Jump to content

rowebil

Members
  • Content Count

    32
  • Joined

  • Last visited

About rowebil

  • Rank
    Candidate
  1. Do they say "You can edit this setting in child groups if this is 'unlocked'? IF they are locked, they take precedence. Let's assume the main policy has WEB Protection enabled and I don't need that... Could I create a policy profile, and UNLOCK the WEB Protection? OR if the main policy has web protection disabled and I need it enabled -- can I create a policy to only target my PC and say "Web Protection" enabled, and then lock it so that this setting cannot be changed by parent policies? Actually, correct me if I'm wrong... Managed Devices has two policies. Under that, I have a group named WORKSTATIONS. A policy, active, and settings inheritance is set to 'force inheritance of settings in child policies'. On that policy, I can edit everything because there is no top level policy that is forcing it's settings (I disabled that setting within the 'Managed Devices' policy). I enable everything and everything is LOCKED. I go down to 'My Desktop' and look at that policy. Everything is locked... If I go back up to 'WORKSTATIONS' and edit that profile -- unlock the 'IM Anti-Virus' and apply, then 'My Desktop' policy can now turn OFF that protection because I have unlocked it. Is that the structure of it? So technically, it WILL work by setting policies in 'Managed Devices' which include basic settings, exclusions, etc,. and then in SERVERS and WORKSTATIONS have policies that inherit the parent policy, but then change the settings that I remain unlocked and then enable force child policies... and then have child policies in each group labeled 'My Desktop', Dad's Laptop', etc. I was hoping to have one main policy and then a second policy that has a setting that says "This only applies to My Desktop..." but it seems like Kaspersky was going for a hierarchy approach and not creating policies that ALLOW you to set which computers they belong to. Unless this is what a public profile does.
  2. In my lab environment at home, I have it set up so that in my KSC 10, I have nested groups. Managed Devices SERVERS AV/SQL Server (my KSC server) Workstations My Desktop Mom Laptop Dad Laptop I have a different policy for each computer... Each group (AV/SQL Server; My Desktop; Mom Laptop; Dad Laptop) has both the individual computer/server and individual Kaspersky Endpoint Policies and Network Agent policies. I know there has to be an easier way... I know in a real business environment, you'd have groups that would be similar but instead of a group consisting of one person's laptop, you'd have it labeled 'laptops' and have EVERYONES laptop in that group and that policy would apply to everyone's laptop. My struggle is that each computer requires different services enabled/disabled, exclusions, etc. I don't understand how inheritance works in my case... Let's consider by default, a policy is created in 'Managed Devices'. I create TWO groups - SERVERS and WORKSTATIONS. Of course, SERVERS will have different policies than WORKSTATIONS...ESPECIALLY laptops. If you go to policies, you can see the inherited policy. Go to 'Managed Devices', delete or disable, and now go back to SERVERS and the policy is gone. If you create a policy by copy&paste, the inherited policy will disappear too. Now, some servers have different HARD DRIVES where I don't want scanned at all... Some servers require extra AV scanning at night... Some need AV exclusions. How do I create policies that ONLY target specific policies? I'm an older user, but I read something that is new and they said you can crate policy profiles which is a named subset of policies... So would this be 'DISABLE MAIL' - and that would apply to all machines that would have mail protection disabled (they don't use email)? Then in my base profile - wherever that would be - I'd just have generic settings... default settings. Then for every device, I can set a policy profile which would say "My Desktop" -- and that would take the default settings and ALSO the settings on the policy profile? But what about all of the lock icons? They tell me nothing... For example, Workstations group. I can have a policy in there with the exclusion set for VMware Workstation. However, 'Mom Laptop' and 'Dad Laptop' don't need that exclusion... Bad example because it's just an exclusion that wouldn't really matter, but -- okay, here is a better example. My desktop PC is a BEAST. My Mom's laptop and my Dad's is NOT a beast. I do a lot of IT stuff and I'd like my anti-virus set to the max... because my CPU can handle it and I have enough RAM. I've tested this and there is no performance difference. However, there is a HUGE performance decrease with HIGH level security on my Mom and Dad's laptop. So that