Jump to content

aalbrecht

Members
  • Content Count

    48
  • Joined

  • Last visited

About aalbrecht

  • Rank
    Candidate
  1. Ahh now I found it, I knew this event notification had to be hidden somewhere, never thought to right click on the actual admin server lol. Thanks!
  2. Here are the 4 different event types configured in the Light Agent policy for the admin server:
  3. I'm trying to fine tune the e-mail alerts I receive from Kaspersky, but there is one message I get that I can't figure out how to turn off: I can't find where I go to uncheck this event from being sent as an e-mail alert. This alert is generated every time any computer shuts down or reboots, so it just causes a lot of unnecessary notifications. I'm assuming this should be under the Administration Server's policy, but none of the Critical events I have set for generating an e-mail seem to match up with this alert. Is it named something other than "Computer status is "Critical""? I've also looked under the policies applied to the computers, but still can't find any event type that correlates to this specific message. The Kaspersky Administration Server is a VM running on KES Light Agent 3.4.44.194 which is where I would think this event notification should be located, but I've checked all policies and can't find anything that matches.
  4. The particular computer in the message I posted is running KES 10.2.5.3201, (most of our computers), but I do still have some running 10.2.2.10535 and 10.2.4.674. As far as what files I want to delete I'm not looking for anything to do this automatically, but I'd like to see what the file is and delete it manually after receiving this alert. The alert I posted is just one of a few others I've been getting, most look like programs the user downloaded intentionally that may either be causing a false positive with Kaspersky, or could be something that needs removed. In most cases I'll probably remove the files, but I don't want to do this automatically just in case it is a false positive for a different file that a user may need.
  5. I recently setup e-mail alerts in KSC and have been getting a lot of the below messages from a few computers: Event "Probably infected object detected" happened on computer ****-**** in the domain *** on Tuesday, January 10, 2017 5:35:34 AM (GMT-08:00) Result: Detected: not-a-virus:WebToolbar.Win32.Asparnet.gen User: ***\****-****$ (Initiator) Object: C:\Program Files (x86)\askpartnernetwork\toolbar\apnsetup.exe Usually if Kaspersky detects a virus it shows up in KSC's 'Unprocessed Files', but the above objects aren't so I'm not sure how to respond to them, (without going to each computer physically). Is there a way to remotely clean or remove these programs from KSC? It looks like it's just a browser add-on, but I'm getting about 10 of these alerts at a time for each computer. Also, is there a way to tone down the e-mail alerts so I only receive one at a time for each computer?
  6. I can't get Kaspersky to install on my own workstation, I haven't had this problem on any other's at my company so I guess it is just plain bad luck on my part. When I try to install Kaspersky, either from KSC or a stand-alone package, I get the same fatal error message: Kaspersky Endpoint Security 10 for Windows Setup cannot be performed, because a third-party application is already installed on the computer: 360 Safety Guard / 360 Antivirus / 360 Safe Defender. This is a relatively new PC and have no clue what that software is, so I'm assuming some other software is triggering this error. I tried to follow these instructions to skip this check, but even though I've given myself folder permissions in the share folder, it won't let me edit the .kpd or .kud files. Even if I copy them to my computer, edit, then try to copy and paste over it won't let me. Edit, I was able to edit the .kpd and .kud files, but the installation still fails with the same error. How can I get around this? Any idea what software would trigger Kaspersky to think it's this '360 Safety Guard' software?
  7. I'm getting lost trying to figure out Kaspersky licensing, and I'm not sure what's going on with Kaspersky's phones but I was on hold for an hour trying to get through to get this answered but gave up. I asked their tech support but I'm not sure their answer was correct so maybe someone here can help me out. I have a bunch of virtual servers that I want to install light agent on and run a Kaspersky SVM server. I believe the license I need is KL4251AAPTQ (https://www.cdwg.com/shop/products/Kaspersk...PTQ&pfm=srh) So a couple things are confusing me - first is that some licenses say 'License + Maintenance', some just say 'Maintenance'. When I called Kaspersky tech support they said the 'License + Maintenance' basically adds premium support, is that true? One would think Maintenance is if you just need to renew an already existing license, and if you don't yet have the license like myself, I would need Lic + Maint. The person I spoke to from Kaspersky said Mainenence would be fine, but again, the way it's worded is confusing and the prices are really far off between the two. My next question is I saw another license called "Security for Virtualization, Core" This one is significantly more expensive. Is this licensing the physical host's CPU cores, and if so does that mean I'd have an infinite number of Kasperky licenses within my virtual environment as long as all CPU's are covered? That is how I Microsoft's licensing works so I'm not sure if this is the same, but if it is I'd much rather go this route than licensing each individual server. This would be cheaper in the long run, but I can't find anything on Kaspersky's website that even mentions this license. One more thing, does the SVM server need its own license? And do I need an SVM per physical host, or will just one be fine? I have 4 hosts in a VMware cluster.
