Jump to content

spino

Members
  • Content Count

    11
  • Joined

  • Last visited

About spino

  • Rank
    Candidate
  1. hello, we are trying to move the admin kit to a totally new server. The reference documentation clearly states more than once that: "The names of the new and the old SQL server must be the same." It is quite obvious that a new server will have a new name. Since the SQL server is located ON the server itself, it is necessary to overcome the limitation about the SQL server name, that must be different. Is there any tweak or manual operation, one can do to restore the admin kit on a different SQL server? thanks
  2. please bear in mind that I answer with my point of view, which is: everyone of us has a million things to do, and want to use the less time possible to achieve routine tasks. Also, every guideline in "Usability" matters tend toward using the less clicks possible to improve the "user's experience". if something is easy to use, it's liked much more by the users. let's go: > 2. You can view this in the 'Status' column in MMC console. not really. if the pc is switched off or the av service is stopped, even for hours, the status is OK. this is deceiving. after, let's say, one hour or less, the console should tell "AV on this pc is not working". and , more important, "at a glance". no clicks in "properties" tab. it would be enough to change the words in the status column with: "not running", and changing the icon appereance > 3. Antivirus databases version report shows exact database version (number of records). again, it is crucial to have this information "at a glance". no clicks. spare the user to go to see reports for their "bird's eye" activities > 4. You can view this in the 'Number of viruses' column in MMC console. the number in the column does not stand out much. it would be enough to change the words in the status column with: infected, and changing the icon appereance. After all, you already have the "reset virus counter" one click away. > 7. 'Events' node in MMC console contains this information if you configured in policy to store events on the server. 'Virus activity report' contains this information too. you cannot save your filters view in the events node! you dont' want to browse a 2000 lines log to find out information. the very minumum should be to have the chance to filter out the "all-including" log in different ways, and recall them with the less click possible > 8. It is recommended to create group tasks for the tasks that require particular schedule. Group task has one particular schedule. I would like to go in a single place and see all things that were programmed in the whole enterprise, and if some of them failed or not. guess how? with the less click possible > 10. Just enable 'Real time protection' in the 'Predefined tasks' tab in policy and lock this tab. this does not work. if the user is pc's administrator, he can stop the kav service. if the service is stopped, the pc is not protected, no matter if the setup is locked or not. other products have something that re-enables the Av service after a short time, if it is disabled for whatever reason.
  3. I allow you to read further only if you supply us an *estimated* date for MP3 release ;-) notes in very sparse order! in general: reduce the number of clicks to reach a piece of information. ok for using many tabs, but not ok, e.g. to use: tab-choose element-tab-list-details of list element-properties tasks: less clicks to choose what pc are the target view one special group containg all of the pcs view at a glance if the AV is working/alive (by polling it) or not view at a glance the DB and the engine version, not by date, but by a serial number or something the like view at a glance if the pc was infected, not by listing the numbers of viruses view the real time scanning status (now I just scanned this file, now this file, now this file) view the virus history for a pc directly with right click, not by going in the "events" section view the scan history for a pc directly in its tab view the virus history for all pc in specific place view of all schedules in a specific place view of specific history of DB updates /log of activities with kaspersky's servers disable possibilty for pc administrators to disable the av services no comments on distributed servers, located in different networks, becaus I couldn't test them.
  4. > 4) It will be possible to add clients to AdminKit database using IP address of client? We need to think how to resolve issues when IP address of client changes (DHCP) this one sholdn't be a roblem: being a syadmin, you want to install kav on that PC *now*, and *now* you know its IP address. at least, the IP install should be available as "manual" only and not "scheduled". > or many clients have the same IP address (client is behind NAT or proxy server). too tricky this one. I guess that behind nat, the install should be initiated by the client. this with the goal to keep it simple and short. > 5) We'll add command line utility to check correctness of Network Agent connection with the server and to change parameters of co very useful, I like it Tell us if you need such an utility right now. We can upload one I am evaluating the product now, it could help. (let me say, not to criticize but to suggest, that symantec's console is far more user friendly. Also panda's is, but it lacks of options for the scan engine) thanks
  5. solved, but with the following: removed agent enabled netbios rebooted reinstalled agent used IP address for the management server rebooted dns and tcp port were working well before and after the reinstallation. quite tricky if to be done on a production server... anyway, it's done.
  6. hello all, we're using in the internal network some programs that could be classified as "riskware"-hack tools. One of them is the well-known psexec. Our policy is configured not to detect any riskware, but on all out PCs psexec cannot work: it starts, and then we obtain a OS message like: "all pipe instances are busy now" (forgive the tranlsation). this is more a firewall-like message than an AV one... I f we stop the AV service on the PC, then psexec works correctly. Anything is found on PCs AV log. Any clue about how to debug/track the problem? thanks
  7. If you installed network agent on this computer and network agent connected to the server, Admin Kit shows this computer in the 'Unassigned' folder. agent manually installed, computer rebooted, it is not appearing. You can push network agent remotely on the computer using remote deployment task. In the remote deployment task you can provide IP address of the computer even in case it is not registered in the Admin Kit database. I did it. set up a task to deploy the remote agent. run the task. the log for the task is the following: a) with use remote agent to deploy: Remote installation failed on the host: Cannot download the package using network agent because it is not installed on the target host yet. (obviously) with use shared folders to deploy: remote installation failed on the host: The computer seems to be disconnected from the network. (it has no netbios enabled)
  8. To do this just find this computer in the 'Unassigned' folder and drag one to the required administration group. *this* is the problem. the computer is not visible in the microsoft network (it has NO netbios). because of this, the computer is not found by the adminkit. the adminkit is not showing the computer in any group, but the computer is up and running. there should be a method for the human operator to add a specific computer into the database event if the adminkit did not find such computer (as symantec corporate av does)
  9. This message means that either you don't have computer with this IP address in the Administration Server database or you have more than one computer in the database having the same IP. ok, I am sure that all IPs are unique. I am also sure the computer does exist, works and have the netagent installed and runnig. The "discovery" task that the admin server made simply misse dthat computer as it is not netbois enabled. How can I convince the admin server that such IP exists and should be added to the list? Manually editing the DB tables is out of question?
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.