Jump to content

sgatke

Members
  • Content Count

    57
  • Joined

  • Last visited

Everything posted by sgatke

  1. sgatke

    Successful test

    Dear Kaspersky Lab Thank you for offering this excellent tool making Office 365 more secure. I signed up for the beta and completed the scenario. One piece of feedback was that the Information Pane did not update or refresh automatically. I did not see infromation until I pressed F5 in the browser. I am using Chrome as browser. Sincerely, Simon
  2. Hello Kaspersky We have an issue with our KES Cloud, workspace ID: e5b2c46b-145e-4cad-84b7-e2874dac494d I clicked Publish on the MR3 package, but existing Windows clients are not updated. Version information on the clients keep showing MR2 (10.2.4.674) Could you please help by telling med how to push updates to clients? Thank you. Here is a screenshot of Distribution Packages:
  3. If you want to test protection on fileshares, I can recommend to download the (free) tool 'AEC Crypt'. Install it on a client then right click on a folder on a shared drive and select Encrypt. When I tested, I managed to encrypt 5 files before protection kicked in - then connection was dropped and the 5 files were restored automatically and the client was denied access to the file server for X amount of minutes. Quite brilliant :-)
  4. I can see there are numerous topics on how storage is used when utilizing patch management. However, I am still at a loss on how big a KSC 10 server should be, storage-wise. I have a small test network with about 10 nodes on it (a handful of clients and a handful of servers). KSC is configured to work as WSUS server. Using KLSRVSWCH.EXE I have configured a folder on D: drive to where patches are stored. Currently, this folder takes up 82GB of disk space. At the same time, a lot of space is consumed on the C: drive in the c:\programdata\kasperskylab\adminkit\1093\.working folder. Currently, 74.4GB which now means the C: drive is full - a situation I don't recommend :-) I would like to understand how space is consumed so I am better able to plan for this. So hopefully you can help me by answering these questions: - I assume patches (both Microsoft and 3rd party) are downloaded to the folder on the D: drive - correct? - When I create a task to install a given set of updates to the clients (or servers), packages are 'built' which are stored in the \adminkit\1093\.working folder - correct? - How is the \adminkit\1093\.working folder maintained? I mean, does KSC 10 perform some automated cleanup tasks? If so, when? - Is there any way to trigger a cleanup of the \adminkit\1093\.working folder? I have tried deleting all 'Install required updates and fix vulnerabilities' tasks, but still after a couple of days there are no space recovered. - Is there a supported way of manually cleaning up the \adminkit\1093\.working folder if we urgently needs to reclaim space? I have tried stopping all Kaspersky services and manually deleting selected files from\adminkit\1093\.working folder, but when I reboot the server, space is filling up again, even with no tasks present to install updates. Any help appreciated.
  5. Hi We are running versions: KSC 10.4.343 Network Agent 10.4.343 KES 10.3.0.6294 When using patch management we are experiencing extreme disk usage. C:\ProgramData\KasperskyLab\adminkit\1093 is using 180GB disk space. D:\KasperskyLab\wsusfiles is using 190+GB disk space. Both are quite a bit above the minimum 100GB recommended disk space. Use administration server as WSUS server = Enabled. Windows Update search mode = Active. There are no old 'install patches & upgrades' tasks in KSC. When starting a new patch install task, e.g. for 34 Security Updates for Microsoft Excel 2010 disk space usage on the KSC server is growing with at least 10GB on both drives. There are no Service Packs among the Security Updates so I find it a bit excessive that disk usage is growing so much. My questions is, how can I clear up old data from C:\ProgramData\KasperskyLab\adminkit\1093 and D:\KasperskyLab\wsusfiles ? Oldest entry in C:\ProgramData\KasperskyLab\adminkit\1093\.working\FTServer is from November 10th 2016. Should these old files not be cleaned up somehow, when they are not needed from existing tasks? Thank you in advance.