  8. Am I the only one that hates the new color scheme? I know it may sound superficial, but the new scheme puts a lot more strain on my eyes. There's way too much white and not enough darker colors to provide contrast. I thought the old design was very good, not sure why it had to be changed.
  9. What about setting up a slave administration server in the DMZ, would that be an option for getting laptops to connect with KSC? If I were to do that, how would I configure the laptop's policy to use the internal KSC (master) server, or the slave when off the network? Or, would I just always have those laptops point to the slave server? The main hurdle I face are the laptops that never come back to our network. Even if they were downloading updates directly from Kaspersky, I would never know about it because KSC is never getting updated. This is why I'd prefer Kaspersky move KSC to a cloud hosted solution - which would be worth paying extra for if it was offered.
  10. I'm not real sure how to do this exactly. I found the option to choose "Out-of-Office" policy, is that all I need to do? I couldn't find anywhere to setup a different update source. I'm assuming I just do this on the Endpoint policy, the network agent has the "Out-of-office" option greyed out. If I'm correct, KSC cloud would be a lower tier than our current business select licenses right? I don't want to lose Application control or System settings, or any of the granular control I currently have with KSC, I just need a better way of managing laptops, especially if we have more people using Surface Pros with a docking station as their primary system.
  11. How do I do this? Do I need to copy the existing policy(s) but check the 'out-of-office' dial, or do I just edit the existing policies? Where do I set the update source? Should I be editing the policy for network agent or endpoint security? I'm also assuming this would only let them download updates, but those devices still won't be talking with KSC. This is where a cloud solution would help because many of these laptops don't hit our local network for months at a time, so even deploying this new policy isn't going to work until they come back in. Does Kaspersky have any plans on making a hosted version of KSC? That would fix the mobility problem, but right now the only cloud solution has extremely limited features.
  12. I have a KSC deployed and have been using it for a couple of years and like it, but the one area of problem are employees who keep their work laptops at home for extended periods of time. These laptops basically never get any updates because they aren't on the local network. What is the best way to handle this? A lot of other firewall companies are going towards a cloud solution so I'm wondering if Kaspersky would do the same, say a cloud hosted KSC that can connect to our devices regardless if they are on the local network. If that sort of thing isn't in the works then what would be the best way to ensure laptops are getting updated? Is it possible to create a downstream KSC server in the DMZ, similar to how one might do with WSUS servers? We're getting a lot more people who would prefer using a Surface with a docking station, so this issue is becoming more of a problem as I have no way of updating these when they are off of our network.
  13. Sorry if this is answered in another thread already, but is KES10SP1-MR3 the only version that will support Windows 10 build 1607 (The anniversary update)? If there is another version or a hot fix please let me know what version to look for.
  14. I just reinstalled a new SVM, created new policies, tasks, etc and reinstalled Light Agent on the VDI master image and I'm running into the same problem as before; After a VDI reboots KSC creates a duplicate in 'Unassigned' with some random numbers appended to the end. This new VDI in "Unassigned" seems to be associated with that VDI, while the original that I put in the VDI Group isn't - with it saying the agent is off. The end result is that the rebooted VDI clients have Kaspersky Light Agent running, but no policy is applied since it's basically sitting in the "Unassigned" group. Any ideas?
  15. I do have "Enable dynamic mode for VDI" and "Optimize settings for VDI" both checked in my network agent's install for the VDI clients as mentioned in the guide, other than that I can't figure out what I'm doing wrong. I'm going to create a new installation package from scratch....where can I download the latest Network Agent? The version I have is 10.2.434 which I believe is the latest version, but I'd like to download a fresh copy anyway just to be sure. I did notice I was using an older version of Light Agent, I was using version 3.2.0.381 instead of the latest 3.4.4.194...so I hope maybe that resolves my issue. But I suspect the issue has to do with the network agent so hopefully rebuilding the installation package fixes it. I can't seem to find the link for downloading the network agent by itself, or is that normally included with KSC?
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.