is why I created a group and policy for each individual computer. However, setting up policies can be a pain in the a$$ when you have SO many like I do. I'm not even done with adding devices... I have a lot of other servers. So HOW can I set this up so that ALL devices work on simple policies (let's say a policy that says 'Anti-Virus is ON, Web is ON, Firewall is ON, Self-Protection is ON, etc' and then with individual devices, I can select a different policy which would say "OH, he runs Outlook, so let's enable Mail Protection" -- without enabling mail protection on ALL of the devices like what would happen if I keep a policy in Managed devices and change that... then all of the child containers gets updated. I've been playing with this for over a year and I still don't understand how this OU works. I understand groups, computers, and policies... but not the inheritance of policies. I assume you set ONE main policy for 'managed devices', then you set a policy for the group with CHANGES and then LOCK/or UNLOCK (not sure which) the setting and now every computer within that group has those main policies from 'managed devices' and then also the policy in the group (for instance, a laptops group). Basically, how do I set different settings for different computers without having a group for each individual computer that requires a different setting from the rest? I wish I knew how the OU worked along with how inheritance of policies worked -- almost like somewhat of an example, or someone's configuration, etc. Then I'd be able to get the hang of it.
  3. It worked! So what does that mean? Maybe my version needs to be updated in KSC?
  4. Hi guys, I'm back again! I reinstalled Windows 10 on my computer and just attempted to install KES. The network agent installed perfectly fine, is running, and communicating. I attempt to install KES 10 (10.2.5.3201) and it doesn't do anything. I'm installing it from Kaspersky Security Center 10. It doesn't even show it's installing KES. It just stops and hangs at 50% and says Network Agent installed successfully. Kaspersky Endpoint is the most complication piece of software to update. I'm not sure if I'm on the latest software or not. I think right now would be a good idea to completely reinstall my Windows Server, SQL, KES, and Malwarebytes. UNLESS this is due to the most recent Windows Update. I reinstalled Windows 10 Enterprise from MSDN, and the ISO was updated back in March. WINVER is showing Windows 10 Version 1703 (OS Build 15063.250) Any help would be greatly appreciated. I am running and attempting to install the following: Running Kaspersky Security Center 10.3.407 Attempting to install Kaspersky Endpoint Security 10 for Windows (10.2.5.3201) on Windows 10 Version 1703 (OS Build 15063.250) I have a free weekend, a free night, and free next week. If there was already patches and updated software for all of this, let me know. I'd rather completely reinstall everything. This is for my home-use. I have a never-ending NFR license for this.
  5. Hmm, okay. So maybe if I re-run the task, it will realize I do not have Windows 8.1 anymore. The task doesn't run because it was removed during the KSC upgrade for some reason. I'll try it.
  6. I have OLD Windows 8.1 updates on my 'Software updates' page under Application Management. I do not use Windows 8.1 anymore. I have tried multiple times for a few days to select ALL, right click- delete, and they are still not gone. I am using Kaspersky Security Center 10.3.407 Any assistance? Are they using hard disk space?
  7. You have to download that package, extract it, and then go into the Security Console and add the installation package. When it asks for a file, point it to the folder you extracted the download to. Then you can just 'install' that on the selected machines through Security Console... it will install the new version over the old version. I don't know if it uninstalls the old or what... but you just have one Security 10 for Windows on that machine... the updated version in which you downloaded (step 1). It was a bit confusing for me, too... I had to learn myself, so I decided it was nice enough for me to actually tell you the installation process so you didn't need to learn on your own.
  8. Thank you -- this has cleared everything up! Also, like others have stated, it does still say 'maintenance release 2' on the description and on the actual application on the windows PC. It was a typing error as they mentioned.
