reinstall with images usually (barebone images, only Windows and updates are included, no other software), but now we deploy Windows 7 so we install from scratch. No recovery or sysprep, just clean normal installations. As I sais previously, we do not install NA manually, we deploy it from KSC9, which in this case does not work well because of our IP address "cache" problem... And as I said, if we install NA and specify the server name, it works just fine. Thanks to all for trying to help, that's very appreciated !
  20. On the administration server, the IP address in KSC9 is not the one I have when I ping the computer name. And I can't find a way to force KSC9 to update it. That's the whole point of my post actually. Yes, I find it hard to believe too, but what else ??
  21. Just tried our typical "re deployement" via IP adresse : it still does not work ! It looks as if KSC9 even has reverse DNS cache !!! I try to install to the IP address of my freshly reinstalled workstation, but SC9 translates the IP address to a computer name that is different from what it should be ! I double and triple checked with nslookup and ping / ping -a, and all come to the same conclusion : SC9 really has a problem with DNS caching !!!
  22. It is in the same subnet. Installing via IP address is an option, indeed.
  23. We don't use sysprep, we perform normal installation then image our computers. We just restore the image when it is needed.
  24. OK I understand then. Do you mean then that the long delay for computers to reappear under "unassigned computers" is normal ?
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.