Jump to content

robertmac

Members
  • Content Count

    24
  • Joined

  • Last visited

Posts posted by robertmac


  1. Hi Ebesonic,

     

    Kaspersky Endpoint Security 8 has a web filtering component that might do what you need. it can allow/block sites based on category (the usual categories are in here)

    you can deploy/manage it with Security Centre 9, its called Web Control and you can modify it using a policy

     

    its quite customisable, you can block categories, files, videos, sound, archive file. the rules can have time restrictions and you can also enforce with Active Directory security groups. you can even block Javascript and style sheets for some sites if you wish.

     

    not sure exactly if that is what you are looking for or not ?

    its worth a look if you hadn't considered it before

     

     

    Robert

     

     


  2. Why can't you just remove that windows group from the permissions list?

     

     

    sorry forgot to say on my original post, the 2 virtual servers I denied the windows group on have disappeared from the list of virtual servers so I cant edit the permissions to un-deny the group.

    that would have been the first thing I did if I could see the virtual servers to edit.

    this is why I am looking through the security centre database trying to find where the groups deny or allow are set.

     

    thanks for the suggestion

     


  3. Hi,

     

    I appreciate I probably wont get an answer to this here but thought I'd ask in case anyone does know before I go to Kaspersky support directly.

     

    I use Security Centre with multiple virtual servers in it. (service provider edition)

    the problem I have is that on the security permissions of the virtual server I added a windows group to the permissions and set it to Deny.

    this seeems to have had the effect of denying access for everyone to that virtual server rather than just the group that I intended to Deny.

     

     

    obviously its going to be a setting in the database as oppposed to a file level permission but I searched a lot of the tables in the batebase and cannot figure out how the access is granted/denied so that I can un-deny the problem group.

     

    anyone got any clues ?

     

    thanks

     

    Robert

     


  4. I've not come across this before but it is annoying me now as nothing I have tried has worked.

    I am using the Service Provider Security Centre, but I dontt beleive the problem is related to that.

     

    what is happening is, the agent and Endpoint 8 are being installed onto a WinXP workstation.

    the agent connects to the security centre and reports itself as being installed, however it will not report that Endpoint is installed and therefore I cannot apply licenses/updates etc or run tasks that are relating to Endpoint because it believes it isnt installed.

    checked the registry location at HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\Components\34\1103\1.0.0.0\Statistics\AVState

    and the values there also dont believe that Endpoint is installed/running or does ithave any bases downloaded.

     

    "Protection_AvInstalled"=dword:00000000

    "Protection_AvRunning"=dword:00000000

    "Protection_BasesDate"=""

     

    I am led to believe from other posts that those 3 values are important to what is reported.

    I cant set them because they will revert back to 0/blank when it next Syncs.

     

    I've completely uninstalled it, reinstalled endpoint and agents, no dice.

     

    I had a cunning plan that I could license it manually and then run an update, but cant do that.

    it licences ok but says databsaes are out of date.

    so I tried to create an update task but there are no update sources and clicking Add to add one does nothing at all.

    even when I manually try to choose a region, it has the region drop down greyed out.

     

    I've never had so much bother trying to get one of these working before.

     

    I would initially think it is a client PC problem but all the workstations at this office have the same issue, which sort of indicates a server side problem or bad packages but the endpoint package is used for other customers without any problem.

     

    anyone got any ideas or pointers ?

     

    if you need more info, let me know and I shall provide :)

     

     

    thanks

     

    robert


  5. I'm using Windows 7 x64 with 4Gb of RAM and Endpoint 8. no noticeable slowdown over KAV 6 MP4

     

    the times I have seen performance hits like you describe are when there is either existing AV software installed already or when the machine has been infected previously and some files/drivers are left behind.

    either of those 2 can cause major slowdown on your machine, checking CPU time and RAM usages would show nothing unusual.

     

    have you ever run a GSI before to gather a report ?

    it would identify any known incompatible drivers/software

     

     


  6. I know this can be done from the client computer but is there any way to remove additional license keys from a clients computer via the Security Centre ?

     

    reason I ask is because I accidently deployed an additional key to a client and I want to remove it before it goes into use.

    but dont want the hassle of having to either connect to each machine individually or by asking them to do it since we manage their AV for them.

     

    be nice if I could just create a task to remove/blank out the additonal keys for all or some PCs.

     

     

    anyone know if this is possible ?

     

     


  7. if the firewall is off and there are no firewalls between you and the Kaspersky server then it isnt likely to be a port blocking issue.

     

    are you trying to get it to connect to your SQL server ?

    tcp/1433 is MS SQL Server and it isnt configured to listen for remote connections by default.