  9. So -- my biggest questions -- After upgrade Kaspersky Security Center, should I not have seen a new installation package for Endpoint Security Maintenance 3? I have a Windows 10 machine that is not compatible with Endpoint Security 10.2.4.674. Installation hangs. It fails. We all know this. How do I get the Maintenance 3 package on to this machine? How would I add Endpoint Security Maintenance Release 3 into KSC Installation Packages? With the most recent version of KSC, I attempted to extract KES but it is still 10.2.4.674. This is very confusing. I expected to upgrade, have new installation packages for KES, and then easily create a group task to install the new KES. After installing the update, I DID have new installation packages for network agent... I WAS able to install that version on all machines successfully... I just am wondering why I don't see maintenance 3 in the installation packages. Also, I went into KES on the OLD Windows 10 release and it still says 'Maintenance Release 2' but does confirm new version number. So the update through application management worked... but I already had 10.2.4.674 installed. I cannot do this with my new Windows 10 Anniversary Update machine because 1) I do not have an installation package in KSC to do so, 2) I cannot install 10.2.4.674 to then update it through app management.
  10. I was able to update the network agent, but I'm confused on why the Maintenance 3 Endpoint Security is NOT in the installation package on my KSC... I tried to add it, but Kaspersky Labs does not even have it listed so that I could download it. How do I get this new version into KSC so that I can easily upgrade all the machines? I tried to add an .exe but it is not doing anything on the machine I'm trying to update. It says setup started, but that machine is more idle than ever. I want a 'distribution package' in KSC so I'm not dealing with .exe files... How is this possible? I can try to select a kud or kdp file, but it shows version '10.2.4.674' on both files. I extracted this from the new 'setup10.3.407full_en' and I'm still getting 'KES_10.2.4.674'. If I add new machines - how do I install the newest version? That is what I'm confused on. I was expecting to update KSC and see the new packages. Network Agent is the only package I see that is new. I'm just concerned that something didn't update. I could always go into Application Management and approve the update for my OLD machine... but I have the Windows 10 Update machine that I cannot install anything but the new KES... but the only available installation package I have is an old one which is not compatible... So I basically need to install old version and then update it through app management... but old version won't install because it isn't compatible with the new Windows 10 update.
  11. So I updated the Kaspersky Security Center server... new GUI, etc. However, how would I update the Kaspersky Endpoint Security 10 version? It is still 10.2.4.674. It just created a copy with an underscore _1 at the end. Was it supposed to update this? Network Agent is 10.3.407. To this day, what is the most current version of Kaspersky Security Center, Network Agent, and Kaspersky Endpoint Security 10 for Windows?
  12. It looks like I'm not able to attach the HTML file. Here is what it says... Kaspersky Endpoint Security 10 Service Pack 1 Maintenance Release 2 for Windows 10.2.4.674 Kaspersky Security Center Administration Server 10.2.434 Kaspersky Security Center Network Agent 10.2.434 What is the best way to update all of these? I do not mind reinstalling. I'm a bit OCD about updates. If it was up to me, I'd literally reinstall the OS and DB, and then reinstall... however, that is too much work. So do I run the new KSC installation package? Also, once it updates, is there any tool to run to verify everything is working as it should be and the integrity of the files are 100%?
  13. This is a very newbie question -- I am still running this in a lab environment. I have yet to update it... but not wish to because of the Windows 10 Anniversary Update conflicts. I am curious on how to update everything. Is it done manually? As in I have to redownload Kaspersky Endpoint ISO? OR is it done within Kaspersky Security Center Console? This means, I wish to update Kaspersky Security SERVER, Kaspersky Security Center (console), and the Installation Packages. Currently, I am not able to run the Windows 10 Update due to an old version of Endpoint Security 10. I heard there was an update... but I don't know how to update Kaspersky Security Center AND the Endpoint Security 10 for Windows PACKAGE so that I can update the clients... I appreciate the help. I know this is a very newbie question... so please bare with me as I'm still currently learning this software. Regards
  14. For me, I had to change which user account started the SQL Server service. I selected the local Administrator. Then the backups started to function as properly.
  15. EDIT: It looks solved. I changed Kaspersky Server Service and SQL Server to Administrator...
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.