Jump to content

mlpotgieter

Members
  • Content Count

    43
  • Joined

  • Last visited

About mlpotgieter

  • Rank
    Candidate
  1. Thanks that article explains the action=N/A issue, but I still do not understand why Kaspersky asks for a user to take action despite the fact that we have set the policy to clean/delete, as per the event in my first post.
  2. This seems to be happening with viruses and trojans detected by file antivirus.
  3. We have a client where we have set the action on the file protection to be disinfect and if disinfection is not possible delete. However when looking at logs the incorrect action seems to be taken: Computer: xxx0115xx Group: xxx0115 Time: 03 October 2010 10:30:08 PM Description: Other important events Severity: Warning Application: Kaspersky Anti-Virus 6.0 for Windows Workstations Version number: 6.0.3.837 Task name: Protection Computer: xxx0115xx Group: xx0115 Time: 03 October 2010 10:32:56 PM Description: Security threats have been detected. You are advised to neutralize them immediately. On admkit report there is also many instances where on virus detection the action is "N/A". Why is there user intervention required? Why does Kaspersky not take action on a virus.
  4. At the moment I have had to turn off Kaspersky all together to avoid getting the blacklist error, otherwise the POS can not be used. I understand that I need to resolve the blacklist issue but the fact that the pop can not be suppressed is a big problem. The OS is actually the standard Windows XP sp2 not any other special version, I just refer to them as POS machines because they are not using a keyboard and mouse only keypad. Anyway... I have logged a call with Kaspersky support and am waiting for them to get back to me.
  5. Great Thanks for all the feedback guys, this is very informative. Its good to know that there are large scale deployments out there. Based on what has been said, the adminkit should handle 6000 clients provided some tuning is done. What about update agents and number of groups. Are any of you running lots of update agents (500) and have lots of groups(550)? I am wondering if this has a performance implication on the Adminkit.
  6. I tried setting the above value, restarted the AV and still getting the pop-ups.
  7. I am now also getting the "not all components were updated" error on more than half of my clients. This seems to be a regular occurrence now and I think it is not acceptable. The Adminkit update process seems to be very fragile. Why is there no error checking? Why is it so often that there are corrupt files? I removed the TEMP and KLShare directory and downloaded ALL the updates fresh and am still getting this error... Maybe because I am using lots of update agents? Kaspersky really need to get a more solid update platform. We have thousands of endpoints and hundreds of update agents so deleting files from each one is not an easy task.
  8. We are using Adminkit 8.0.2090 with lots (4000) of workstation MP3 clients. We would like to disable ALL notifications on some machines. These machines are POS devices and have no keyboard or mouse so when there is a POP-UP there is no way to get ride of it and it interferes with POS application. Under the MP3 policy -> Settings -> Services we have un-checked the "Enable Notifications" check box, however users still get blacklist error when their machine fails to update. Why does this policy setting not take affect? Do I need to do something else. I heard that it is not possible to disable blacklist notification on MP3.. is there any work around to prevent this pop up with MP3?
  9. I had a look through all 4 version 8 AK manuals and could not find a section on tuning for large organisations. The closest thing I found was about the stress testing. Can you please tell me which manual this information is in? I have already switched Network Agent synchronisation to 60 minutes. I also can not find the setting to disable "report installed applications". Where can I find this?
  10. When you say reducing the number of events.. do you mean just clicking on properties and setting individual events to be on the administration server for less days (the default is 180 days)? I have now changed them to 14 days. I also changed under the settings tab "Maximum number of events stored in the database" from 400000 to 100000. Are there any other optimisations you have made? Anything specific to MSSQL?
  11. Our client, a large retail organisation is using Kaspersky. We have two adminkits setup, one with Adminkit 8 on VMWare and one on dedicated hardware running Adminkit6. We would like to move all clients on Adminkit 8 (vmware) to the server with dedicated hardware. Obviously we first need to upgrade the Adminkit to version 8. Before we do all this I would like to find out if the Adminkit will scale to the amount of clients we have. There are about 600 branches, each branch has one server and between 2 and 15 workstations. In total about 5500 clients. At the moment we have about 450 branches on the dedicated hardware and 150 on the VMware server. At the top level we have a group for 5 different regions and then in the regions we have a group for each branch. Each branch group has the relevant server setup as an update agent (ie 450 update agents). We only have one set of policies and tasks at the top level (ie there are not separate policies or tasks for each group). There are about 20 or so group tasks, if that makes a difference. Network agents are configured to check in every 60 minutes and updates run once a day at night. Each branch only has 64kb or 128kb leased line so the links are slow at times. The dedicated server has the following hardware/software. Windows 2k3 server R2 with SQL 2005 (full version). 4 Gigs RAM, 2 X quad core Xeons at 2.33 Ghz. 5 x SAS drives with hardware RAID 5 configuration (2 Terabytes). Two 1Gig network cards bridged for redundancy. This server is not used for any purpose beside Adminkit. We do not have many problems with the adminkits at the moment although they sometimes slow down( ie mmc console is unresponsive) and we have to kill mmc and/or restart adminkit service. Is anyone running similar configuration? I am also logging support call with Kaspersky to get "official" response. Thanks for any feedback.
  12. We are having the exact same problem and have had to reinstall EE on the servers to rectify the problem. Did you find another solution?
  13. I am getting the following error on some machines when they attempt to update: Update error Severity: Error Application: Kaspersky Anti-Virus 6.0 for Windows Workstations Version number: 6.0.3.837 Task name: Update Task Computer: xxx Group: xxx Time: 01 November 2009 11:40:14 PM Description: Update error: Bases are incompatible with application,bases have been rolled back. Has anyone seen this error before and/or can anybody make recommendations to fix this? Thanks
  14. How many sites? How many workstations/servers at each site? What capacity link to the different sites?
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.