     

    if you are trying to configure something else to listen on that port you may experience conflicts and problems

     

    this ms kb for enabling it for sql 2005 should point you in the right place if you are intending to publish SQL server remotely

    http://support.microsoft.com/kb/914277

     

    if you are not trying to publish SQL server then I would pick a different port number for what you need.

     

    hope that helps some. if not, can you expand on what you are doing and I'll help as much as I can

     

    robert

     

     

     


  8. Hi,

     

    now I'm not a mac Expert (yet) so I thought I'd ask where I'm more likely to get pointed in the right direction.

     

    I've installed Endpoint Security on mac (OS X 10.6.80), this is managed from a security centre and therefore has a policy. (I posted this here since it is more Mac related than it is Security Centre related)

     

    as soon as Endpoint finished installing, the Mac became near unusable, safari was next to useless. Outlook for Mac 2011 appears to hang.

    the only thing I can compare it to is when Kaspersky AV was installed onto a Windows machine where AV software already was installed and then you suffer extreme slowdown.

     

    as this mac isnt nearby I cant physically access it to check it so I have to connect remotely but cannot do this in the current state so I had to ask the Mac owner to uninstall Endpoint which then brought the mac back to life.

     

    is this a familiar sounding experience to anyone ?

    and if so, any pointers as to what to look for to help troubleshooting on a mac ?

     

     

    thanks

     

    robert

     


  9. regarding server 2008 R2 antivirus, I have been using the 'regular' Kaspersky Antivirus for Windows Servers 6.0.4.1424 builds. will be moving to endpoint when I get round to doing some install testing etc.

     

    I assume when you say what is the best antivirus, you meant which is the best Kaspersky product for you ? :-)

     

     

     

    if you are looking to manage multiple machines like Ali.nejad, then I would be looking at the Security Centre. It will make your life a lot easier in understanding the status of all your machines in 1 place.

    plus then you only need to download updates once and the Security Centre will deploy them across your managed nodes.

    currently, you are most likely downloading 15 sets of updates at each update interval for your windows 7 pcs, and then adding more will add more updates.

     

    the Security Centre isn't that difficult to use and when it is configured with tasks and notifications you can almost leave it alone.

     

    hope that helps a bit but ask whatever you need to know


  10. I'm testing Kaspersky Endpoint Security 8.1.0.646 before a big rollout (to 600 + desktops/laptops - big for me, anyway!).

     

    One of my test desktops is reporting software vulnerabilities in applications that aren't installed on it.

     

    I'm seeing a report of SA45397 in FlexNet Publisher 11.x and of SA37563 in Adobe Illustrator CS4 14.x

     

    Neither of these applications is installed at all.

     

    The computer also now shows up as being in the Warning status with the status description being "There are unprocessed objects".

     

    How can I identify what is causing these incorrect reports of applications that aren't installed, and resolve the status back to OK?

     

    Flexnet is used in some Adobe products for licensing so you may have flexnet components on your systems.

    flexnet is used for licensing in number of products, I have come across some CAD software that also uses it.

     

    assuming you are using the security centre, does the unprocessed object repositories have anything in them related to flexnet or adobe paths ?

    that may explain the unprocessed object flag

     

     


  11. Hi Robert thanks for your reply and I checked telnet connection and it is OK :) LOGS show that all of them about is DNS but I changed my SMTP'S DNS but error still ok. and please HELP me and more detail I can give for you. :(

     

    Hi,

     

    from the Kaspersky dialog box you got with the net send error, it says the message was sent successfully so I think we can skip troubleshooting the actual smtp connection since that would appear to be ok, otherwise the message would have been different.

     

    are you delivering to an internal mail server or a public internet one ?

     

    if its internal , what mail server software are you using and do you use any anti-spam software on this server that could have removed the message ?

    is the destination mailbox setup on this same server or are you sending the mail to another domain/address, if it isnt then there could be a problem relaying the message elsewhere.

     

    forgive me but I'm not sure when you say the logs say they were about dns, do you happen to have a snippet of the smtp log showing the server accepting the message?

     

    if you have any sort of method to track mail, ie, MS Exchange Message tracker, then it will tell you what it did with the mail.

     

     

     

     

     


  12. I am taking this error now and I can't see any mail on my mail box :(

     

    from that notification, it looks like the mail was sent successfully, and it was just the net send script that failed as I thought.

    do you have access to the mail server it is sending to ?

    just for checking its inbound SMTP logs to see what they say.

     

    have you tried using telnet to diagnose the mail connection ? (or using any tool that can show you the raw dialog for4 the smtp conversation)

    this will help to show you if the mail server is returning any messages that tell you what is wrong.

     

    I assume that the security centre will show an error if there is any problem delivering mail as I think from memory that a test email comes through to complete the test.