  6. What I mean is that the C:\....\adminkit\1093 folder is still at 212,5 GB. We would very much like to reclaim (some of) this space. To my understanding, this folder is used to generate the install packages (of patches) to all clients. If this space is not eventually cleared, then we will not have space for additional packages installations. In other words, if there is not an automatic cleanup process in KSC this folder will just continue to grow forever. I don't believe that is the case, but would like to know if it is possible to trigger this cleanup mechanism. I have already deleted all old install tasks from KSC, but apparently that makes no difference in space usage.
  7. Thank you, but unfortunately that does not solve our problem of excessive disk usage on the C: drive.
  8. I believe you cannot use this feature with a Select agreement. To my knowledge System Management features are only available to KES Advanced and KES Total users.
  9. Thank you, but I did that initially to save space on the C: drive. What I am looking for is a solution that will actually clean up the used disk space. 200GB used on both C: and D: is way too much disk space wasted. Your own recommendations are 'at least 100GB' - in our case almost 400GB are consumed by this feature. That seems a bit excessive and I get the feeling that old patches (that have already been deployed) are still saved on the system. Eventually, this will end up costing Terabytes of disk space if there is no cleanup mechanism. As per your recommendations, I have turned off 'Use KSC as WSUS server', but disk space is not being cleaned up by this. Can I delete the contents of \wsusfiles from D:? How about the \1093 folder on the C: drive, how can I clean that up?
  10. Database size: 3525,0 MB (Size of data: 3248,6 MB, Number of Events: 4888) I have only selected a few applications to be downloaded, mainly Office 2013 & Office 2016, Windows 10 and Windows Server 2016. (see screenshots wsus1-wsus4) However, on the Updates Categories, all categories are selected. (see screenshot wsus5) The way I understand this is that e.g. critical updates are only downloaded for the above applications but is that correct? Languages selected are only Danish and English (US)
  11. By the way, disk space is rapidly filling up. This morning I expanded both drives by 20GB each. Within two hours both drives were full again. C:\....\adminkit\1093 is now 212,5 GB D:\...\wsusfiles is now 218,2 GB Please let me know how I can stop the drives from filling up and how to clean up the folders. We have a limit on how much I am able to expand the drives. Unfortunately, I am now unable to log into KSC because of the low disk space. I have the option to expand a little more, but I am hesitant to do it until I know how to stop the drives from filling up.
  12. Last KLBACKUP size (from yesterday) is 5,52 GB. Can you please tell me where I can check the size of the KAV database?
  13. I can confirm this 'strange behaviour' of tasks. We have a task "Find vulnerabilities and missing patches" running each Wednesday. Run missed tasks is NOT enabled. Expected behaviour: Laptops that are not online on Wednesday will not be scanned by this task until next Wednesday when the task starts again. (Because the task was originally MISSED and we don't have Run missed tasks enabled). What happens: Thursday morning when the laptops come into the office and get in touch with KSC, the task starts, even though the Run missed tasks checkbox is NOT ticked. This might be by design, but I agree with the original poster that the wording of the check boxes could be better, or the explanation in the manual could be rewritten.
  14. You should be able to access the zipped file from this link: https://1drv.ms/u/s!AvUxstTxPeZHgYE5MrWimKYs68wgYw Please let me know if you have any issues getting access to the file.
  15. I have a zipped file now, size 10mb. How would you like to receive the file?
  16. I have disabled everything now (i.e. removed the checkmark from all 'enable' boxes under Endpoint Control and Anti-Virus Protection, I even disabled Self-Defense). It still takes several seconds to open and display a photo. When completely exiting the KES client, Photos displays immediately.
  17. I can confirm this issue. When exiting the KES Client application on the client computer, Photos open and displays the image immediately. When KES Client is running, the Photos application opens but only displays a black (blank) screen for several seconds before the image is displayed. Network Agent: 10.3.407 KES Version: 10.2.5.3201 Client OS: Windows 10 version 1607 (build 14393.693)
  18. sgatke