     

    smtp logs and message tracking (of some kind) will give you some clues as to where the notification has gone. smtp logs will at least show it was accepted and assigned a queue id

     

     

     


  13. Hello guys,

     

    We have a SMTP server and we created a mail box (kaspersky) on it. And our other building has an Administrator Kit 9 Kaspersky Security Center so We wanna take an email from here to our mail adresses but I am pinging my SMTP server IP address but when I click to TEST button, I am taking double Ok green but 1 error (Net SEND error ) :(

     

    What is the problem ?

     

    Please help me :)

     

     

    sounds like the test is also trying a NET SEND , hence the net send error

    edit the task, untick and untick 'Use NET SEND' then try and run the task again.

     

    I assume you are still receiving the email despite the error ?

     


  14. noticed this with Mac 'packages', again not sure if this is by design or not.

     

    since I cant create a standalone mac package, I cant seem to create a deployment that is preconfigured for our Mac clients.

    none of them are on our LAN so we cant push the deployment to them, same goes for the Network Agent

    we can give them the Agent installer but it needs configured after install to ensure it connects to a server.

     

    what I would like is to give them an installer that has a preconfigured Agent / Endpoint , much like how the windows agent package works.


  15. yep, I have noticed it doesnt work currently.

     

    I wasnt sure if it is a bug with SC, a bug with the mac package or just how it is intended to be.

     

    just makes things a little more difficult for us as we are a service provider who provide our customers access to their own server via Web Console and let them download software themselves to install.

    however in the case of mac, it seems we will have to package it ourselves and make available in another way for the end user to download via web

     

    wouldn't suppose you have any idea if this will change in the future as if we update the mac package we will need to update our package, plus we will need to keep a different package for each customer (in terms of virtual admin server) simply because a single package would assign them all to 1 virtual admin server

     

    thanks

     

    robert

     

     


  16. I know I can deploy the network agent and/or endpoint manually to the mac and it will appear in security centre.

     

    again , my question is. Can you download it from the web console for deployment as you can with the windows endpoint.

     

    if you havent dealt with the web console, it is essentially an apache webserver provider web access to some of the security centre functions

    but it also allows you to download any package that has been published to the virtual admin server that you have logged into.

     

    so when we publish windows antivirus or endpoint, we can give the customers a URL whcih downloads the package which is ready to run.

    I want to know if we can do the same for mac endpoint, because at the moment it doesnt appear in web console and therefore we cannot get a url to give to our mac customers for download and installation.

     

    I've not dealt with 'regular' security centre yet, just the Service Provider Edition which has the web console (assuming normal security center doesnt have a web console.

     

    unless someone has used webconsole / KSC 9 / mac enpoint together they may not be able to answer my question.


  17. I've had a little search but cant see anything on this subject specifically.

     

    Can Endpoint for Mac be published into the web console for downloading and deployment ?

     

    I can add Mac endpoint to the repository and to the clients virtual admin server for management but it doesnt appear for them to download via the Web Console.

    so they only way I can think to get it to them, is to zip up the folder and send it to them for install rather than simply download and run from the web console

     

    I believe it doesnt appear in the web console because the package in Security centre doesnt have the option to 'Create Standalone Installation package' like it does for the windows package.

    I could be wrong with that assumption though

     

    any help or ideas appreciated

     

    cheers

     

    robert

     


  18. Hi,

     

    I have this problem of update. I disabled the updating so now it's ok. My problem... how to detect how many post are infect by this problem. We have maybe more than 1000 machine in our park, so i can't enable the updating and wait for the users call me and tell me "so i'havve this message error..." (i'have just one phone ^^) My question: It is possible to check a ".dll" or ".ppl" on my park, to see the machine who are impact by this error...?

     

    Thank's

     

    Mikael

     

     

    do you use the Admin Kit ?

    what I've been doing is just deploying the fix to all machines in the groups regardless of whether they are broken or not and after that (although I've been finding that most of the machines are not updating), I then start a global update task.

     

    its been working for me so far.

     


  19. My company recently purchased 70 licenses for the Kaspersky Business Space product. We received an email with our license keys, and installed the software on our servers and workstations OK. But we also received another email indicating that we were entitled to install Kaspersky Anti Virus on our person PC's as well. Attached to this email was a text file containing activation codes. What product are these codes for and how do we install it. I tried downloading and installing Kaspersky AV version 7, but the activation code from the text file that I tried didn't work. It said I was using the wrong product. Are we supposed to install the version 6 product on our person PC's?

     

    the code will most likely be for KIS (Kaspersky Internet Security) , we have given that deal to some of our customers and its the KIS product that they need to install at home.

    I also use KIS at home using one of these types of licenses.

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.