    Any grace period for key file [Solved]

    Usually there is an end date associated with a license for KES for Business. So, if you purchase a 12 month license, there is a set end date for the license. It starts 'immediately' i.e. not when you start using it. EDIT: Just found one of our license-emails from Kaspersky. Delivery Date 2017-02-13 Delivery method Activation Code (Fixed) Purchase Order XXXXXXXXXXX Expiry Date 2020-03-14 As you can see, this is a 3-year license. It was delivered on February 13th 2017 and expiry date is March 14th 2020. Anyway, the expiry date is fixed and is not dependent on when you actually start using the products. Hope it helps.
  19. Windows Server 2012 R2 KES for Windows Server 10.0.0.486 KSC 10 10.3.407 When looking at task status for any of our servers (Properties - Tasks) the Anti-Cryptor task is not running. I can click the Start button and the task is starting, indicated by 'Running'-label and the blue 'Play'-icon. Now, I wonder if we are not protected against ransomware unless this task is started? Task settings (Policy Properties - Server Control - Anti-Cryptor Settings - Task Management tab) is set to Enable with frequency set to 'At application launch'. I just tested a restart of the server and when the server starts up the Anti-Cryptor task does not start automatically. Did we configure the policy and task settings the wrong way? What are the recommended settings to make sure we are protected against ransomware automatically, even after reboots? If we have to manually start the task after restarting a server, we will probably forget one day :-) Thank you in advance.
  20. Thanks guys, I will try 'locking' the policy - definitely sounds like that could be the issue. I appreciate your advice.
  21. Thank you Nikolay I read the section you indicated, but unfortunately it doesn't really answer my questions: "If malicious activity is detected on a host while the Anti-Cryptor task is running, Kaspersky Security blocks the host's access to network file resources for 30 minutes." Question: If this task is not running, are we not protected against ransomware? "Scheduled task launch. By default, the first run is not scheduled. The Anti-Cryptor task does not run automatically at startup of Kaspersky Security. You can run the task manually or configure a scheduled launch." Question: Based on the above, please let me know what the recommended settings for this task is. Should we set it to start hourly? I am curious as to why there is the option of "Run at application start" if that is not possible by design. If I understand this correctly, this means our servers are vulnerable whenever they have been restarted and until the hourly task starts. Can you confirm this?
  22. Are you sure about that? According to the list from your link: Version 10.2.5.3201: Hardware and Software Requirements Hardware and software requirements for workstations: Microsoft Windows 10 Pro x86 / х64 Microsoft Windows 10 Enterprise x86 / х64 Microsoft Windows 8.1 Pro x86 / х64 Microsoft Windows 8.1 Enterprise x86 / х64 Microsoft Windows 8 Pro x86 / х64 Microsoft Windows 8 Enterprise x86 / х64 Microsoft Windows 7 Professional x86 / х64 SP1 and later Microsoft Windows 7 Enterprise / Ultimate x86 / х64 SP1 and later Microsoft Windows 7 Professional x86 / х64 Microsoft Windows 7 Enterprise / Ultimate x86 / х64 Microsoft Windows Vista x86 / х64 SP2 and later Microsoft Windows XP Professional x86 SP3 and later Microsoft Windows Server 2016 Standard / Essentials х64 Microsoft Windows Server 2012 R2 Foundation / Standard / Essentials х64 (the ReFS file system is supported with limitations, Server Core and Cluster Mode configurations are not supported) Microsoft Windows Server 2012 Foundation / Standard / Essentials х64 (the ReFS file system is supported with limitations, Server Core and Cluster Mode configurations are not supported) Microsoft Small Business Server 2011 Standard х64 Microsoft Windows MultiPoint Server 2011 х64 Microsoft Small Business Server 2008 Standard / Premium x64 Microsoft Windows Server 2008 R2 Foundation / Standard / Enterprise х64 SP1 and later Microsoft Windows Server 2008 Foundation / Standard / Enterprise х86 / х64 SP2 and later Microsoft Windows Server 2003 R2 Standard / Enterprise x86 / x64 SP2 and later Microsoft Windows Server 2003 Standard / Enterprise x86 / x64 SP2
  23. Hi I am seeing errors when trying to fix vulnerabilities with KSC 10. When I try to fix vulnerabilities on a couple of Windows 10 clients (v.1607 x64), I very often get errors like "Updates installed: 0 out of 9". There is not much information available about why this error appears. I have even tried looking at the Event Viewer on the affected clients, but no error messages about what has failed. If I try to manually download the KB-articles from Microsoft Update Catalog and manually run them on the clients, they get installed with no errors. I cannot figure out why this fails using KSC 10. To get the error, I right click on a vulnerability (example: KLA10770) and select Fix Vulnerability --> New Task and go thru the wizard. After task is created I click Start task. After a few minutes the task completes but with the above error. If I manually install the patch in question and runs the "Find Vulnerabilities..." task, the system recognizes that the vulnerability is now fixed. Other machines on the network (Server 2008 R2, Server 2012 and Server 2012R2) installs most patches without errors. Question is, why is this error happening when I try to fix vulnerabilities with KSC? Where can I find additional logs explaining why an update fails? Versions used: KSC 10.3.407 KES 10.2.5.3201 Network Agent 10.3.407
  24. Thank you very much. I installed the patches from https://support.kaspersky.com/13100 during the weekend. This seemed to solve the problems and updates have been installing happily over the weekend. Subject solved for now.
  25. Alright, I now have two GSI reports. How would you like me to upload these files to you?
×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.